bruno.fs.antunes

When modifying adding user profile attribute during authentication on JasperReports Server 6.1.1 i am getting an error wiyj "org.springframework.security.access.AccessDeniedException: Access is denied". This a a problem similar to one reported for Custom Authentication - Access Denied Exception on putProfileAttribute I have found on JasperReports Server 6.1.1 various security definitions to restrict access to profile attributes methods One on bean "profileAttributeServiceMethodSecurityInterceptor" defined on file applicationContext.xml; that comes from previous version, and suspecting that is not being used on current version.Another in beans "profileAttributeServiceInterceptorNamesSecured" and "profileAttributesServiceServiceMethodSecurityInterceptor", this ones are being used on current version; defined on file applicationContext-security.xmlConfiguration for "profileAttributeServiceMethodSecurityInterceptor" should probably be removed from JasperReports Server 6 configuration

I am oberving on JasperReports Server 6.0.* (possible also on 6.1.*; but not tested) that when using Row-Level Security; that contraints are being appled not only on domain queries (as expected) but also to queries on input controls. Is there any way to configure Row-Level Security Constraints to only be applied to domain queries, excluding use for example on Input Controls ? Reference Documentation Row-Level Security http://community.jaspersoft.com/documentation/tibco-jasperreports-server-user-guide/v60/row-level-security

I am ffacing some problems on JasperReports Server 5.5 with Oracle Database when creating/using crosstab AdHoc Views. Adding a measure field to a crosstab column will result in a ORA-00979: not a GROUP BY expression. Jasper is performing a select for all displayable fields for the adoc report view; with a group by expression on chosen row/columns fields; with results in the ORA-00979. This same type of reports works with no problems on JasperReports Server 4.7.1 also connected to Oracle Database Test Case 1) Create a a simple domain referencing one or twa tables with some relation betwwen them 2) Create and Ad Hoc view, using that domain, using the two tables and crosstab type 3) Add measure filed to group column 4) Change on added field measure "Summary Function" from "Count All" to "Disinct Count", the error will happen

I have extactly the same problem on JasperReports Server 5.5; and followed with sucess the indicated procedures to allow it. In order to not mess up with Jasper configurations i have overrided property value on referenced beans adding configuration to a custom configuration file named "applicationContext-security-custom.xml" Option 1For Community Edition Add ROLE_ADMINISTRATOR for property "defaultInternalRoles" on bean "userAuthorityService" <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdater"> <property name="definition"> <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdaterDefinition"> <property name="order" value="10"/> <property name="beanName" value="userAuthorityService"/> <property name="propertyName" value="defaultInternalRoles"/> <property name="operation" value="set"/> </bean> </property> <property name="value"> <list> <value>ROLE_USER</value> <value>ROLE_ADMINISTRATOR</value> <list> </property> <property name="valueType" value="stringList"/> </bean>[/code]On Pro Edition Add ROLE_ADMINISTRATOR for property "defaultInternalRoles" on bean "mtUserAuthorityServiceTarget" <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdater"> <property name="definition"> <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdaterDefinition"> <property name="order" value="10"/> <property name="beanName" value="mtUserAuthorityServiceTarget"/> <property name="propertyName" value="defaultInternalRoles"/> <property name="operation" value="set"/> </bean> </property> <property name="value"> <list> <value>ROLE_USER</value> <value>ROLE_ADMINISTRATOR</value> <list> </property> <property name="valueType" value="stringList"/> </bean>[/code]Option 2Adding ROLE_USER on bean "profileAttributeServiceMethodSecurityInterceptor" for property "objectDefinitionSource". Or derefining <?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd"> <!-- allow creating new profile attributes from users --> <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdater"> <property name="definition"> <bean class="com.jaspersoft.jasperserver.api.common.util.spring.GenericBeanUpdaterDefinition"> <property name="order" value="10"/> <property name="beanName" value="profileAttributeServiceMethodSecurityInterceptor"/> <property name="propertyName" value="objectDefinitionSource"/> <property name="operation" value="set"/> </bean> </property> <property name="value" value="com.jaspersoft.jasperserver.api.metadata.user.service.ProfileAttributeService.putProfileAttribute=ROLE_ADMINISTRATOR,ROLE_SUPERUSER,ROLE_USER"/> <property name="valueType" value="string"/> </bean></beans>[/code]regards, -- Bruno Antunes

Whats the difference between release 5.5.0 and 5.5.0a regards, -- Bruno Antunes

I have faced a simuliar problem. In order to workaround i have opened the export zip file and removed all users references from file index.xml, and removed the users folder Using the new export (without exported users i am hable to perform the import. Jasper Reports Server : 5.5.0 Build: 20131024_0554 Java: Oracle Jave SE 7 Update 55 Application Server: Oracle WebLogic Server 10.3.6 -- Bruno Antunes

Are there any sample configuration in order to integrate JasperReports Server 5.5 in order to use standard Java EE Security implemented by by the Java Web /Containner where JasperReports is deployed ? In reference documentation i can only find some samples for using external ldap, database and CAS. A standard Java EE Security sample would be usefull, and alo Configuration for usinj JAAS (Java Authentication and Authorization Service) Reference Documention JasperReports Server Authentication Cookbook http://community.jaspersoft.com/documentation/jasperreports-server-authentication-cookbook/introduction best regards, -- Bruno Antunes