The Market Leader in Open Source Business Intelligence
Developers
Demo | Try Now | OEM Licensing
JasperSoft Solutions for Developers

Technology Highlight: Acegi Security

Built-in and Extensible Security.

JasperServer uses the Spring sub-project, Acegi Security, for authentication and authorization. By default, user names and passwords are stored in the JasperSoft metadata repository and use form-based authentication. With the Acegi Security framework, you can instead plug into your existing security services without changing your environment or requiring extensive development effort.

Acegi supports all these technologies*:

Authentication Mechanism

Notes
  • HTTP BASIC authentication headers  

An IEFT RFC-based standard
  • HTTP Digest authentication headers

An IEFT RFC-based standard
  • HTTP X.509 client certificate exchange

An IEFT RFC-based standard
  • LDAP

A very common approach to cross-platform authentication needs, especially in large environments
  • Form-based authentication

For simple user interface needs
  • Computer Associates Siteminder
  
  • JA-SIG Central Authentication Service

Otherwise known as CAS, which is a popular open source single sign on system
  • Transparent authentication context propagation for Remote Method Invocation (RMI) and HttpInvoker

HttpInvoker is a Spring remoting protocol
  • Automatic "remember-me" authentication

Allows you to tick a box to avoid re-authentication for a predetermined period of time
  • Anonymous authentication

Allows every call to automatically assume a particular security identity
  • Run-as authentication

Useful if one call should proceed with a different security identity
  • Java Authentication and Authorization Service (JAAS)
  
  • Container integration with JBoss, Jetty, Resin and Tomcat

So you can still use Container Manager Authentication if desired
  • Your own authentication systems

For legacy and other systems that don't follow any particular security standards. In this case, Acegi Security is an open platform and it is quite simple to write your own authentication mechanism

* Source: Acegi Security Reference Documentation v.1.0.4

"Prior to Jaspersoft4Salesforce we had to run several reports, download them to Excel and then modify them to meet our needs. It took one person at each of our eleven campuses several hours to complete each week. Now we just run the report in less than a minute. It has provided tremendous time and resource savings to the college." - Heald College
 
 
Jas-per (noun)
1. A variety of quartz with the brilliance of a precious jewel like a crystal. Said to provide stability, security, balance.
2. World's leading commercial open source business intelligence solutions for developers and businesses.
OUR PRODUCTS
JasperServer | JasperAnalysis | iReport | Jasper4Salesforce | JasperETL | JasperReports
Copyright © 2000-2008 Jaspersoft Corporation > Contact Us | CompanyCommunity | Legal Notices | Privacy Statement | Site Map
TRUST e