You must create custom security providers in order to provide security filters for model entities. This allows you to add single sign-on functionality using LDAP and Active Directory, and to control access to data with row-level security.
Once you implement interfaces from the Extensibility assembly and configure the resulting assembly in the Administrator Dashboard by selecting it in the Security Provider list, you and your administrators can add security filters to entities when you edit a model. For more information, see the Managing Security Providers and Modifying an Entity topics.
You can use your UserContext attributes in the connection string of your data models by encasing them in percent signs. For more information, see the Changing the Connection String topic.
To implement Extensibility interfaces in a .NET 3.5 Class Library
- In Visual Studio, create a new C# .NET Framework 3.5 Class Library project.
- From your ActiveReports 10 Server installation folder, copy the ActiveReports.Server.Extensibility.dll file into your project's bin folder.
- In the Visual Studio Solution Explorer, right-click References and select Add Reference.
- In the Add Reference dialog that appears, on the Browse tab, look in the bin folder, select the ActiveReports.Server.Extensibility.dll and click OK.
- Add a class to your project that implements the ISecurityProvider interface, and another that implements the ISecurityProviderFactory interface.
Note: For details on how to do this, please see the ActiveTunes.SecurityProvider sample in the C:\ActiveReports 10 Server\SDK\Samples directory.
Important methods in the ISecurityProvider interface include:
- CreateToken creates the security token that the server holds to identify the current logged in session with username and password parameters, as well as a custom parameter for any other credentials data used by the provider.
- FilterRoles gets the collection of roles associated with the specified security token.
- GetUserContext returns the UserContext object for the specified security token.
-
GetUserDescription returns two useful objects:
- UserDescription.Email automatically fills the email field in the error log submission dialog.
- UserDescription.FriendlyUserName automatically fills the CreatedBy and ModifiedBy fields for reports.
- Once all of the necessary classes are in place with your custom data, from the Build menu, select Build ClassLibrary1. A DLL is created in your project's bin > Release folder.
To configure the provider
- In Windows Explorer, create a SecurityProviders folder on the same level as your site, for example, if you have C:\ActiveReports 10 Server, create the folder C:\ActiveReports 10 Server\SecurityProviders.
- Copy your custom security provider DLL file into the new folder.
- On the Administrator Dashboard, in the Configuration section, click Security Provider.
- From the Custom security provider drop-down that appears, select your new provider.
- Select values for any properties that may be available, depending on your provider.
- Click the Apply changes button.
To add a row-level security filter
- On the Administrator Dashboard, in the Administration section, click Models.
- In the list of models that appears, next to the model containing the entity that you want to filter, click the Edit command.
- In the model editor that appears, from the Entities list to the left, click the entity that you want to filter.
- In the workspace at the center, next to the Security Filter property, click the Add command.
- In the Edit Security Filter dialog that appears, select Filter Expression, and click the ellipsis button next to the box under that label.
- In the Select Attribute dialog that appears, expand nodes as necessary to select the attribute to which you want to apply a filter condition, and click OK.
- In the center, you can choose whether the attribute equals or does not equal the value to the right.
- In the drop-down box to the right, select the value from your security provider to compare to the attribute on the left.
- Click Apply to add the filter to the entity.
See Also