Integrate Authentication on Jasper Report Server with LDAP Server

Jasper Report Server offers its own built-in user manangement module, but in case you want to intregate Jasper Server with the LDAP or AD to centralize user management system so you could manage user access control easier. In this case, Jasper Server also provide LDAP integration feature to integrate Jasper Server User Management Module via LDAP such as OpenLDAP or Active Directory. In this tutorial, I will show how to integrate Jasper Server with Open ldap for user authentication.

Table contents

the contents of this post is arranged as below.

  1. Set up ldap connection properties
  2. Copy applicationContext-externalAuth-LDAP.xml to Jasper server's WEB-INF
  3. Configure applicationContext-externalAuth-LDAP.xml
  4. Reference

For my environment set up, I have use below

  1. For Database Server

    • OS - FreeBSD 12
    • Database - PostgreSQL 12

  2. For Jaser Report Server

    • OS - Ubuntu 20.10 LTS
    • OpenJDK 8
    • Wildfly Application Server 10.0.10
    • Jasper Report Server 6.8

  3. For Ldap Server

    • OS - CentOS 6
    • Open LDAP

Please refer below for my deployment

1. Set up ldap connection properties

First, you need to configure connection properties file inside

  1. Stop wildfly application server

    $ sudo sysctemctl stop wildfly
$ sudo systemctl status wildfly
● wildfly.service - The WildFly Application Server
     Loaded: loaded (/etc/systemd/system/wildfly.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Tue 2021-06-15 14:08:44 UTC; 8min ago
    Process: 650 ExecStart=/opt/wildfly/bin/launch.sh $WILDFLY_MODE $WILDFLY_CONFIG $WILDFLY_BIND (code=killed, signal=TERM)
   Main PID: 650 (code=killed, signal=TERM)

Jun 15 13:03:09 srv01 systemd[1]: Started The WildFly Application Server.
Jun 15 13:03:42 srv01 systemd[1]: /etc/systemd/system/wildfly.service:11: PIDFile= references a path below legacy directory /var/run/, updating /var/run/wil>
Jun 15 13:03:43 srv01 systemd[1]: /etc/systemd/system/wildfly.service:11: PIDFile= references a path below legacy directory /var/run/, updating /var/run/wil>
Jun 15 13:03:55 srv01 systemd[1]: /etc/systemd/system/wildfly.service:11: PIDFile= references a path below legacy directory /var/run/, updating /var/run/wil>
Jun 15 13:03:55 srv01 systemd[1]: /etc/systemd/system/wildfly.service:11: PIDFile= references a path below legacy directory /var/run/, updating /var/run/wil>
Jun 15 14:08:43 srv01 systemd[1]: Stopping The WildFly Application Server...
Jun 15 14:08:44 srv01 systemd[1]: wildfly.service: Succeeded.
Jun 15 14:08:44 srv01 systemd[1]: Stopped The WildFly Application Server.

  2. Go to the jasperserver deploy and go to WEB-INF. In this folder, you need to edit js.externalAuth.properties

    $ cd /opt/wildfly/standalone/deployments/jasperserver-ce.war/WEB-INF/
$ sudo vim js.externalAuth.properties

    Edit js.externalAuth.properties as below

    external.ldap.url=ldap://ldaps.tikkwiki.pro:389/dc=itstikk,dc=pro
external.ldap.username=cn=ldapadm,dc=itstikk,dc=pro
external.ldap.password=password

2. Copy applicationContext-externalAuth-LDAP.xml to Jasper server's WEB-IN

Next is to copy applicationContext-externalAuth-LDAP.xml file from install source file to jasperserver deploy's WEBINF folder

$ cd samples/externalAuth-sample-config/
$ sudo cp sample-applicationContext-externalAuth-LDAP.xml /opt/wildfly/standalone/deployments/jasperserver-ce.war/WEB-INF/applicationContext-externalAuth-LDAP.xml
$ sudo vim /opt/wildfly/standalone/deployments/jasperserver-ce.war/WEB-INF/applicationContext-externalAuth-LDAP.xml

In this file you need to change proxyBasicProcessingFilter bean as below. You need to inject ldapAuthenticationManager into proxyBasicProcessingFilter  by using constructor

$ cd /opt/wildfly/standalone/deployments/jasperserver-ce.war/WEB-INF/
$ sudo vim applicationContext-externalAuth-LDAP.xml
<bean id="proxyBasicProcessingFilter"
          class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthBasicProcessingFilter" parent="basicProcessingFilter">
        <!--<property name="authenticationManager" ref="ldapAuthenticationManager"/>-->
        <constructor-arg index="0" ref="ldapAuthenticationManager"/>
        <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/>
</bean>

3. Set up ldap connection properties

Finally, we need to configure applicationContext-externalAuth-LDAP.xml as below.

$ sudo vim applicationContext-externalAuth-LDAP.xml
 99     <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"    >
100         <constructor-arg>
101             <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator">
102                 <constructor-arg><ref bean="ldapContextSource"/></constructor-arg>
103                 <property name="userSearch" ref="userSearch"/>
104             </bean>
105         </constructor-arg>
106         <constructor-arg>
107             <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator">
108                 <constructor-arg index="0"><ref bean="ldapContextSource"/></constructor-arg>
109                 <constructor-arg index="1"><value></value></constructor-arg>
110                 <property name="groupRoleAttribute" value="cn"/>
111                 <property name="groupSearchFilter" value="(member={0})"/>
112                 <property name="searchSubtree" value="true"/>
113                 <!-- Can setup additional external default roles here  <property name="defaultRole" value="LDAP"/> -->
114             </bean>
115         </constructor-arg>
116     </bean>
117
118     <bean id="userSearch"
119           class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch">
120         <constructor-arg index="0">
121             <value>ou=Users</value>
122         </constructor-arg>
123         <constructor-arg index="1">
124             <value>(uid={0})</value>
125         </constructor-arg>
126         <constructor-arg index="2">
127             <ref bean="ldapContextSource" />
128         </constructor-arg>
129         <property name="searchSubtree">
130             <value>true</value>
131         </property>
132     </bean>

Next is to restart Wildfly and try to connect to the jasper server.

$ sudo systemctl start wildfly
$ sudo systemctl status wildfly
● wildfly.service - The WildFly Application Server
     Loaded: loaded (/etc/systemd/system/wildfly.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-06-15 15:13:43 UTC; 7s ago
   Main PID: 12276 (launch.sh)
      Tasks: 83 (limit: 2281)
     Memory: 198.5M
     CGroup: /system.slice/wildfly.service
             ├─12276 /bin/sh /opt/wildfly/bin/launch.sh standalone standalone.xml 0.0.0.0
             ├─12278 /bin/sh /opt/wildfly/bin/standalone.sh -c standalone.xml -b 0.0.0.0
             └─12347 java -D[Standalone] -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.mo>

Jun 15 15:13:43 srv01 systemd[1]: Started The WildFly Application Server.

Please note that my ldap is set up as below.

4. Reference

  1. JasperReports LDAP setting issue after upgrade 7.1 to 7.2
  2. Configuring JasperReports Server for LDAP Authentication
  3. Setup LDAP server and configure a LDAP Realm on WildFly with secured connection

No comments:

Post a Comment

Subscribe to: Posts (Atom)

Feature Recently

Running Wildfly Application Server in Domain Mode

  Wildfly application server provides two modes of how to run application one wildfly application server. It is very simple if you run your ...

Most Views