nirav.gshah Posted February 23, 2018 Share Posted February 23, 2018 2018-02-23 16:17:26,341 WARN JSCommonController,http-nio-8080-exec-7:256 - Could not find class com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthProperties bean in the context (using default). Check that external authentication context xml is in the path.2018-02-23 16:17:26,357 INFO CsrfGuard,http-nio-8080-exec-5:39 - CsrfGuard analyzing request /jasperserver-pro/login.html2018-02-23 16:17:26,358 WARN JSCommonController,http-nio-8080-exec-5:256 - Could not find class com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthProperties bean in the context (using default). Check that external authentication context xml is in the path.2018-02-23 16:17:26,707 INFO CsrfGuard,http-nio-8080-exec-8:39 - CsrfGuard analyzing request /jasperserver-pro/JavaScriptServlet2018-02-23 16:17:26,831 INFO CsrfGuard,http-nio-8080-exec-4:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/bundles/AttributeBundle2018-02-23 16:17:26,837 INFO CsrfGuard,http-nio-8080-exec-6:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/bundles/CommonBundle2018-02-23 16:17:26,840 INFO CsrfGuard,http-nio-8080-exec-10:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/settings/dateTimeSettings2018-02-23 16:17:32,953 WARN MTDaoAuthenticationProvider,http-nio-8080-exec-2:75 - User not found with username "464641" in tenant organization_12018-02-23 16:17:32,982 INFO CsrfGuard,http-nio-8080-exec-9:39 - CsrfGuard analyzing request /jasperserver-pro/login.html2018-02-23 16:17:32,983 WARN JSCommonController,http-nio-8080-exec-9:256 - Could not find class com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthProperties bean in the context (using default). Check that external authentication context xml is in the path.2018-02-23 16:17:33,251 INFO CsrfGuard,http-nio-8080-exec-1:39 - CsrfGuard analyzing request /jasperserver-pro/JavaScriptServlet2018-02-23 16:17:34,369 INFO CsrfGuard,http-nio-8080-exec-3:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/bundles/AttributeBundle2018-02-23 16:17:34,371 INFO CsrfGuard,http-nio-8080-exec-5:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/settings/dateTimeSettings2018-02-23 16:17:34,372 INFO CsrfGuard,http-nio-8080-exec-7:39 - CsrfGuard analyzing request /jasperserver-pro/runtime/342A8B8C/rest_v2/bundles/CommonBundle[/code]My Config File for Single Organisation<!-- ~ Copyright © 2005 - 2014 TIBCO Software Inc. All rights reserved. ~ http://www.jaspersoft.com. ~ Licensed under commercial Jaspersoft Subscription License Agreement --><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- ############ LDAP authentication ############ - Sample configuration of external authentication via an external LDAP server. --> <bean id="proxyAuthenticationProcessingFilter" class="com.jaspersoft.jasperserver.api.security.EncryptionAuthenticationProcessingFilter" parent="mtAuthenticationProcessingFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> </bean> <bean id="proxyAuthenticationSoapProcessingFilter" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTDefaultAuthenticationSoapProcessingFilter"> <property name="authenticationManager" ref="ldapAuthenticationManager"/> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> <property name="filterProcessesUrl" value="/services"/> </bean> <bean id="proxyAuthenticationRestProcessingFilter" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTDefaultAuthenticationRestProcessingFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> <property name="filterProcessesUrl" value="/rest/login"/> </bean> <bean id="proxyRequestParameterAuthenticationFilter" class="com.jaspersoft.jasperserver.war.util.ExternalRequestParameterAuthenticationFilter" parent="requestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="externalAuthSuccessHandler" class="com.jaspersoft.jasperserver.api.security.externalAuth.JrsExternalAuthenticationSuccessHandler" parent="successHandler"> <property name="externalDataSynchronizer"> <ref local="externalDataSynchronizer"/> </property> </bean> <bean id="proxyBasicProcessingFilter" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTExternalAuthBasicProcessingFilter" parent="mtBasicProcessingFilter"> <property name="authenticationManager" ref="ldapAuthenticationManager"/> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="ldapAuthenticationManager" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.JSProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <!--anonymousAuthenticationProvider only needed if filterInvocationInterceptor.alwaysReauthenticate is set to true <ref bean="anonymousAuthenticationProvider"/>--> </list> </property> </bean> <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>CN=ROLE_ADMINISTRATOR</value></constructor-arg> <property name="groupRoleAttribute"> <value>CN</value></property> <property name="groupSearchFilter"> <value></value></property> <property name="searchSubtree"> <value>true</value></property> <property name="defaultRole"> <value></value></property> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean> <bean id="userSearch" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>CN=ROLE_ADMINISTRATOR</value> </constructor-arg> <constructor-arg index="1"> <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://TDCUADUAT15:389/DC=ultimatixuat,DC=net" /> <!-- manager user name and password (may not be needed) --> <property name="userDn"><value></value></property> <property name="password"><value></value></property> <property name="referral" value="follow"/> </bean> <!-- ############ LDAP authentication ############ --> <!-- ############ JRS Synchronizer ############ --> <bean id="externalDataSynchronizer" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.MTExternalDataSynchronizerImpl"> <property name="externalUserProcessors"> <list> <ref local="ldapExternalTenantProcessor"/> <ref local="mtExternalUserSetupProcessor"/> <!-- Example processor for creating user folder--> <!--<ref local="externalUserFolderProcessor"/>--> </list> </property> </bean> <bean id="abstractExternalProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.AbstractExternalUserProcessor" abstract="true"> <property name="repositoryService" ref="${bean.repositoryService}"/> <property name="userAuthorityService" ref="${bean.userAuthorityService}"/> <property name="tenantService" ref="${bean.tenantService}"/> <property name="profileAttributeService" ref="profileAttributeService"/> <property name="objectPermissionService" ref="objectPermissionService"/> </bean> <!