Not prompting for user/pass at logon

0

Is there any way to pass a Username/Password to JapserServer to remove the need for a user to enter this information manually? Preferably, I would not want to change how these credentials are authenticated - that is already handled properly. I have an application that will open up JasperServer in a browser, and I would like to skip the JasperServer login page.

Is there a way I can pass such credentials through the URL, or is there another way this is generally done.

Thanks in advance for your help.

lamontj's picture
Joined: Feb 14 2008 - 2:12am
Last seen: 11 years 11 months ago

24 Answers:

0

You need a custom Acegi filter for this. I'm attaching a jar containing such a filter (which will be included in JasperServer starting with the next release).

To use it, you have to copy the jar into WEB-INF/lib and edit applicationContext-security.xml to include the filter in the Acegi filter list (notice the bold parts):

Code:
<bean class="org.acegisecurity.util.FilterChainProxy" id="filterChainProxy">
    <property name="filterInvocationDefinitionSource">
        <value>
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
            /xmla=httpSessionContextIntegrationFilter, basicProcessingFilter, JIAuthenticationSynchronizer, anonymousProcessingFilter, basicAuthExceptionTranslationFilter, filterInvocationInterceptor
            /services/**=httpSessionContextIntegrationFilter,portletAuthenticationProcessingFilter,basicProcessingFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,basicAuthExceptionTranslationFilter,filterInvocationInterceptor
                /**=httpSessionContextIntegrationFilter,userPreferencesFilter,authenticationProcessingFilter,userPreferencesFilter,basicProcessingFilter,<b>requestParameterAuthenticationFilter,</b>JIAuthenticationSynchronizer,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter
        </value>
    </property>
</bean>
<bean class="com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter" id="requestParameterAuthenticationFilter">
        <property name="authenticationManager"><ref local="authenticationManager"></ref></property>
        <property name="authenticationFailureUrl"><value>/loginerror.html</value></property>
</bean>

Then, you will be able to do http://.../jasperserver/...&j_username=..&j_password=..

HTH,
Lucian [file name=paramsAuthFilter.jar size=4935]

Post edited by: lucianc, at: 2008/02/28 16:31
Post edited by: lucianc, at: 2008/02/28 16:32

lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0

Hi Lucian,
I copied the jar that you've attached to web-inf/lib folder and modified the applicationContext-security.xml
 

Code:
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
        <value>
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
            /xmla=httpSessionContextIntegrationFilter, basicProcessingFilter, JIAuthenticationSynchronizer, anonymousProcessingFilter, basicAuthExceptionTranslationFilter, filterInvocationInterceptor
            /services
        </value>
    </property>
</bean>

but was confused with the url http://.../jasperserver/...&j_username=..&j_password=..

could understand what to pass after /jasperserver/???
so that j_username and j_password are passed as parameters.

Waiting for you kindest reply,
Thanks,
Sure

sure919's picture
43
Joined: Aug 3 2006 - 3:02pm
Last seen: 11 months 1 day ago
0
You can use any JasperServer URL by appending the j_username and j_password GET parameters. For instance, you could do something like

http://localhost:8080/jasperserver/home.html
?j_username=myuser&j_password=mypassword

or, if you want to launch a report execution

http://localhost:8080/jasperserver/flow.html
?_flowId=viewReportFlow&reportUnit=/reports/myFolder/myReport
&j_username=myuser&j_password=mypassword

HTH,
Lucian

Post edited by: lucianc, at: 2008/03/05 17:57
Post edited by: lucianc, at: 2008/03/05 17:58
lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0

Hi Lucianc,
For the record, I am using JasperServer 2.1 on a windows platform.
And on to the problems: the attached file above is not a jar but a zip when I download it, can I rename it to a jar? Anyway, I did that and dropped it in the following directory: "...\jasperserver-2.1\apache-tomcat\webapps\jasperserver\WEB-INF\lib", but then when I tried to edit the "applicationContext-security.xml", that is located one step up from the above directory, I noticed that the configuration already looked like what you suggested:

Code:
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
        <value>
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
 
            /xmla=httpSessionContextIntegrationFilter, basicProcessingFilter, JIAuthenticationSynchronizer, anonymousProcessingFilter, basicAuthExceptionTranslationFilter, filterInvocationInterceptor
 
            /services/**=httpSessionContextIntegrationFilter, portletAuthenticationProcessingFilter, basicProcessingFilter, JIAuthenticationSynchronizer, anonymousProcessingFilter, basicAuthExceptionTranslationFilter, filterInvocationInterceptor
 
            /**=httpSessionContextIntegrationFilter, userPreferencesFilter, authenticationProcessingFilter,  userPreferencesFilter, basicProcessingFilter, JIAuthenticationSynchronizer, anonymousProcessingFilter, exceptionTranslationFilter, filterInvocationInterceptor, switchUserProcessingFilter
        </value>
    </property>
</bean>

Anyway after restarting the Tomcat server, I try to open the url for the report. If I use:
"...&j_acegi_security_check?&j_username=joeuser&j_password=joeuser" I get a well known "org.acegisecurity.AccessDeniedException: Access is denied" error.
On the other hand if I use:
"...&j_username=joeuser&j_password=joeuser" I end up on the login page.
:(Any suggestions?
Another way of solving this could be using LDAP/windows directory logon, would that allow me to drop the "j_username..." when opening a report URL?
Thanks

ianpottier's picture
Joined: Apr 2 2008 - 8:19pm
Last seen: 11 years 9 months ago
0

ianpottier wrote:


And on to the problems: the attached file above is not a jar but a zip when I download it


I'm not sure why you say that, I downloaded the file and it got saved as paramsAuthFilter.jar.
 

