passing user name/login to report

I'd like some suggestions about passing user name/login to report.

Our code currently uses SSO by passing an encrypted cookie, which is then read by class SimpleSecurityAdapter which extends LocalSecurityAdapter, and this all works fine. Now we need to pass the username to the reports so that the username can be incorporated into the SQL queries. Inside the SimpleSecurityAdapter, I am reading the username and putting that into the session object. I'm unsure how the reports can read the session object and get the username from the session object. ? Or is there a better way of passing the username to the reports so that the username can be incorporated into the SQL query.

I have tried using the below devshare post. If I try to get the username using this method:

http://www.birt-exchange.org/org/devshare/designing-birt-reports/122-filter-birt-jdbc-query/

The username comes out as "anonymous".

Any comments, tips, recommendations would be appreciated.

Thanks,
A.C.

Find more posts tagged with

Comments

JasonW

A.C.

You can get session values in the BIRT event scripts like:

var mysessionvariable = reportContext.getHttpServletRequest().getSession().getAttribute("myvar");

Jason

chavez_ant

<blockquote class='ipsBlockquote' data-author="'JasonW'" data-cid="82820" data-time="1316101415" data-date="15 September 2011 - 08:43 AM">
A.C. 
 
You can get session values in the BIRT event scripts like: 
 
var mysessionvariable = reportContext.getHttpServletRequest().getSession().getAttribute("myvar"); 
 
Jason </blockquote>
 
Thanks! That got me going in the right direction, and was able to pick up the info required in the report.

chavez_ant

I ran into an issue related to this. Here's an example, for the situation where reports are set up as described in the original post: if you log onto the web app as "user1" and run a report, the user info passes in as normal. Then if one logs off and back on as "user2", the report still receives the "user2" info.

We're extending the "LocalSecurityAdapter", for our user validation, thinking that this class would be accessed every time a report is run. It turns out it's only being accessed the first time reports are accessed and keeps the session info until timeout or the browser is closed. Are there any recommendations for another class we should extend instead that'll check for every time a report is run?

rmurphy

As you have found, the security adapter will only be called once per session. If you need something called for each request, you could implement a servlet filter to pass everything through.

Rob

chavez_ant

Thanks for your response! Doing a check of documentation and of the "integrating and extending BIRT" book, I didn't see any info on servlet filters for BIRT. Can you point me to where there is more details on this?

chavez_ant

Here's another thought... would it be a good alternate solution be to set up the following: when user clicks 'sign off' in our web application, the application sends a command to end the reports session. If so, what'd be the best method to do so?

rmurphy

A servlet filter isn't anything to do with BIRT, but rather a standard Java web app filtering mechanism. The filter would be called before any servlet you have it mapped to.

Regarding logging of from your app and ending the session in Actuate could be as easy as forwarding a request to a JSP page in Actuate that calls session.invalidate() and then redirect back to your app using response.redirect("http://youapplication/").

chavez_ant

<blockquote class='ipsBlockquote' data-author="'rmurphy'" data-cid="83116" data-time="1316614877" data-date="21 September 2011 - 07:21 AM">
A servlet filter isn't anything to do with BIRT, but rather a standard Java web app filtering mechanism. The filter would be called before any servlet you have it mapped to. 
 
Regarding logging of from your app and ending the session in Actuate could be as easy as forwarding a request to a JSP page in Actuate that calls session.invalidate() and then redirect back to your app using response.redirect("<a class='bbc_url' href='http://youapplication/'>http://youapplication/"</a>). </blockquote>
 
Thanks, Rob! This helps quite a bit.