JReport Server's web pages are built to work with an existing web application. In particular, it is possible to set up the web server so that a user of the web site can login to an existing web application and have that login grant them access to JReport web pages. This is called the Single Sign On feature.
This is done by developers implementing the class defined by the JReport Server Java interface HttpExternalAuthorized and telling JReport Server to use that implementation.
The implementation can be aware of the application's technique for managing login state in the servlet session. This code can tell JReport Server which user is logged in. The implementation can redirect the user to the application's login workflow if the request is not from a logged in user.
This system gives the user one spot in the application to login. A successful login there will allow the user to run JReport Server web pages without doing another login dialog.
JReport Server is told to use the local implementation of ExternalAuthorized in two ways.
The system property jrs.httpExternalAuthorized is used to hold the name of the class that implements HttpExternalAuthorized.
If the name of the class is SheldonsHttpExternalAuthorized.java, then change the script file that starts up JReport Server to include
the parameter string: -Djrs.httpExternalAuthorized=SheldonsHttpExternalAuthorized
.
The Java API class HttpUserSessionManager has a method for setting the ExternalAuthrized object that JReport Server uses.
If the name of the package is com.mycorp.myHttpExternalAuthorized, then in a JSP page, connect to JReport Server, then pass an instance of the class object for myHttpExtneralAuthorized as the parameter in the method HttpUserSessonManager.setHttpExternalAuthorized().
<%@ page import="com.example.MyHttpExternalAuthorized" %> // initialize and connect to JReport Server initEnv(System.getProoperties()); HttpRptServer httpRptServer = HttpUtil.getHttpRptServer(request); // set the HttpExternalAuthorized object used by JReport Server httpRptServer.getHttpUserSessionManager().setHttpExternalAutorized(new myHttpExternalAuthorized()); |
There are examples of implementations of the ExternalAuthorized Java interface in the sample source files that come with JReport Server. Look in the folder <install_root>\help\samples\APISecurity\SingleSignOn
. Read the comments in the source code for more information about Single Sign On and how the Java interface is used.
samples\APISecurity\SingleSignOn\CustomHttpExternalAuthorized.java
samples\APISecurity\SingleSignOn\com\example\MyExternalAuthorized.java
In that same SingleSignOn folder are several JSP pages that can be placed into the public_html\jinfonet folder and run as web applications to exercise and demonstrate how Single Sign On works. The file customIndex.jsp is the entry point page. It has comments inside it on how to run the demonstration.
Notes: