Jump to content
We've recently updated our Privacy Statement, available here ×

  • JasperReports Server Authentication with JBoss SSO

    slwkf1

    By slwkf1

      • Version: v5 Product: JasperReports® Server
     Share

    Configuring JasperReports Server Authentication with JBoss SSO

    These instructions are for versions of JasperReports Server 5.0 and earlier. They will not work for 5.1 and higher.

    This page describes how to configure the J2eePreAuthenticationProvider that comes with Spring Security to allow JasperReports Server to use tokens generated by the JBoss SSO cluster.

    These instructions are for JBoss 5.1.0 GA, the latest supported version of JBoss for JasperReports Server.  For brevity, we assume you've already installed and configured JBoss SSO.  We also assume that the JasperReports Server WAR file has been deployed to the JBoss default configuration (<jboss-home>/server/default/deploy/jasperserver-pro.war/).

    If you're using a different configuration, please adjust the paths below accordingly.  Once JBoss SSO has been configured, the next steps to configure JasperReports Server are:

    1. Create a Tomcat Valve to enable SSO:

      <jboss-home>/server/default/deploy/jbossweb.sar/server.xml

      <valve className="org.apache.catalina.authenticator.SingleSignOn" />

    2. Override the default security domain by adding the following code after the <context-root> tag:

      <jboss-home>/server/default/deploy/jasperserver-pro.war/WEB-INF/jboss-web.xml

      <security-domain>java:jaas/portal</security-domain>

    3. Add a security role to the end of the JasperReports Server web.xml file right before the closing <web-app> tag:

      <jboss-home>/server/default/deploy/jasperserver-pro.war/WEB-INF/web.xml

      <security-role>
    <role-name>User</role-name>
</security-role>
<security-role>
    <role-name>Admin</role-name>
</security-role>
<security-role>
    <role-name>Authenticated</role-name>
</security-role>

    4. Add the J2EE preauthentication filter beans:

      <jboss-home>/server/default/deploy/jasperserver-pro.war/WEB-INF/applicationContext-security.xml

      <bean id="j2eePreAuthFilter" 
      class="org.springframework.security.ui.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="authenticationDetailsSource" ref="authenticationDetailsSource" />
</bean>
 
<bean id="preAuthenticatedAuthenticationProvider" 
      class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
    <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" />
</bean>
 
<bean id="preAuthenticatedUserDetailsService"
      class="org.springframework.security.providers.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService" />
 
<bean id="authenticationDetailsSource"
      class="org.springframework.security.ui.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
    <property name="mappableRolesRetriever" ref="j2eeMappableRolesRetriever" />
    <property name="userRoles2GrantedAuthoritiesMapper" ref="j2eeUserRoles2GrantedAuthoritiesMapper" />
</bean>
 
<bean id="j2eeUserRoles2GrantedAuthoritiesMapper"
      class="org.springframework.security.authoritymapping.SimpleAttributes2GrantedAuthoritiesMapper">
    <property name="convertAttributeToUpperCase" value="false" />
    <property name="attributePrefix" value="" />
</bean>
 
<bean id="j2eeMappableRolesRetriever"
      class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableAttributesRetriever">
    <property name="webXmlInputStream">
        <bean factory-bean="webXmlResource" factory-method="getInputStream" />
    </property>
</bean>
 
<bean id="webXmlResource"
      class="org.springframework.web.context.support.ServletContextResource">
    <constructor-arg ref="servletContext" />
    <constructor-arg value="/WEB-INF/web.xml" />
</bean>
 
<bean id="servletContext"
      class="org.springframework.web.context.support.ServletContextFactoryBean" />

    5. Add the preAuthenticatedAuthenticationProvider bean to the authenticationManager bean (starts at line 11):

      <jboss-home>/server/default/deploy/jasperserver-pro.war/WEB-INF/applicationContext-security.xml

      <bean id="authenticationManager"
      class="org.springframework.security.providers.ProviderManager">
    <property name="providers">
        <list>
            <ref local="preAuthenticatedAuthenticationProvider"/>
            <!-- not on by default <ref local="ldapAuthenticationProvider"/>  -->
            <ref bean="${bean.daoAuthenticationProvider}"/>
            <ref bean="anonymousAuthenticationProvider"/>
            <!--ref local="jaasAuthenticationProvider"/-->
        </list>
    </property>
</bean>

    6. Add the following security constraint:

      <jboss-home>/server/default/deploy/jasperserver-pro.war/WEB-INF/web.xml

      <security-constraint>
    <web-resource-collection>
        <web-resource-name>Authenticated</web-resource-name>
        <description></description>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>Authenticated</role-name>
    </auth-constraint>
</security-constraint>
    7. Restart JBoss
     Share
    Go to entries

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore