Jasper Ideas

Domain Security Policy - Data Obfuscation Access Type in Column Based Security

It would be great to have an obfuscate access type (on top of deny, grant) so that Column Based Security policies will permit a user to run a report that contains a field they don't have access to (i.e. the column should present empty/contain no data).

Currently, Column Based Security policy will force a user to remove fields denied to them, from an existing ad hoc view (as demonstrated https://www.jaspersoft.com/resources/demand-webinar/dr-jaspersoft-domain-security-files). Once those fields are removed, saving the ad hoc view corrupts the view for a suitably authorised user. Furthermore, a user is not able to run a report (at all) if it contains a field denied to them.

Obfuscate might simply nullify or zero the column at the SQL time or present empty cell values at the presentation layer (with appropriate UI messaging).

  • Kenneth Treharne
  • Dec 24 2021
  • To be Reviewed
Components JasperReports Server, AdHoc, Domains
  • Attach files