singhdevin66
Members-
Posts
6 -
Joined
-
Last visited
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
singhdevin66's Achievements
-
hELLO, AFTER UPGRADING TO JRS VERSION 9.0 MY SINGLE SIGN ON FUNCTION BROKE, I PASTED MY CURRENT CUSTOMIZATION FILE pplicationContext-externalAuth-LDAP-MT.XML Can someone help me EDITING BELOW file so it can work with version 9.0 ??????????// parent="mtAuthenticationProcessingFilter"> <property name="authenticationManager"> <ref bean="ldapAuthenticationManager"/> </property> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> </bean> <bean id="proxyAuthenticationRestProcessingFilter" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTDefaultAuthenticationRestProcessingFilter"> <property name="authenticationManager"> <ref bean="ldapAuthenticationManager"/> </property> <property name="authenticationFailureHandler"> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.RestAuthenticationFailureHandler"/> </property> <property name="authenticationSuccessHandler"> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.RestAuthenticationSuccessHandler"> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> </property> <property name="rememberMeServices"> <bean class="org.springframework.security.web.authentication.NullRememberMeServices" /> </property> <property name="filterProcessesUrl" value="/rest_v2/login"/> </bean> <bean id="proxyRequestParameterAuthenticationFilter" class="com.jaspersoft.jasperserver.war.util.ExternalRequestParameterAuthenticationFilter" parent="requestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref bean="ldapAuthenticationManager"/> </property> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="proxyRestRequestParameterAuthenticationFilter" class="com.jaspersoft.jasperserver.war.util.ExternalRequestParameterAuthenticationFilter" parent="restRequestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref bean="ldapAuthenticationManager"/> </property> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> --> <!-- marker disabling JIAuthenticationSynchronizer: pre-5.1 external auth config--> <alias name="${bean.authenticationProcessingFilter}" alias="proxyAuthenticationProcessingFilter"/> <!-- This filter will be added to the wildcard filter chain to intercept the request headers and pass them to the authentication manager. It is proxied onto the filter chain using the cas single sign out delegate and proxy hence the bean id below is required to get the filter on the filter chain at that position without modify applicationContext-security-web.xml and putting it on the filter chain manually. With the bean id below that is not required. It will automatically be placed on the filter chain with this id--> <bean id="proxyPreAuthenticatedProcessingFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="USER_EMAIL_ADDRESS"/> <!-- <property name="principalRequestHeader" value="Osso-User-Dn"/>--> <property name="authenticationManager" ref="ldapAuthenticationManager"/> <property name="exceptionIfHeaderMissing" value="false"/> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> </bean> <bean id="externalAuthSuccessHandler" class="com.jaspersoft.jasperserver.api.security.externalAuth.JrsExternalAuthenticationSuccessHandler" parent="successHandler"> <property name="externalDataSynchronizer"> <ref bean="externalDataSynchronizer"/> </property> </bean> <!-- <bean id="proxyBasicProcessingFilter" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTExternalAuthBasicProcessingFilter" parent="mtBasicProcessingFilter"> <constructor-arg index="0"><ref bean="ldapAuthenticationManager"/></constructor-arg> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> --> <bean id="ldapAuthenticationManager" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.JSProviderManager"> <constructor-arg index="0"> <list> <ref bean="preAuthProvider"/> <!-- <ref bean="ldapAuthenticationProvider"/>--> <ref bean="${bean.daoAuthenticationProvider}"/> <!--anonymousAuthenticationProvider only needed if filterInvocationInterceptor.alwaysReauthenticate is set to true <ref bean="anonymousAuthenticationProvider"/>--> </list> </constructor-arg> </bean> <!-- This pre-authentication header will handle LDAP authentication using a request header --> <bean id="preAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService"><ref bean="wrappedUserDetailsService"/></property> <property name="throwExceptionWhenTokenRejected" value="false"/> </bean> <!