Documentation

User Tools

Site Tools

Trace:
jasperreports_systems_administrator_guide

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
jasperreports_systems_administrator_guide [2024/03/22 13:00] – [Keystore Backup] ghacheyjasperreports_systems_administrator_guide [2024/06/18 01:28] (current) ghachey
Line 41: Line 41:
 security.validation.sql.on=false security.validation.sql.on=false
 </code> </code>
 +
 +===== Firewall =====
 +
 +Tomcat bundled with the JasperServer is already configured to be able to listen on external interfaces. But the windows firewall would block it by default. The safest is to only open the port 8080 to those who will access the JasperServer directly. This usually means administrators and developers as all reports are made available directly in the Pacific EMIS web application.
  
 ===== Integration with Pacific EMIS ===== ===== Integration with Pacific EMIS =====
 +
 +A powerful feature of the Pacific EMIS is its seamless integration with a high end enterprise grade reporting server called JasperReport Server (aka. JasperServer).
 +
 +<note warning>JasperServer until recently (end of 2023) been developing and release JasperServer as open source. Unfortunately, they now only release their JasperSoft Studio to design the reports and no longer release the JasperServer without the enterprise license. But all previously released versions are extremely stable and will continue working for years.</note>
 +==== Configuration of the Web Application ====
  
 To effectively integrate the JasperReport server with the Pacific EMIS you need to make sure the relevant part of the Web.Config is edited accordingly (i.e. jasperUrl, jasperUser, jasperPass). This would likely be different whether you are working in development or deploying to production. To effectively integrate the JasperReport server with the Pacific EMIS you need to make sure the relevant part of the Web.Config is edited accordingly (i.e. jasperUrl, jasperUser, jasperPass). This would likely be different whether you are working in development or deploying to production.
Line 59: Line 68:
   </appSettings>   </appSettings>
 </code> </code>
-===== Helical Notes =====+==== Folder Structure ====
  
-<note warning>This is merely dump from Helical documentation notesNeeds cleanup.</note>+The folders follow simple convention to make integration with the Pacific EMIS easyFirst, resources folders:
  
-Folder Structure+  * **Images** Includes all the images which we used in all the .jrxml file. So images in reports should point to the repo: link before they are deployed in the JasperReport Server. This does require a annoying switching of the images links in the report when working between development in JasperSoft Studio and production in JasperServer. 
 +  * **Templates** Similarly to images, this folder includes all the .jrtx files which is used to apply particular styles in reports. The advantage of centralizing styles are well known. The same annoying switching of the links is reports is require before deploying.
  
-  * **Images** This Folder Includes all the images which we used in all the .jrxml file,If we used any new image in report so need to add that in Images Folder and image path in the report should be this folder image path.+Then there are all the folders that hold the reportsThe Pacific EMIS is usually made up of simple modules (e.g. SchoolsTeachers, Exams). Each of those modules typically have individual entities (e.g. an individual School, an individual Teacher.) Reports can be designed and place in particular folders to automatically appear in the Pacific EMIS through the RESTful API
  
-  * **Templates** This Folder includes all the .jrtx files which is used to apply particular styles in reports. +For example, if you want a new report to go under the Schools (e.gList of school without annual census submission this year) module you would design it and put in a a folder **Schools**. When published all the published reports in here will appear in the Pacific EMIS' Schools module as shown in the figure below.
-  * **Indicators** Their is Two sub folder in Indicators +
-    * Indicators Report National This folder includes all .jrxml files related Indicators by Nation +
-    Indicators Report by State This folder includes all .jrxml files related Indicators by State +
-  School It contains one sub folder and few other individual reports +
-    * School Report Card This folder includes all .jrxml files related to School Report Card +
-  * Schools This folder includes all .jrxml files related to Schools +
-  Students This folder includes all .jrxml files related to Students +
-  Teacher This folder includes all .jrxml files related to Teacher +
-  * Teachers Their is Two sub folder in Indicators +
-    * Teachers Report by Summary This folder includes all .jrxml files related Teachers reports by Nation +
-    * Teachers report by Nation This folder includes all .jrxml files related Teachers reports by State+
  
-SQL Property UpdateWe need to disable the SQL validation property +{{ :sysadmin-manual:jasperreports-integration-1.png?nolink |}}
-Path…\<Jasper Server>\apache-tomcat\webapps\jasperserver\WEB-INF\classes\esapi +
-File Name: security-config.properties +
-Property: security.validation.sql.on +
-Update the above property to false and restart the server+
  
