In JReport Server, there are two types of security mechanisms for managing access and visibility of report resources.
One is based on setting attributes of a report to control access and to control visibility of different subsets of data based on user identity. This control is set during the design step, carried forward when published, and handled at runtime without any special administrative action.
The other is based on administrative action in JReport Server to define the access rules for report resources in the runtime environment. This involves registering JReport Server users, and setting permissions on published Report resources.
This section discusses these two mechanisms respectively.