-- This wrapped user details service is used by the preauth provider defined above and provides a hook into the LdapUserDetails Service --> <bean id="wrappedUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService"><ref bean="ldapUserDetailsService"/></property> </bean> <!-- This LdapUserDetailsService creates UserDetails objects using the userSearch and ldapAuthoritiesPopulator beans --> <bean id="ldapUserDetailsService" class="org.springframework.security.ldap.userdetails.LdapUserDetailsService"> <constructor-arg index="0"> <ref bean="userSearch" /> </constructor-arg> <constructor-arg index="1"> <ref bean="ldapAuthPopulator" /> </constructor-arg> </bean> <!-- This authorities populator bean retrieves roles automatically from the LDAP server --> <bean id="ldapAuthPopulator" class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"> <ref bean="ldapContextSource" /> </constructor-arg> <constructor-arg index="1"> <value>cn=groups,cn=piy</value> </constructor-arg> <property name="groupRoleAttribute"> <value>cn</value> </property> <property name="groupSearchFilter"> <!--<value>(&(uniqueMember={0})(|(cn=BIT_IT_*)(cn=*_RPT)))</value>--> <value>(&(uniqueMember={0})(|(cn=OPS_*)(cn=*_RPT)(cn=COP_*)(cn=Presentation*)))</value> <!--<value>(&(cn=BIT_*)(uniqueMember={0}))</value>--> <!--<value> (&(uniqueMember={0})(cn=BI_ACCESS_ALL))</value>--> <!--<value>(&(objectClass=groupOfUniqueNames)(uniquemember=cn={0})(|(cn=BI_IT_*)(cn=BI_*)(cn=XMLP_*)(cn=*_RPT)(cn=Presentation*)))"</value>--> </property> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref bean="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref bean="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>cn=groups,cn=XXX</value></constructor-arg> <property name="groupRoleAttribute" value="cn"/> <property name="groupSearchFilter" value="(&(uniquemember=cn={0})(|(cn=APPS_*)(cn=*_COMP)(cn=APP2_*)(cn=Presentation*)))"/> <property name="searchSubtree" value="true"/> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean> <bean id="userSearch" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>cn=users,cn=PUY</value> </constructor-arg> <constructor-arg index="1"> <value>(cn={0})</value> <!--<value>({0})</value>--> </constructor-arg> <constructor-arg index="2"> <ref bean="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldaps://hostname:1636/dc=org,dc=abc" /> <property name="userDn"><value>cn=xxxxxxx,cn=xxxx,dc=xxx,dc=xxx</value></property> <property name="password"><value>password</value></property> <property name="referral"><value>follow</value></property> </bean> <!-- ############ LDAP authentication ############ --> <!-- ############ JRS Synchronizer ############ --> <bean id="externalDataSynchronizer" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTExternalDataSynchronizerImpl"> <property name="externalUserProcessors"> <list> <ref bean="ldapExternalTenantProcessor"/> <ref bean="mtExternalUserSetupProcessor"/> <!-- Example processor for creating user folder--> <!--<ref bean="externalUserFolderProcessor"/>--> </list> </property> </bean> <bean id="abstractExternalProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.AbstractExternalUserProcessor" abstract="true"> <property name="repositoryService" ref="${bean.repositoryService}"/> <property name="userAuthorityService" ref="${bean.userAuthorityService}"/> <property name="tenantService" ref="${bean.tenantService}"/> <property name="profileAttributeService" ref="profileAttributeService"/> <property name="objectPermissionService" ref="objectPermissionService"/> </bean> <!-- Multi-tenant configuration. For a JRS deployment with multiple organizations, modify this bean to set up your organizations. For single-organization deployments, comment this out and uncomment the version below. --> <!-- <bean id="ldapExternalTenantProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.ldap.LdapExternalTenantProcessor" parent="abstractExternalProcessor"> <property name="ldapContextSource" ref="ldapContextSource"/> <property name="multiTenancyService"><ref bean="internalMultiTenancyService"/></property> <property name="excludeRootDn" value="false"/> --> <!