This article shows steps on how to enable LDAP (Microsoft Active Directory) authentication in JasperReports Server.
CA Service Management 7.1 and higher.
1. Please copy all files under your <Jasper media directory>\samples directory, i.e.
a. applicationContext.xml
b. applicationContext-externalAuth-LDAP-mt.xml
c. applicationContext-externalAuth-template-mt.xml
d. js.externalAuth.properties
and paste them into <Jasper 6.3 tomcat-folder>\webapps\<webapp-name>\WEB-INF directory (e.g. C:\Program Files\CA\SC\CA Business Intelligence\apache-tomcat\webapps\jasperserver-pro\WEB-INF), click 'yes' to overwrite existing files in the folder.
2. Modify applicationContext-externalAuth-LDAP-mt.xml file as the following
a. Change groupSearchFilter property value within <contstructor-arg> tag (line 84)
From
<property name="groupSearchFilter" value="(uid={1})"/>
To
<property name="groupSearchFilter" value="(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.1941:=2)))"/>
b. Change <constructor-arg index="1"> value (line 97)
From
<value>(uid={0})</value>
To
<value>(sAMAccountName={0})</value>
c. Add referral property value within <bean id="ldapContextSource> tag (line 107)
From
<bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource">
<constructor-arg value="${external.ldap.url}"/>
<!-- manager user name and password (may not be needed) -->
<property name="userDn" value="${external.ldap.username}"/>
<property name="password" value="${external.ldap.password}"/>
</bean>
To
<bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource">
<constructor-arg value="${external.ldap.url}"/>
<!-- manager user name and password (may not be needed) -->
<property name="userDn" value="${external.ldap.username}"/>
<property name="password" value="${external.ldap.password}"/>
<property name="referral" value="follow"/>
</bean>
d. Comment out list items of organizationRDNs property (line 149)
From
<property name="organizationRDNs">
<list>
<value>dc</value>
<value>c</value>
<value>o</value>
<value>ou</value>
<value>st</value>
</list>
</property>
To
<property name="organizationRDNs">
<list>
<!--<value>dc</value>
<value>c</value>
<value>o</value>
<value>ou</value>
<value>st</value>-->
</list>
</property>
3. Modify js.externalAuth.properties file to specify your actual external.ldapUrl, external.ldapDn and external.ldapPassword. The following is the example of entire contents of the file.
# External authentication properties that can be configured via
# the master.properties file
external.jdbc.driverClassName=${external.jdbcDriverClass}
external.jdbc.url=${external.jdbcUrl}
external.jdbc.username=${external.dbUsername}
external.jdbc.password=${external.dbPassword}
external.ldap.url=ldap://LDAP-SERVER:3268/dc=EXAMPLE,dc=com
external.ldap.username=cn=administrator,ou=users,ou=support,dc=EXAMPLE,dc=com
external.ldap.password=[LDAP-PASSWORD]
external.ldap.authenticationmode=DIGEST-MD5
external.ldap.domaincontroller=
4. Restart Jasper Tomcat service