| Can I access Tomcat security role(s) in BIRT? [message #532186] |
Fri, 07 May 2010 13:06 |
 Chris Chubb
Messages: 11
Registered: July 2009 |
Junior Member |
|
|
I have a large number of reports being used by a client's management team to monitor the behavior of sales people. They want to give each salesperson access to a report of just their current account activity. I have set up Tomcat with the accounts and roles that each salesperson needs and each salesperson has their own role. That works fine.
But, in Tomcat, the whole BIRT application looks like it's the same URL with just different parameters, so Tomcat can only apply security to allow or disallow the report engine as a whole.
My question is: How can I give certain security roles access to only certain reports?
I have modified my WEB-INF/web.xml to try various <security-constraint> <url-pattern>s but they don't seem to be applied to the parameters on the string, only the base path, because all of the URLs are variations on " /frameset?__report=gps/Sales_Reports/Trans_by_PLC_Web_Sales_ KM.rptdesign "
So, is there any way inside of BIRT to access what role (or userid) is currently running the report from Tomcat? That would also work with my report to provide security. Maybe I could set a session variable in my index.jsp page and then pick it up in BIRT?
I am at a loss here and my searches don't turn up anything. How would you solve this?
|
|
|
Powered by
FUDForum. Page generated in 0.03519 seconds
] 
Search
Help
Register
Login
Home
