Token based authnetication session - groovy security check

[msiljegovicgmail.com]

Hi all,

I'm using token based authentication to login to jasper server. In token I'm sending profile data (example: profAttrr1=234,456,211, profAttr2=897,209,546). 

I succesufully log in, I can see that profile data is assigned to user as super admin on other browser.

From other side, Im using security file on domain data, and checking(with groovy) if data in certain table columns contains 'ids' from profile attrributes values(profAttr1, proffAttr2).

groovy('authentication.getPrincipal() .getAttributes() .find{ it.attrName == "profileAttrib1" } .attrValue.split(",") .collect{"''" + it + "''"} .join(",") .replaceFirst("^''","") .replaceFirst("''$","")')

Problem is that when user first time log in into the system, and wants to create ad hoc view from created domain he got the following error  java.lang.NullPointerException: Cannot get property 'attrValue' on null object. It means that groovy cannot see data in profile attributes during the first log in! If I logout and then login same user again, everything works fine, probably beacuse there is already some profile data for user.

It seems that problem is with session that is opened with token authentication? Anyone can explain this?

Thanks in advance

[jgulik]

We had a security file doing a similar thing for version 5.5.  We are working on upgrading to 6.2 and I have seen the same issue.  The following appears to work for 6.2:

groovy('attributesService.getAttribute(*YOURATTRNAME*,null).attrValue')

I got this from http://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v62/creating-domain-security-file