I noticed that the configuration already looked like what you suggested:


Apparently the forums have a problem with code chunks, the XML fragment I posted is not fully displayed. I'm attaching a text file containing the applicationContext-security.xml changes; what needs to be done is to add the requestParameterAuthenticationFilter bean definition, and to insert requestParameterAuthenticationFilter in the filter list for "/**" after basicProcessingFilter.
 

Another way of solving this could be using LDAP/windows directory logon, would that allow me to drop the "j_username..." when opening a report URL?


Adding an LDAP authentication filter would indeed eliminate the need for authenticating via j_username request parameters.

Regards,
Lucian [file name=changes.txt size=1419]
Post edited by: lucianc, at: 2008/04/17 11:22

lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0

Hi Lucian,

The .jar file provided by you here is not getting downloaded as .jar but as .zip file of 80kb size. Can you plz provide it again.
I have attached along the .zip file which which is give as download

Thanks
Ekjot [file name=paramsAuthFilter.zip size=82463]

ekjot.s.arora's picture
Joined: May 12 2008 - 9:51pm
Last seen: 11 years 8 months ago
0
Can you also provide full path for WEB-INF/lib as there are many links for such hierarchy in server and also the path for applicationContext-security.xml which needs to be edited

Thanks
Ekjot
ekjot.s.arora's picture
Joined: May 12 2008 - 9:51pm
Last seen: 11 years 8 months ago
0
Another thing you could try is to call j_acegi_security_check directly.

To get to the main screen by passing the login you can do this:

http://localhost:8080/jasperserver-pro/j_acegi_security_check?j_username...

I have never tried appending flows to this.

HTH
lshannon's picture
500
Joined: Feb 2 2007 - 3:54am
Last seen: 5 years 10 months ago
0
I just tried this and I get a "Invalid Credential" error. Do you need to edit the applicationcontext-security .xml in order for this to work? I would expect not :silly:
ianpottier's picture
Joined: Apr 2 2008 - 8:19pm
Last seen: 11 years 9 months ago
0
Silly question but you did put proper credentials in and didn't use the ones in my example right? :)

Otherwise I don't think you should need to modify anything, this *should* just work.
lshannon's picture
500
Joined: Feb 2 2007 - 3:54am
Last seen: 5 years 10 months ago
0
I am silly sometimes so the question is OK ;)
I used the following link:
http://tv-test-01:8080/jasperserver-pro/j_acegi_security_check?j_usernam...
Should that work out of the box?
ianpottier's picture
Joined: Apr 2 2008 - 8:19pm
Last seen: 11 years 9 months ago
0
Well this works for me, although my JS locally is pretty customized I have a bunch of extra security filters so I may not be the best person to test this for an out of the box perspective.
lshannon's picture
500
Joined: Feb 2 2007 - 3:54am
Last seen: 5 years 10 months ago
0

ekjot.s.arora wrote:


The .jar file provided by you here is not getting downloaded as .jar but as .zip file of 80kb size. Can you plz provide it again.
I have attached along the .zip file which which is give as download


I'm attaching the jar again. I don't know why you get a zip, the download works fine for me. The MD5 hash of the jar is 78580e7fc232a879c06cee0ae1e7d300.

Regards,
Lucian [file name=paramsAuthFilter-c27b55a70f5b7e4cf5e867356cc78005.jar size=4935]

lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0
ekjot.s.arora wrote:
Can you also provide full path for WEB-INF/lib as there are many links for such hierarchy in server and also the path for applicationContext-security.xml which needs to be edited


I'm afraid I can't know the full path of JasperServer on your computer, it depends on how and where you chose to install JasperServer.

In any case, JasperServer is (usually) installed as a Tomcat web application, so if you know the location of Tomcat, the paths you need are $TOMCAT/webapps/jasperserver/WEB-INF/lib and $TOMCAT/webapps/jasperserver/WEB-INF/applicationContext-security.xml.

Regards,
Lucian
lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0
ianpottier wrote:

I used the following link:
http://tv-test-01:8080/jasperserver-pro/j_acegi_security_check?j_usernam...


