Hello,
I have searched the forum on help for the above problem and despite coming across many posts with different suggestions, I still cannot by-pass the authentication so seeking help.
I am using jasperserver 3.0.0 with the ireport plugin v 3.0.0.
We have reports that generate pdf's and stored in a repository called: ContentFiles
The url to access an example report is:
http://myserver:8080/jasperserver/fileview/fileview/ContentFiles/pdf/uk4...
I wish to bypass the login authentication for viewing reports and have made the following changes with no sucess:
1. Assigned ROLE_ANONYMOUS read permissions in the folder ContentFiles and pdf from the gui
2. Edited applicationContent-security.xml as follows:
edit 1:
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
.......
.......
/flow.html=ROLE_USER,ROLE_ANONYMOUS
/viewreport.html=ROLE_USER,ROLE_ANONYMOUS
/fillparams.html=ROLE_USER,ROLE_ANONYMOUS
/fileview/**=ROLE_USER,ROLE_ANONYMOUS
/reportimage/**=ROLE_USER,ROLE_ADMINISTRATOR
edit 2:
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key"><value>foobar</value></property>
<!-- <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property> -->
<property name="userAttribute"><value>anonymousUser,ROLE_USER</value></property>
</bean>
edit 3:
<bean id="flowVoter" class="com.jaspersoft.jasperserver.war.security.FlowRoleAccessVoter">
<property name="flowAccessAttribute" value="FLOW_ACCESS"/>
<property name="flowDefinitionSource">
<value>
*=ROLE_USER,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS
</value>
Is there anything that I am missing?
Can anyone offer any suggestions?
Thanks.
Tam
6 Answers:
I have not used the internals of JasperServer in this way, so can't offer direct advice on that. But I've used the SOAP API a fair bit and it works very well indeed. If you get stuck on this question, you could always implement an interface in a web language of your choice, which will of course generate your reports with as much or as little authentication as you want.
Hopefully this will work for you. All I did was:
(1) Login as admin. Assign "read only" privileges to ROLE_ANONYMOUS to the appropriate files/folders.
(2) Edit applicationContent-security.xml:
Add following line to <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> section:
/fileview/personalfolders/demo/**=ROLE_ANONYMOUS
(3) Restart JasperServer.
(4) Try the url. In my case, it was: http://localhost:8080/jasperserver-pro/fileview/fileview/PersonalFolders....
Good luck!
Mary
mmflynn
Wrote:
|
(1) Login as admin. Assign "read only" privileges to ROLE_ANONYMOUS to the appropriate files/folders. (2) Edit applicationContent-security.xml: Add following line to <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> section: /fileview/personalfolders/demo/**=ROLE_ANONYMOUS (4) Try the url. In my case, it was: http://localhost:8080/jasperserver-pro/fileview/fileview/PersonalFolders.... |
Thanks for your reply.
However, this did not work and jasper filed to start.
(1) I can see from the admin view that I have the following folders: root -> content files -> pdf.
I am not sure if content files existed by default or created by the admin user
(2) You have PersonalFolders in your URL but personalfolders in your xml file.
Is this just a typo? I am sure I tried it with both anyway.
(3) I have the read only permissions on the folder.
(4) I tried editing the xml file above with keeping /fileview/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMINISTRATOR
and adding /fileview/ContentFiles/pdf/**=ROLE_ANONYMOUS and just the /fileview/ContentFiles/pdf/**=ROLE_ANONYMOUS line on it's own, both with no sucess. Jasper does not start for some reason and the logs do not seem to give much away.
No longer valid for latest jasper report..
This one works though : https://community.jaspersoft.com/wiki/allow-anonymous-access-reports
