Managing dynamic security

Administrators can create dynamic security policies for catalogs published to the server using security files. The security files contain catalog internal security definitions and are generated in JReport Designer (for details, see Exporting catalog security into a security file in the JReport Designer User's Guide).

With dynamic security, administrators can dynamically change the security policy applied to a catalog.

Creating dynamic security

To create a dynamic security policy, take the following steps:

1. Log onto the JReport Administration page.
2. Click Security on the system toolbar and select Data Source from the drop-down menu to display the Dynamic Security panel.
3. In the Dynamic Security panel, click New Dynamic Security on the task bar.
4. In the New Dynamic Security dialog, click the Browse button next to the Catalog text field.
5. In the Select Catalog dialog, browse to the catalog you want to create dynamic security for and click OK.
6. Click the Browse button next to the Security File text field, select the security file based on which the dynamic security for the catalog will be created, then click Open.
7. Click OK in the dialog to create the dynamic security, and it is added to the dynamic security table.
   

One catalog can have several dynamic security policies. In this case, you can specify which one of them will be used as the default dynamic security of the catalog. To do this, click the false link in the Is Default column for the dynamic security.

If you want to remove a dynamic security policy, check it in the dynamic security table, then click the Delete link above the table. You can delete multiple dynamic security policies at a time.

Changing the security file of a dynamic security policy

The security file based on which the dynamic security policy of a catalog is created can be modified. To do this, click the Upload link in the Controls column for the dynamic security, then in the Upload Dynamic Security dialog, select another security file to create the dynamic security for the catalog.

Downloading dynamic security

The dynamic security defined on server can be downloaded to a file. To do this, click the Download link in the Controls column for the dynamic security, in the displayed dialog, click OK to save it. You can then further modify the security definitions in the file according to the format of DynamicSecurity.xsd, which is in <install_root>\help\samples\DynamicSecurity. After editing, you can upload the file to a dynamic security policy to change the security definitions in the policy.

Applying dynamic security

When a catalog is specified with a default dynamic security policy, when running reports, dashboards, or Visual Analysis templates which use the catalog, no matter interactive, on-demand, or scheduled, JReport will always try to load the dynamic security for the catalog before running and try to use the security defined in the security file on which the dynamic security is created to replace the catalog security.

• For business view/business cube/report cube
  For each given principal and business view/business cube/report cube, if there is security definition in the security file, the whole security definition for this principal on this business view/business cube/report cube will be replaced.

  If the security file mentions a business view/business cube/report cube element, but the element is not in the catalog, it will be ignored.

• For security entry
  For a given principal and a security entry, if there is CLS definition in the security file, it will replace the CLS in the catalog security. If there is RLS definition in the file, it will replace the RLS in the catalog security.

If there is no default dynamic security specified for a catalog, the security definitions created in the catalog at design time will be used.