mboorshtein

Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well. Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following: <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config--> <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/> <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="uid" /> <property name="authenticationManager" ref="preauthenticationManager" /> </bean> <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager"> <constructor-arg name="providers"> <list> <ref bean="preauthAuthProvider"/> </list> </constructor-arg> </bean> <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"> <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property> </bean> </property> </bean></beans>[/code]Replace uid with the name of the header that contains the user's id. NOTE: this only will do SSO and assumes that the user already exists inside of your configuration. If the user doesn't exist I'm sure you'll get an error. Also, make sure that your accounts are NOT marked as external.

Ok, so after digging through the code and a considerable amount of trial and error I have a configuration that works with the standard spring header filter (I assume it would work with the j2ee filter as well. Create WEB-INF/applicationContext-externalAuth-preauth.xml with the following: <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config--> <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/> <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="uid" /> <property name="authenticationManager" ref="preauthenticationManager" /> </bean> <bean id="preauthenticationManager" class="org.springframework.security.authentication.ProviderManager"> <constructor-arg name="providers"> <list> <ref bean="preauthAuthProvider"/> </list> </constructor-arg> </bean> <bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"> <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService"><ref bean="${bean.internalUserAuthorityService}"/></property> </bean> </property> </bean></beans>[/code]Replace uid with the name of the header that contains the user's id. NOTE: this only will do SSO and assumes that the user already exists inside of your configuration. If the user doesn't exist I'm sure you'll get an error. Also, make sure that your accounts are NOT marked as external.

I installed JasperServer Community on JBoss EAP 6.3. After logging in I get the following exception: 08:42:52,628 INFO [stdout] (http-/192.168.122.203:8080-4) java.lang.IllegalArgumentException: An id is required to lookup a FlowDefinition 08:42:52,629 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.util.Assert.hasText(Assert.java:162) 08:42:52,630 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl.getFlowDefinition(FlowDefinitionRegistryImpl.java:56) 08:42:52,630 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:138) 08:42:52,631 INFO [stdout] (http-/192.168.122.203:8080-4) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 08:42:52,631 INFO [stdout] (http-/192.168.122.203:8080-4) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 08:42:52,632 INFO [stdout] (http-/192.168.122.203:8080-4) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 08:42:52,632 INFO [stdout] (http-/192.168.122.203:8080-4) at java.lang.reflect.Method.invoke(Method.java:606) 08:42:52,633 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) 08:42:52,633 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) 08:42:52,634 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) 08:42:52,635 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64) 08:42:52,636 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) 08:42:52,636 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) 08:42:52,637 INFO [stdout] (http-/192.168.122.203:8080-4) at com.sun.proxy.$Proxy84.launchExecution(Unknown Source) 08:42:52,637 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193) 08:42:52,637 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174) 08:42:52,638 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) 08:42:52,638 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) 08:42:52,639 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:851) 08:42:52,639 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953) 08:42:52,640 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:844) 08:42:52,640 INFO [stdout] (http-/192.168.122.203:8080-4) at javax.servlet.http.HttpServlet.service(HttpServlet.java:734) 08:42:52,641 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:829) 08:42:52,641 INFO [stdout] (http-/192.168.122.203:8080-4) at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) 08:42:52,642 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) 08:42:52,642 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,642 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.StaticFilesCacheControlFilter.doFilter(StaticFilesCacheControlFilter.java:163) 08:42:52,643 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) 08:42:52,644 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,644 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) 08:42:52,645 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.security.IPadSupportFilter.doFilter(IPadSupportFilter.java:67) 08:42:52,645 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,646 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.common.JSSwitchUserProcessingFilter.doFilter(JSSwitchUserProcessingFilter.java:157) 08:42:52,646 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,646 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118) 08:42:52,647 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) 08:42:52,647 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,648 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) 08:42:52,648 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,649 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,649 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,649 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) 08:42:52,650 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,651 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:143) 08:42:52,651 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,652 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter.doFilter(RequestParameterAuthenticationFilter.java:99) 08:42:52,652 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,652 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,653 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,653 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) 08:42:52,654 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,654 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:210) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,655 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.NullFilter.doFilter(NullFilter.java:43) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:210) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,656 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.logging.filter.BasicLoggingFilter.doFilter(BasicLoggingFilter.java:53) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.security.JSCsrfGuardFilter.doFilter(JSCsrfGuardFilter.java:83) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.security.WebAppSecurityFilter.doFilter(WebAppSecurityFilter.java:80) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,657 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.MultipartRequestWrapperFilter.doFilter(MultipartRequestWrapperFilter.java:95) 08:42:52,658 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,658 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.NullFilter.doFilter(NullFilter.java:43) 08:42:52,658 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,658 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,658 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,659 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.api.security.encryption.EncryptionFilter.doFilter(EncryptionFilter.java:150) 08:42:52,659 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,659 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) 08:42:52,659 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 08:42:52,659 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,660 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.util.SessionDecoratorFilter.doFilter(SessionDecoratorFilter.java:63) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:67) 08:42:52,661 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 08:42:52,663 INFO [stdout] (http-/192.168.122.203:8080-4) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 08:42:52,663 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) 08:42:52,665 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,665 INFO [stdout] (http-/192.168.122.203:8080-4) at com.jaspersoft.jasperserver.war.P3PFilter.doFilter(P3PFilter.java:43) 08:42:52,665 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) 08:42:52,666 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) 08:42:52,667 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) 08:42:52,668 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) 08:42:52,668 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) 08:42:52,669 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) 08:42:52,669 INFO [stdout] (http-/192.168.122.203:8080-4) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) 08:42:52,669 INFO [stdout] (http-/192.168.122.203:8080-4) at java.lang.Thread.run(Thread.java:745) The only other references I could find to this were from RedHat virtualization and SSO, but I haven't setup SSO. Thanks Marc

