| Controlling user access to web reports [message #987868] |
Wed, 28 November 2012 08:00  |
 Sapphie Missing name
Messages: 21
Registered: October 2010 |
Junior Member |
|
|
I need to make sure that only certain users are able to view our BIRT reports via the web viewer. I have successfully implemented NTLM authentication against our domain as described in
https://sites.google.com/site/dynamicdatamining/birt/birt-viewer-security
That will allow anyone on our domain to access the reports. I want to restrict it to just a few.
Ideally I would furnish Tomcat with a set of usernames *and* then authenticate via NTLM but i don't think I can do that.
I do not want to add a new AD group for BIRT, so am thinking of performing the restriction within the report itself. The above link suggests a way to get the logged in username via an Initialize function but how do I make use of that?
I am thinking that I should put some code in beforeFactory that checks the passed username value against a list and either goes on to display the report OR outputs a message saying the user is not authorised.
However, I am clueless on how to achieve this or even if there is a better was of doing this?
Any help would be appreciated.
Thanks
Lee
|
|
|
|
|
| Re: Controlling user access to web reports [message #989816 is a reply to message #989765] |
Fri, 07 December 2012 19:43  |
|
Not show/hide. Actually drop the elements. You should be able to create a dataSet in your report that checks your user. Then, you could use the data engine api to check the results of the dataSet, in your beforeFactory. If the user doesn't check out, you can drop all of the tables in the report so that none of the datasets even run and show an error label. You could also just connect to your db in script and check for the username without the data engine api.
Regards,
Michael Williams
BIRT Exchange
Michael's BIRT Blog
|
|
|
|
|
|
| Re: Controlling user access to web reports [message #990254 is a reply to message #987868] |
Tue, 11 December 2012 10:44 |
Sapphie Missing name
Messages: 21
Registered: October 2010 |
Junior Member |
|
|
This seems to work but I wondered if there was a more generic way?
var request = reportContext.getHttpServletRequest();
if (request!=null) {
if (request.getServerName() == '127.0.0.1')
{
// This is running locally so can we assume from the report designer?
// Do valid stuff when run locally
}
else
{
// do stuff when run remotely
}
}
Though, of course, the above could also apply when running the report via the web viewer when logged in to the server.
Lee
[Updated on: Tue, 11 December 2012 10:53] Report message to a moderator |
|
|
|
Powered by
FUDForum. Page generated in 0.01699 seconds
] 
Search
Help
Register
Login
Home
Glad you got it going!