Previous Page Next Page
JReport Server provides a security system that protects the resources on the server from inappropriate access by users. In addition to controlling resource-level access, the security system can control access to certain fields or certain information based on the user's role or group level information.
As an alternative to the built-in security system, an LDAP Server can be used for JReport Security. JReport provides interfaces to synchronize with a variety of LDAP servers as well as directly authenticate to an LDAP directory. Conversely, a Security token can be passed to JReport for authentication. JReport provides an interface for authentication.
The following tasks are covered in this lesson:
To use JReport Server, you must have a user account, which consists of a unique user name and a password. JReport Server verifies your identity when you type your user name and your password and then log on. If your user account has been disabled or deleted, JReport Server prevents you from accessing the web services that JReport Server provides, in order to ensure that only valid users can access the resources that they have permission to see.
JReport Server comes with two built-in user accounts, which are admin and guest. The built-in user accounts cannot be deleted. The admin user account can neither be deleted nor disabled.
To create a user account:
Although it doesn't matter for this lesson, the Publish privilege is an important aspect of user definition. Users can either be granted or denied the ability to publish resources to the JReport Server based on the checkbox.
Users can be grouped. Often a set of users require the same security privileges. That is, everyone in the Sales organization can view the Sales reports. By creating a named group, you can efficiently manage the security of a set of users. This saves a lot of time when setting permissions. By setting permissions to the Sales group you don't need to change anything as users are deleted and added into the sales organization. Roles are very similar to groups, you can assign users to groups and assign groups to roles then apply permission just to the roles.
You can also assign roles to users. Roles help you efficiently manage the user rights and permissions that are required to perform operations on resources. Assigning one or more roles to users gives the users all of the user rights and permissions the roles have to perform their jobs with. A role can also be assigned to other groups or roles, and hence the groups or roles will inherit the resource and folder permissions that the roles have. JReport Server comes with two built-in roles, which are administrators and everyone. The built-in roles cannot be deleted.
JReport Server can record user access and management information in the log files by auditing the user.
To audit the user:
Events are recorded in the log file.
Permissions, associated with resources and folders which locate in the public folders, are the rules that are granted to users, groups, and roles to control their access to resources and folders. The permissions include: Visible, Read, Write, Execute, Edit, Schedule, Delete, Grant, and Update Status.
After you set permissions on a parent folder, new resources and sub folders created in the folder inherit these permissions. If you do not want them to inherit permissions, you can also set their permissions separately.
To set, view, change, or remove resource permissions:
in the Control column of the resource.
To remove resource/folder permissions for all users, groups and roles, uncheck the Enable Setting Permissions option.