The administration guide (https://community.jaspersoft.com/documentation/tibco-jasperreports-server-administrator-guide/v601/overview-security) mentions that "Container security (Tomcat, Jetty)" is supported but the authentication cookbook makes no mention of this (or siteminder which is also mentioned in the administration guide). I also can't find a wiki page on this. Are there any instructions on how to enable Jasper to use getUserPrincipal? Thanks Marc

Thank you for the response, however I don't know how you can call a 141 line xml file with few comments AND having to write multiple java classes to trust a header (or getUserPrincipal) "simple". I'll try tackling this but "simple" isn't the word I'd use. I read the authentication "cookbook" as well, I didn't find it that much more useful to be honest. Thanks Marc

I am trying to deploy a 5.1 Jasper CP with an SSO system that generates a header that I want jasper to blindly accept. I want to use all of the internal users and roles, i just want to externalize authentication. In previous versions I configured the RequestHeaderPreAuthenticatedProcessingFilter from Spring, but the examples don't have this anymore. Any help would be greatly appreciated. Thanks Marc

I followed the instructions on http://community.jaspersoft.com/wiki/configuring-jasperreports-server-sso-using-ldap-using-http-headers to setup SSO with LDAP, however I'm not getting logged in. My steps were: 1. Configure LDAP authentication - I was able to successfully login to jasper using a user in my LDAP directory 2. Followed the instructions above (http://community.jaspersoft.com/wiki/configuring-jasperreports-server-sso-using-ldap-using-http-headers) 3. When I try logging in without the header, I get a 500 error saying the header can't be found. When I login with the header, nothing happens. I'm redirected to /login.html. My LDAP server is never contacted. The only thing I see in the logs is: ****************************************************** Owasp.CsrfGuard Properties** Logger: com.jaspersoft.jasperserver.api.security.JSCsrfLogger* NewTokenLandingPage: /jasperserver/login.html* PRNG: SHA1PRNG* SessionKey: JASPER_CSRF_SESSION_KEY* TokenLength: 96* TokenName: JASPER_CSRF_TOKEN* Ajax: true* Rotate: true* TokenPerPage: true* Action: org.owasp.csrfguard.action.Rotate* Action: org.owasp.csrfguard.action.Redirect* Parameter: Page = /jasperserver/login.html* Action: org.owasp.csrfguard.action.Log* Parameter: Message = potential cross-site request forgery (CSRF) attack thwarted (user:%user%, ip:%remote_ip%, uri:%request_uri%, error:%exception_message%)*****************************************************Tomcat 6, JDK 1.6 Here's my ldap config in applicationContext-security.xml: . . . CN=TremoloUser,CN=LdapUsers,XXXXXXXXXXXXXXXXXX XXXXXXXXXXXX class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> (uid={0}) true cn (&(uniqueMember={0})(objectclass=groupofuniquenames)) true cn true here's my applicationContext-security-web.xml: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /xmla=httpSessionContextIntegrationFilter,${bean.loggingFilter},${bean.basicProcessingFilter},JIAuthenticationSynchronizer,anonymousProcessingFilter,basicAuthExceptionTranslationFilter,filterInvocationInterceptor /services/**=httpSessionContextIntegrationFilter,${bean.loggingFilter},${bean.portletAuthenticationProcessingFilter},${bean.basicProcessingFilter},${bean.passwordExpirationProcessingFilter},JIAuthenticationSynchronizer,anonymousProcessingFilter,wsBasicAuthExceptionTranslationFilter,filterInvocationInterceptor /rest/login=httpSessionContextIntegrationFilter,${bean.loggingFilter},encryptionFilter,restLoginAuthenticationFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor /rest/**=httpSessionContextIntegrationFilter,${bean.loggingFilter},${bean.portletAuthenticationProcessingFilter},${bean.basicProcessingFilter},${bean.passwordExpirationProcessingFilter},JIAuthenticationSynchronizer,anonymousProcessingFilter,wsBasicAuthExceptionTranslationFilter,filterInvocationInterceptor /**=httpSessionContextIntegrationFilter,encryptionFilter,multipartRequestWrapperFilter,webAppSecurityFilter,jsCsrfGuardFilter,${bean.loggingFilter},${bean.userPreferencesFilter},${bean.authenticationProcessingFilter},${bean.userPreferencesFilter},${bean.basicProcessingFilter},requestParameterAuthenticationFilter,requestAuthFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter,iPadSupportFilter Any help would be appreciated. ThanksMarc