Hey Guys, Thanks for all the help, but in the end I "hacked" the xml files in the WEB-INF folder. Here's what I did: The Problem The problem I was confronted with was a huge one. On a project I was working on we were asked if we could alter the JasperServer default role permissions to such an extent that we could tell that certain customers on our JasperServer could add all of the resources that an administrator can. After searching the net endlessly we were at the point of giving up, but then out of blue we were given a hint. This hint was the succesfull one. check the above post and on stackoverflow The Solution The solution is one were the JasperServer XML files need to be altered/changed. I was already in the process of scouring all of the XML files, but to find the right one proved to be a challenge. The XML file you need to alter is located in the WEB-INF folder of the JasperServer installation directory. On my machine it was this one: C:Program Filesjasperreports-server-cp-4.5.0-2apache-tomcatwebappsjasperserverWEB-INF The file you need is this one: actionModel-search.xml WARNING: don’t forget to first make a backup of the original. You don’t want to start all over again if things go wong! The Explanation First things first, install the JasperServer. I have tested this only on a community version of JasperServer. So I guess if this works on a community version, it’ll also work on the paying supported version. After the installation go to your JasperReports homepage and login with the following credentials: URL: http://localhost:8080/jasperserver User: jasperadmin Password: jasperadmin Note that this is only a test setup on a virtual machine. If you intend to do this on a production server, change the password of the jasperadmin user for security reasons. As soon as you are logged in go and create a new user. 1. Click on “Manage” 2. Click on “Users” 3. Click on “Add User” a. Give a user name b. Give a password 4. Click on “Add User” Now that the user is made, you can go ahead and make a new role. To do this follow these steps: 1. Click on “Manage” 2. Click on “Roles” 3. Click on “Add Role” 4. Fill in the Role Name 5. Click on “Add Role” Write down the newly created role name, because this is the role we are going to use to “hack” the XML to our needs. To add users to the role do the following: 1. Click on the role you just created 2. Click on “Edit” 3. Select the users that need the new role. 4. Click on “Save”. The next thing you need to do is to give the role read + write + delete permissions on the folder. 1. Right click on a folder 2. Click on “Permissions” 3. Select read + write + delete next to the role that needs this access Now you’re all set and ready to go “hack” your way into the XML file. Open up the actionModel-search.xml file. Don’t forget the take a copy of the file first! At the start of the xml file look for a line of code that looks like the one below. <condition test="checkAuthenticationRoles" testArgs="ROLE_USER,ROLE_ADMINISTRATOR"> This is the first line you need to alter. Add your role to the testArgs section. Make sure that all of the roles are separated by a comma. Ex. <condition test="checkAuthenticationRoles" testArgs="ROLE_USER,ROLE_ADMINISTRATOR, USER_RESOURCES"> On the next condition line make the same change. Save the file. For the changes to be made current, you need to restart the JasperServer. On windows systems you can go to To Stop: All Programs => JasperReports Server … => Start Or Stop Services => Stop Service To Start: All Programs => JasperReports Server … => Start Or Stop Services => Start Service Now login with the user that you created and right click on the folder with the right permissions. Now you can add all of the resources that an administrator can add. If you want you can play a little around with the XML file to further change the behavior. For example: you have a client that is prohibited to add images the jasper reports. In that case you can alter the XML like the following. Place a condition test around this code: <option labelKey="resourceTypes.image" action="invokeCreate" actionArgs="FileResource@@img" className="up"/> To look like this code: <condition test=checkAuthenticationRoles” testArgs=”ROLE_ADMINISTRATOR”> <option labelKey="resourceTypes.image" action="invokeCreate" actionArgs="FileResource@@img" className="up"/></condition> This way, only an administrator can add images to the folder. Voila, you are all set to go and play around with your copy of JasperReports Server. Have Fun! Post Edited by pintebr at 04/26/2012 12:43