InetSoft Product Documentation: Reporting Software - Custom Report Security Integration

InetSoft's reporting software allows users to integrate custom report security options, leading to a highly adapatable solution that can be incorporated into existing systems. View the information below to learn more about the Style Intelligence solution.

Custom security integration is used under the following circumstances:

  • Your users/roles/groups have already been defined in your existing systems, which you wish to directly import into InetSoft, and InetSoft has no built-in mechanism of directly accessing this information, e.g., DB, Web Service (SOAP).
  • You wish to modularize your security into authentication and authorization and use different providers for each, e.g., read users/roles from LDAP (LDAP Security Provider) but write InetSoft-related permissions to disk (Default File Security Provider). This could be a requirement when your LDAP server has write restrictions.
view demo icon
View a 2-minute demonstration of InetSoft's easy, agile, and robust BI software.

The recommended approach for implementing custom security (as of version 9.0) is to use the Composite Security Provider. The composite security provider modularizes security into 'Authentication' and 'Authorization'. Authentication deals with getting user/role/group information and validating login requests. Authorization deals with setting and getting report related permissions.

In order to set up composite security directly add the following properties in the '' file.

security.provider =



{AuthenticationProvider} can be one of:

• class which extends e.g.,

{AuthorizationProvider} can be one of:

• class which extends, e.g.,

If you already have a custom security implementation in versions 8.0 and below; the recommended approach is to re-implement your security using the new Composite security provider as described above. However if you have an existing implementation which implements the 'SecurityProvider' interface you may use it with the addition of some methods.

public class MyProvider implements

public boolean checkPermission(Principal user, String resource, char acc){
   //check the type of permission, which a user
   //has on a resource
   //user is of type SRPrincipal
   //acc is one of 'r','w','d'.

public boolean supportGroupPermission() {
   //check if provider has support for setting
   //permissions on groups

public boolean authenticate(String user, Object credential){
   //validate user credentials
   //credential is object of type
public String[] getUsers() {
   // return a list of all user logins

public String[] getIndividualUsers() {
   //return a list of users not belonging to a group
public User getUsers(String name) {
   //return object

public String[] getRoles() {
   // return a list of all Roles

public String[] getRoles(String user) {
   // return a list of all Roles for a given user

public String[] getGroups() {
   // return a list of all Groups

public Group getGroup(String name) {
   // Get a group by name

public Identity findIdentity(Indentity identity) {
   //find the concrete identity of the security provider

public void setPermission(String resource,
                                 Permission perm) {
   // save the permission for a resource

public Permission getPermission(String resource) {
   // get the permission for a resource

public void removePermission(String resource) {
   // remove the permission for a resource

public void teardown() {
   //teardown the security provider

Read the top 10 reasons for selecting InetSoft as your BI partner.