--only following LDAP attributes will be used in creation of organization hierarchy. Eg. cn=Smith,ou=Developement,o=Jaspersoft will produce tanant Development as child of tenant Jaspersoft (if excludeRootDn=false) as child of default tenant organization_1--> <!-- <property name="organizationRDNs"> <list> <value>dc</value> <value>c</value> <value>o</value> <value>ou</value> <value>st</value> </list> </property> <property name="rootOrganizationId" value="organization_1"/> <property name="tenantIdNotSupportedSymbols" value="#{configurationBean.tenantIdNotSupportedSymbols}"/> --> <!-- User credentials are setup in js.externalAuth.properties--> <!-- <property name="externalTenantSetupUsers"> <list> <bean class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.MTAbstractExternalProcessor.ExternalTenantSetupUser"> <property name="username" value="${new.tenant.user.name.1}"/> <property name="fullName" value="${new.tenant.user.fullname.1}"/> <property name="password" value="${new.tenant.user.password.1}"/> <property name="emailAddress" value="${new.tenant.user.email.1}"/> <property name="roleSet"> <set> <value>ROLE_ADMINISTRATOR</value> <value>ROLE_USER</value> </set> </property> </bean> </list> </property> </bean> --> <!-- Single tenant configuration. For a JRS deployment with a single organization, uncomment this bean and configure it to set up your organization. Comment out the multi-tenant version of ldapExternalTenantProcessor above --> <bean id="ldapExternalTenantProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.ldap.LdapExternalTenantProcessor" parent="abstractExternalProcessor"> <property name="ldapContextSource" ref="ldapContextSource"/> <property name="multiTenancyService"><ref bean="internalMultiTenancyService"/></property> <property name="excludeRootDn" value="true"/> <property name="defaultOrganization" value="organization_1"/> </bean> <bean id="mtExternalUserSetupProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.MTExternalUserSetupProcessor" parent="abstractExternalProcessor"> <!--Default permitted role characters; others are removed. Change regular expression to allow other chars. <property name="permittedExternalRoleNameRegex" value="[A-Za-z0-9_]+"/>--> <property name="userAuthorityService"> <ref bean="${bean.internalUserAuthorityService}"/> </property> <property name="defaultInternalRoles"> <list> <value>ROLE_USER</value> </list> </property> <property name="organizationRoleMap"> <map> <!-- Example of mapping customer roles to JRS roles --> <entry> <key> <value>ROLE_APPSTEAM_ADMINISTRATOR</value> </key> <!-- JRS role that the <key> external role is mapped to--> <value>ROLE_ADMINISTRATOR</value> </entry> </map> </property> </bean> <!-- EXAMPLE Processor <bean id="externalUserFolderProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserFolderProcessor" parent="abstractExternalProcessor"> <property name="repositoryService" ref="${bean.unsecureRepositoryService}"/> </bean> --> <!-- ############ JRS Synchronizer ############ --> </beans>
-
- customization
- authentication
-
(and 2 more)
Tagged with:
-
SecureExceptionHandlerImpl /WEB-INF/decorators/ problems
singhdevin66 replied to villavicar's topic in Products
This is the SOLUTION ------------------------> https://community.jaspersoft.com/wiki/bug-alert-apache-tomcat-9067 -
SecureExceptionHandlerImpl /WEB-INF/decorators/ problems
singhdevin66 replied to villavicar's topic in Products
This is the solution --------> https://community.jaspersoft.com/wiki/bug-alert-apache-tomcat-9067 -
We used below settings for our JASPER 6.4 and 7.1 for SSO Header based authentication but we moving to Jasper 7.5 and It is not working anymore, do you know what changes can we make in this below one to make it work with Jasper 7.5 ? https://community.jaspersoft.com/wiki/configuring-ldap-using-http-headers-tibco-jasperreports-server-60-sso-framework
- 8 comments
-
- ldap
- authentication
- (and 4 more)
-
We have used the same instructions above when we set up our JASPER 6.4 with SSO ( 99 % same instructions above, except some environmet related changes ) BUT now we have to upgrade to jasper 7.5 and when we brought the ldap-mt.xml file from old to new JASPER 7.5 and SSO and LDAP is no more working. Does anyone know the changes we need to make to JASPER 7.5 ? Any pointers will be appreciated. Thanks in advance