mark.richardson

Thanks, elizam. Yes, I have reviewed row security implementation. I keep coming back to the fact that in the particular SAAS application we have to work with, security is based on a 3 query union based on a logged in user id. It appears that I can get to the user id from either calculated fields or within domain security, but not within a query as we can do within JRXML-based topics.

Has anyone creating Domain calculated fields successfully used groovy to access an individual attribute from the LoggedInUserAttribute collection that is available when developing Jaspersoft Studio JRXML reports? In JRXML we reference $P{LoggedInUserAttribute_UserId} in a complex query for row-level application authentication - this value is different from groovy('authentication.principal.username') and is perhaps defined in a user profile on the server. The definition from the documentation is: " LoggedInUserAttribute_<attribute name> String Attribute value for matched attribute name (like "att1") on the user. Empty string if no match. Only provided if defined in a query or as a report parameter. ..." In a test case the attributes name and values collections printed from a JRXML report is as follows: LoggedInUserAttributeNames: [userID, IsTMUser, EmployeeID, ...] LoggedInUserAttributeValues: [1000016, 1, 5690, ...] The above can be easily done via topics created via JRXML - I am interested in knowing whether it can be done in DomEL as well.

Background: We are utilizing a SAAS solution which includes the JasperReports Server. Since we are one of many clients using the SAAS product, we are limited in our ability to make changes at the server level. We have been using Jaspersoft Studio for the past several months, building JRXML report files and uploading them to the report server. We have been performing security validation by doing lookups of the value of the parameter LoggedInUserAttribute_UserId against application tables. We now wish to build server-level Domains and allow Ad Hoc reporting against those domains, but must retain the capability of determining the logged in user ID and doing row-level security in the domain query. I have found quite a number of articles and Q&As related to Domains but have not yet found an explanation of how to access the equivalent of LoggedInUserAttribute_UserId at the domain query level. It is not a Domain access security issue, but a row-level security issue based on the content of non-JasperReports tables. Can anyone describe the method by which we can accomplish this? Thank you.