Understanding the Report Server Security Extension
The Report Server Security Extension (RSSE) supports open security and page‑level security. Open security is the framework that a developer uses to create an interface to an external security source, such as Lightweight Directory Access Protocol (LDAP) or Microsoft Active Directory. Using the interface, the Encyclopedia volume controls access using information from the external security source.
Using page-level security, a developer can create an RSSE application that associates security IDs in the access control list (ACL) of a design to Encyclopedia volume users or roles. To use page-level security when working with BIRT designs and documents, obtain a license for the BIRT Page Level Security option. iHub Integration Technology contains reference implementations of RSSE applications, which include source code and JAR files.
iHub supports the following types of SOAP-based RSSE applications that you can install with iHub:
External authentication
Authenticates users in the Encyclopedia volume based on an external, third‑party security system, such as LDAP.
External registration
Control access to Encyclopedia volume items based on an external, third-party security system, such as LDAP. With this strategy, you externalize users, roles, groups, and user properties.
Page-level security
Controls user access to sensitive information in a document by implementing page-level security.
To set up an iHub that uses RSSE to connect to an LDAP Directory Server, the administrator must first install an iHub specifying the custom security source option. Then, using Configuration Console, the administrator configures an Encyclopedia volume to use a web service that supports RSSE processing.