-Required Libraries: +Now if you wanted to have a report for individual schools (e.g. A School Report Card). You would locate it in a folder called **School** (not without the plural "s"). In this case, it would appear in any of the individual school as shown below. 
-  * font-extension.jar: It is used to support the new custom fonts in jasper server +{{ :sysadmin-manual:jasperreports-integration-2.png?nolink |}} 
-  * reporting-1.0.jar: This jar is used for chart customizer to customize the chart colors + 
-  * sqljdbc4-2.0.jar: This is used for creating jdbc connection. We can add this driver in both Jasper server and Jaspersoft studio if sql jdbc driver not imported+The same will work for any other module (i.e. Indicators, Exams, Teachers, Individual Teachers, etc.) 
 + 
 +==== Required Libraries ==== 
 + 
 +Some or all reports require some additional jar files in essence small dependencies. They are listed and described here. 
 + 
 +  * **font-extension.jar**Used to support the new custom fonts in jasper server. Can be added directly in **<Jasper Server>\apache-tomcat\webapps\jasperserver\WEB-INF\lib** 
 +  * **reporting-1.0.jar**Used as a chart customizer to customize the look of exams reports among potentially others. Can be added directly in **<Jasper Server>\apache-tomcat\webapps\jasperserver\WEB-INF\lib** 
 +  * **sqljdbc-VERSION.jar**Used for JBDC connection to interact with the MS SQL ServerOften loaded directly from the UI of JasperServer when creating the data source or in JasperSoft Studio.
      
-Add both the jar files in jasper server library folder +Restart the server when adding the jars for the first time.
-Path: …\<Jasper Server>\apache-tomcat\webapps\jasperserver\WEB-INF\lib+
  
-Restart the server+==== Fonts ====
  
-You also need to install open-sans fonts in Windows and Jasper:+Reports have been standardized using the Open Sans famliy of fonts so those will need to be installed on the Windows Server. Just download them from https://fonts.google.com/specimen/Open+Sans or https://www.1001fonts.com/open-sans-font.html, extract and double click each one of them to install. Maybe now is a goo time to restart the server before testing out some reports.
  
-  * Go to Window -> Preferences -> Jaspersoft Studio -> Fonts. Click on Add from path and select the zip file.  +Note that if you are designing reports you will also need to install them on your own workstation and you could also install them directly in the JasperSoft Studio. To do this you would go to **Window -> Preferences -> Jaspersoft Studio -> Fonts**. Click on Add from path and select the zip file. Install in JasperSoft Studio as shown below.
-  * Install in JasperSoft Studio+
  
 {{:developer-manual:jasper-add-font.png?nolink|}} {{:developer-manual:jasper-add-font.png?nolink|}}
Line 178: Line 179:
 I have found useful to temporarily change the passwords as using it later cause me more problem then I wanted to solved (special characters not handling well on the windows command line). I have found useful to temporarily change the passwords as using it later cause me more problem then I wanted to solved (special characters not handling well on the windows command line).
  
-Change password of the keystore.+Change password of the keystore. I made it a convenient easy to type password since it is temporary and the keystore will be disposed later.
  
 <code> <code>
Line 184: Line 185:
 </code> </code>
  
-Change password of the key of interest.+Change password of the key of interest. This password could also be made simple and convenient but then you would be best to change it in the production stored after ward for tighter security. Another approach is to make it a good password right away and as it gets imported it keeps this password.
  
 <code> <code>
Line 190: Line 191:
 </code> </code>
  
-Changing the password made it easier to import and override the key in the new keystore generated from a fresh installation on the new server.+<note tip>After manipulating the keystore you might have to restart the JasperServer.</note> 
 + 
 +Changing the password made it easier to import and override the key in the new keystore generated from a fresh installation on the new server. Note that the only key being imported and in effect overriding the default one of the new installation is the importExportEncSecret key.
  
 <code> <code>
Line 196: Line 199:
 </code> </code>
  
-Then in the JasperAdmin you should now be able to import the backed up catalog as normal using the +Then in the JasperAdmin you should now be able to import the backed up catalog (i.e. export.zip) as normal as shown in the following figure. 
 + 
 +{{ :sysadmin-manual:jasperserver-import-1.png?nolink |}} 
 + 
 +Once that the catalog has been successfully been updated you can do some final cleanups including: 
 + 
 +  * Dispose of the original keystore (.jrsks and jrsksp from the previous server). They were tempered with changing to simple passwords for convenience and are no longer needed. Keep the original backup in the backup server of course. 
 +  * The new keystore from the fresh installation on the new server now has a new secure password, but the imported and overriden key alias importExportEncSecret has the simple password carried from the change above. It would be a better idea to change it again to a strong password using the same technique as above but on the new keystore (you will need the new password which you can obtain from adapted commands above). If you do change the password for the key importExportEncSecret then you would also need to decode the properties (.jrsksp) edit the base64 string for that key and encode it again using the following command. 
 + 
 +<code> 
 +>certutil -encode jrsksp.txt tmp.b64 && findstr /v /c:-tmp.b64 > .jrsksp 
 +</code> 
 + 
 +<note important>You may need to make sure the permission on your newly encoded file have the exact same has the one before.</note> 
 + 
 +There are actually a few different ways to handle backup and restores with more recent and secure JasperServer versions. More details can be found in the guide JasperReport Server Security Guide.
  
  
jasperreports_systems_administrator_guide.1711112433.txt.gz · Last modified: 2024/03/22 13:00 by ghachey