Setting up a connection-scope security policy

To set up a connection-scope security policy, or in other words, to add a data source security entry to a data source connection in a catalog, follow the steps below:

  1. In JReport Designer, open the required catalog, then in the Catalog Browser, select the data source to which you want to add the security policy.
  2. Right-click the Data Source Security node, and select Add Security from the shortcut menu.
  3. In the Input Security Policy Name dialog, enter a name for the security policy, click OK, and the Security dialog will be displayed. See the dialog.
  4. To apply record-level security, check the Valid RLS box. To apply column-level security, check the Valid CLS box.
  5. In the User tab of the dialog, click the Add button to add a new user to whom the policy will be applied.
    1. In the User dialog, provide the name, title, and e-mail information of the user respectively in the corresponding fields.
    2. Specify to which roles and groups the user belongs to if required.
    3. Click the Permissions button to set permissions for the user in the Security Permissions Setting dialog.
    4. Check the Policy Setting radio button. If you have Policy No Limit selected, then all the records and columns will be available to this user.
    5. In the Record Level Security tab (see the tab), specify the security conditions for the user.

      To build condition statements, specify the expression in the first field. It can be DBFields, formulas, parameters, or some special fields. Select an operator from the Operator drop-down list, and then specify the value to complete the editing of a row. If you want to append a new row, in the More drop-down list, select AND or OR.

      Values Description
      AND Specifies the relationship between two expression statements as logical AND. If this line is the last line in the expression list, when you select AND or OR, a new line will be appended to the end of the list.
      OR Specifies the relationship between two expression statements as logical OR. If this line is the last line in the expression list, when you select AND or OR, a new line will be append to the end of the list.
      Insert Row Inserts a new line behind the current line.
      Delete Row Deletes the current line.
      New Group Adds a new expression group to the list. The relationships between two groups can be:
      • AND - Logical AND relationship between two groups. Records satisfying both condition groups will be retrieved.
      • OR - Logical OR relationship between two groups. Records satisfying either one of the condition groups will be retrieved.
      • AND NOT - Records satisfying the first and not the second condition group will be retrieved.
      • OR NOT - Records satisfying the first or not the second condition group will be retrieved.
    6. In the Column Level Security tab (see the tab),
      • Choose Allow all to show all the columns to the user, or Deny all to hide all the columns from the user.
      • Check the Select Column option and check the boxes to select the DBFields, formulas, parameters, or summaries. You can set the selected items to be shown or hidden from the user by checking the Allow or Deny option. For the unselected columns, the user will have no permission on them.
    7. Click OK to finish permission assigning and return to the User dialog. Then click OK.
  6. Add groups and roles using the same way in the Group and Role tabs.
  7. Upon finishing, click the OK button to create the security policy.