The URL is wrong, it should be http://tv-test-01:8080/jasperserver-pro/j_acegi_security_check?j_usernam... (two "?" in an URL won't work)

Regards,
Lucian
lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0
You can you the below format for calling your report

format:

http://<jasperservername>:<jasperserverport>/jasperserver/j_acegi_security_check/flow.html?_flowId=viewReportFlow&reportUnit=/<Report_Folder_Path>&<Promt_Name>=<Prompt_Value>&decorate=No&j_username=<Username>&j_password=<Password>

below is the link im using successfully
Example:

http://hydhtc75583:8282/jasperserver/j_acegi_security_check/flow.html?_flowId=viewReportFlow&reportUnit=/Firstreportunit&Employee_sk=910&decorate=No&j_username=jasperadmin&j_password=jasperadmin

Regards
Ekjot
ekjot.s.arora's picture
Joined: May 12 2008 - 9:51pm
Last seen: 11 years 8 months ago
0
hi
i followed the thread,it coplains about swithuser bean not defined.

i removed switchUserProcessingFilter it worked.the problem is now it switches users around.
help please....

is there something wrong i did.
mmutleab's picture
Joined: Mar 23 2007 - 9:14pm
Last seen: 12 years 10 months ago
0
mmutleab wrote:
the problem is now it switches users around.


What does that mean? What exactly is the problem?

What JasperServer version are you using?

Regards,
Lucian
lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0
Hi lucianc,

I have a small problem. I am trying to call a report from a hyperlink in another report. the called hyperlink should first show me the prompt(made from report unit) and then display the report in html accordingly.
now when i used the following link to call it

http://hydhtc74348:8080/jasperserver/j_acegi_security_check/flow.html?_flowId=viewReportFlow&reportUnit=/ODS_Reports/Batchs_Report&decorate=yes&j_username=jasperadmin&j_password=jasperadmin

it works fine, shows the prompt and then on giving input value the report in html. But i dont want to show the default header of jasper server (showing logo of jasper and welcome and menu etc). So i tried putting in decorate=no in the url. but on doing so it does not show anything on screen. Can you suggest some way of doing the above required thing.

I tried another way when i gave decorate=no and also output=pdf, then it showed the required prompt witout all the headers but problem is that output is pdf and i require it in html

Can you plz suggest some solution for the problem

Regards
Ekjot
ekjot.s.arora's picture
Joined: May 12 2008 - 9:51pm
Last seen: 11 years 8 months ago
0
Hi Lucianc,

Just like the previous poster I did everything you outlined in your initial posts, and I still receive a login prompt when I attempt to view a report.

Any suggestions on where to begin to debug the problem?

thanx,
David
dratster's picture
Joined: May 23 2008 - 10:33pm
Last seen: 11 years 8 months ago
0

dratster wrote:


Hi Lucianc,

Just like the previous poster I did everything you outlined in your initial posts, and I still receive a login prompt when I attempt to view a report.

Any suggestions on where to begin to debug the problem?

thanx,
David


You could edit the WEB-INF/log4j.properties file, add the following lines:

Code:
log4j.logger.org.acegisecurity.util.FilterChainProxy=debug
log4j.logger.com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter=debug

and then restart the server, try to access the URL and search the WEB-INF/logs/jasperserver.log file for "RequestParameterAuthenticationFilter". If the filter would work, you would see something like this in the log:

Code:
14:15:36,452 DEBUG FilterChainProxy,http-8080-Processor20:269 - /flow.html?_flowId=repositoryExplorerFlow&showFolder=%2Freports%2Fsamples&j_username=admin&j_password=admin at position 6 of 11 in additional filter chain; firing Filter: 'com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter@15cbf25'
 
14:15:36,525 DEBUG RequestParameterAuthenticationFilter,http-8080-Processor20:91 - User admin authenticated: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@2f1ea051: Username: MetadataUserDetails: admin; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@12afc: RemoteIpAddress: 127.0.0.1; SessionId: 03C3DD01C7E57B421E56839358CFA6BE; Granted Authorities: ROLE_ADMINISTRATOR, ROLE_USER


If you find no occurrence of "RequestParameterAuthenticationFilter" in the log file, it means that you haven't included the filter in your filter chain.

Regards,
Lucian

lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0

ekjot.s.arora wrote:

But i dont want to show the default header of jasper server (showing logo of jasper and welcome and menu etc). So i tried putting in decorate=no in the url. but on doing so it does not show anything on screen.

The "decorate" parameter was not exactly meant to be used like this, however one could say that this is sort of a bug. You can fix it by editing WEB-INF/jsp/ViewReport.jsp and adding the following line in the head section:

Code:
<script language="JavaScript" src="${pageContext.request.contextPath}/scripts/jasperserver.js"></script>

If you think this needs to be fixed in JasperServer, please log a bug [url=http://jasperforge.org/sf/tracker/do/listArtifacts/projects.jasperserver....

Regards,
Lucian

PS: If you have a question that is not related to the original thread topic (Not prompting for user/pass at logon), you should start a new thread.

lucianc's picture
7184
Joined: Jul 17 2006 - 1:10am
Last seen: 1 week 1 day ago
0
thanks a ton.
will keep in mind to start a new thread next time on :)
ekjot.s.arora's picture
Joined: May 12 2008 - 9:51pm
Last seen: 11 years 8 months ago
0

which version of jasper server you are using & make sure that bolded file is added in the applicationContext-security.xml

anaganirakesh's picture
Joined: Jun 13 2012 - 10:30pm
Last seen: 7 years 7 months ago
Feedback
randomness