Upgrading custom external authentication to 5.1 does not work.

Table of Contents 


When upgrading a custom external authentication implementation to JasperReports Server v5.1 or higher, users get the following error on the login screen:

"Invalid credentials supplied.
Could not login to JasperReports Server. "

Custom authentication prior to JasperReports Server v5.1 uses the JIAuthenticationSynchronizer filter to create an external user in the JasperReports Server database after successful authentication. In JasperReports Server v5.1, this functionality was moved to the authenticationProcessingFilter.onSuccessfulAuthentication method.

In addition, for JasperReports Server v5.1 professional versions only, LdapExternalUserProcessor was removed by accident. It was restored in JasperReports Server v5.2.


Add the JIAuthenticationSynchronizer filter to the /** chain in applicationContext-security-web.xml:

  1. Open the applicationContext-security-web.xml file for editing.
  2. Locate the /** filter in the filterChainProxy bean.
  3. In JasperReports Server v5.2, insert JIAuthenticationSynchronizer after delegatingRequestParameterAuthenticationFilter in v5.2 (in v5.1, insert JIAuthenticationSynchronizer after requestParameterAuthenticationFilter):
    <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
      <property name="filterInvocationDefinitionSource">

Additional Step for LDAP only

  1. For custom authentication against LDAP in JasperReports Server v5.1 professional editions, you need to add the com.jaspersoft.jasperserver.multipleTenancy.ldap.LdapExternalUserProcessor class to ji-multi-tenancy.jar. This class is present in JasperReports Server v5.2.

Warning: JIAuthenticationSynchronizer was removed due to bugs related to that part of the code. Therefore it is no longer officially supported, and bugs will not be fixed. For example, in JRS 4.7 and later, it is not possible to assign ROLE_ADMINISTRATOR to an external user using this configuration.