Trying to research whether JasperServer can provide the Identity Management capabilities I need. I do not have an LDAP server to test this against (there are multiple groups testing Jasper, but I'm apparently the only one concerned wth Security, so I can't just go and have this server changed for LDAP -- yet).
We have an eval copy of Jasper Enterprise, and I like AND need the ability to create Organizations and Administrative users at that Organization level (so customers can admin their own people). But I also need to be able to set password complexity rules, enforce that passwords can't be changed multiple times in a single day, remember the previous 7 passwords, etc. Not sure if the built in Security can provide this, so figuring I may need to look at tying into LDAP.
But looking at examples/documentation, I get the feeling that creating users in that LDAP needs to be done externally from Jasper. Is that true?
Yes, if you enable LDAP authentication you can still create local JasperReports Server users, and your superuser/administrator accounts are still valid. See the linked article above -- to enable LDAP authentication, you uncomment a bean in a security file. If the user is not find in the LDAP hierarchy, then the security process looks for a local user (unless you comment out the bean that does that part).
Your LDAP users need to be created in your LDAP tool.
If you get this working I hope you'll write about your experience so we have more documentation!