-- Multi-tenant configuration. For a JRS deployment with multiple organizations, modify this bean to set up your organizations. For single-organization deployments, comment this out and uncomment the version below. --> <!-- <bean id="ldapExternalTenantProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.ldap.LdapExternalTenantProcessor" parent="abstractExternalProcessor"> <property name="ldapContextSource" ref="ldapContextSource"/> <property name="multiTenancyService"><ref bean="internalMultiTenancyService"/></property> <property name="excludeRootDn" value="false"/> <!--only following LDAP attributes will be used in creation of organization hierarchy. Eg. cn=Smith,ou=Developement,o=Jaspersoft will produce tanant Development as child of tenant Jaspersoft (if excludeRootDn=false) as child of default tenant organization_1 <property name="organizationRDNs"> <list> <value>dc</value> <value>c</value> <value>o</value> <value>ou</value> <value>st</value> </list> </property> <property name="rootOrganizationId" value="organization_1"/> <property name="tenantIdNotSupportedSymbols" value="#{configurationBean.tenantIdNotSupportedSymbols}"/> <!-- User credentials are setup in js.externalAuth.properties <property name="externalTenantSetupUsers"> <list> <bean class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.MTAbstractExternalProcessor.ExternalTenantSetupUser"> <property name="username" value="${new.tenant.user.name.1}"/> <property name="fullName" value="${new.tenant.user.fullname.1}"/> <property name="password" value="${new.tenant.user.password.1}"/> <property name="emailAddress" value="${new.tenant.user.email.1}"/> <property name="roleSet"> <set> <value>ROLE_ADMINISTRATOR</value> <value>ROLE_USER</value> </set> </property> </bean> </list> </property> </bean> --> <!-- Single tenant configuration. For a JRS deployment with a single organization, uncomment this bean and configure it to set up your organization. Comment out the multi-tenant version of ldapExternalTenantProcessor above --> <bean id="ldapExternalTenantProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.ldap.LdapExternalTenantProcessor" parent="abstractExternalProcessor"> <property name="ldapContextSource" ref="ldapContextSource"/> <property name="multiTenancyService"><ref bean="internalMultiTenancyService"/></property> <property name="excludeRootDn" value="true"/> <property name="defaultOrganization" value="organization_1"/> </bean>--> <bean id="mtExternalUserSetupProcessor" class="com.jaspersoft.jasperserver.multipleTenancy.security.externalAuth.processors.MTExternalUserSetupProcessor" parent="abstractExternalProcessor"> <!--Default permitted role characters; others are removed. Change regular expression to allow other chars. <property name="permittedExternalRoleNameRegex" value="[A-Za-z0-9_]+"/>--> <property name="userAuthorityService"> <ref bean="${bean.internalUserAuthorityService}"/> </property> <property name="defaultInternalRoles"> <list> <value>ROLE_ADMINISTRATOR</value> </list> </property> <property name="organizationRoleMap"> <map> <!-- Example of mapping customer roles to JRS roles --> <entry> <key> <value>ROLE_ADMIN_EXTERNAL_ORGANIZATION</value> </key> <!-- JRS role that the <key> external role is mapped to--> <value>ROLE_ADMINISTRATOR</value> </entry> </map> </property> </bean> <!-- EXAMPLE Processor <bean id="externalUserFolderProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserFolderProcessor" parent="abstractExternalProcessor"> <property name="repositoryService" ref="${bean.unsecureRepositoryService}"/> </bean> --> <!-- ############ JRS Synchronizer ############ --></beans>[/code] Link to comment Share on other sites More sharing options...
nirav.gshah Posted March 11, 2018 Author Share Posted March 11, 2018 issue resolved, in active directory use Samaaccountname and proper filters as code is java based Link to comment Share on other sites More sharing options...
nirav.gshah Posted March 29, 2018 Author Share Posted March 29, 2018 Hi All, Have solved the same using some organisation specfic standards.This are the places we need to change to have Active Directory Configured <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://IP/hostname/DC=as shown in Jexplorere,DC=s shown in Jexplorere"/> <!-- manager user name and password (may not be needed) --> <property name="userDn" value="userid@domain"/> <property name="password" value="SECRET"/> </bean> class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=applicable</value> </constructor-arg> <constructor-arg index="1"> For active directory <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>AS Applicable</value></constructor-arg> <property name="groupRoleAttribute"><value>CN</value></property> <!--property name="groupSearchFilter"><value>((member={1})(CN=*))</value></property--> <property name="searchSubtree"><value>true</value></property> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean> Link to comment Share on other sites More sharing options...
nirav.gshah Posted March 29, 2018 Author Share Posted March 29, 2018 Hi All,Have solved the same using some organisation specfic standards.This are the places we need to change to have Active Directory Configured <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://IP/hostname/DC=as shown in Jexplorere,DC=s shown in Jexplorere"/> <!-- manager user name and password (may not be needed) --> <property name="userDn" value="userid@domain"/> <property name="password" value="SECRET"/> </bean>[/code] class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=applicable</value> </constructor-arg> <constructor-arg index="1"> For active directory <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean>[/code]<bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>AS Applicable</value></constructor-arg> <property name="groupRoleAttribute"><value>CN</value></property> <!--property name="groupSearchFilter"><value>((member={1})(CN=*))</value></property--> <property name="searchSubtree"><value>true</value></property> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean>[/code] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now