#1 2017-03-01 14:45:24

skosmas
Member
Registered: 2017-02-16

Execute script without login

How can I authenticate the user and run a script?

I have to implement something similar to the execution of report without login but to execute script.

For example for script id=5141, user=admin and apikey=79PKXGScP8r8

i want something similar with the following
http://SERVER:PORT/reportserverbasedir/reportserver/httpauthexport?id=5141&user=admin&apikey=79PKXGScP8r8


If that is not possbile and a user should be logged in, then how can I firstly connect authenticate the user and run the script afterwards with a single url call?

Offline

#2 2017-03-01 14:57:46

karolina
Member
Registered: 2014-08-09

Re: Execute script without login

What about creating a script report that will execute the script?

Offline

#3 2017-03-02 10:26:15

skosmas
Member
Registered: 2017-02-16

Re: Execute script without login

I am trying to get the cookies through httpRequest.
When I execute the script through url, everything works.
If I create a script report that loads the script, then I get the following error:

"The report could not be executed: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: groovy.lang.MissingPropertyException: No such property: httpRequest for class: Script24 ------- SCRIPT ERROR INFO ------- Script execution failed. error message: No such property: httpRequest for class: Script24 (groovy.lang.MissingPropertyException) script arguments: file: get-session2 (id: 16180, line 1) line number: 1 line: def myCookie = httpRequest.getHeader('Cookie').toString()"


I get the cookie string with the following command:
def myHeader = httpRequest.getHeader('Cookie').toString()



The idea is that a report will be called with a parameter that depends on the cookie value.

The next step will be to call a report with that parameter. Any help??

It would be easier if I could directly call the script, but there is no guarantee that a user will be logged in. That's why I asked for a url with authentication

Last edited by skosmas (2017-03-02 10:29:02)

Offline

#4 2017-03-02 10:44:30

eduardo
Administrator
Registered: 2016-11-01
Website

Re: Execute script without login

Hi skosmas,

you can also login via script, as you proposed.
For example, to log in the user with ID 1 ( you can also use a login-name or similar ), and then redirect the user to your report 1234 (see https://reportserver.net/en/guides/admi … -the-URL/) :

import net.datenwerke.security.service.authenticator.AuthenticatorService

def userID = 1
def url = "http://SERVER:PORT/reportserverbasedir/reportserver/reportexport?id=1234"

def authservice = GLOBALS.getInstance(AuthenticatorService.class)
authservice.setAuthenticated(userID)

/* redirect */
httpResponse.sendRedirect(url)

Cheers,
Eduardo

Offline

#5 2017-03-02 13:50:00

skosmas
Member
Registered: 2017-02-16

Re: Execute script without login

Thanks, you rock!

Offline

#6 2017-03-20 10:36:54

skosmas
Member
Registered: 2017-02-16

Re: Execute script without login

How can I check if user is already authenticated in order to avoid authenticating him again?

I've used the following but doesn't work

def authservice = GLOBALS.getInstance(AuthenticatorService.class)
def loggedIn = authservice.getCurrentUser().getId();

if(loggedIn == null){
    def userID = 1
    authservice.setAuthenticated(userID)
}

Offline

#7 2017-03-22 09:16:05

eduardo
Administrator
Registered: 2016-11-01
Website

Re: Execute script without login

Hi skosmas,

you can try with authservice.isAuthenticated() and authservice.getCurrentUser() in a similar way:

def authservice = GLOBALS.getInstance(AuthenticatorService.class)
if (authservice.isAuthenticated()) {
   def loggedIn = authservice.getCurrentUser().getId();
} else {
   def userID = 1
   authservice.setAuthenticated(userID)
}

Cheers,
Eduardo

Offline

#8 2019-05-16 09:30:23

Patryx
Member
Registered: 2019-03-25

Re: Execute script without login

I have a strange problem.

My script (the shortened one to show problem):

import net.datenwerke.security.service.authenticator.AuthenticatorService;

def sURL = "http://127.0.0.1:81/reportserver/ReportServer.html#inlinereport/key:all_users_report_v1&p_PARAM_GUID:AB12"
def authService = GLOBALS.getInstance(AuthenticatorService.class)

//authService.setAuthenticated(10274);
//authService.setAuthenticated(6);
authService.setAuthenticated(37001);

/* redirect */
httpResponse.sendRedirect(sURL);

User with id 37001 it's my user. I added even full acess permission to the given report (in administration page).

When I am not log in in Report Server, I got en error on screen after calling my script:

HTTP Status 500 – Internal Server Error
Type Exception Report

Description The server encountered an unexpected condition that prevented it from fulfilling the request.

Exception

net.datenwerke.security.service.security.exceptions.ViolatedSecurityException
	net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.validateAccess(ScriptUrlAccessServlet.java:270)
	net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScript(ScriptUrlAccessServlet.java:153)
	net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptByPath(ScriptUrlAccessServlet.java:125)
	net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.doGet(ScriptUrlAccessServlet.java:100)
	net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
	net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)
	com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)
	com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)
	com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
	com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)
	com.google.inject.persist.PersistFilter.doFilter(PersistFilter.java:89)
	com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:163)
	com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
	com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
	com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
	com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
Note The full stack trace of the root cause is available in the server logs.

In log I see:

16-May-2019 11:29:19.157 WARNING [ajp-nio-8009-exec-2] net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptNormal execute script error
 net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
------- SCRIPT ERROR INFO -------
Script execution failed.
error message: javax.script.ScriptException: java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed (java.lang.IllegalStateException)
script arguments: null
file: mylogin2.rs (id: 36296, line 11)
line number: 11

	at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:79)
	at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:217)
	at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:263)
	at net.datenwerke.rsenterprise.license.service.EnterpriseCheckInterceptor.invoke(EnterpriseCheckInterceptor.java:35)
	at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:317)
	at net.datenwerke.rsenterprise.license.service.EnterpriseCheckInterceptor.invoke(EnterpriseCheckInterceptor.java:35)
	at net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptNormal(ScriptUrlAccessServlet.java:182)
	at net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScript(ScriptUrlAccessServlet.java:160)
	at net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptByPath(ScriptUrlAccessServlet.java:125)
	at net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.doGet(ScriptUrlAccessServlet.java:100)
	at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
	at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)
	at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)
	at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)
	at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)
	at com.google.inject.persist.PersistFilter.doFilter(PersistFilter.java:89)
	at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:163)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
	at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
	at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:394)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1747)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.script.ScriptException: java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
	at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:347)
	at org.codehaus.groovy.jsr223.GroovyCompiledScript.eval(GroovyCompiledScript.java:41)
	at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:74)
	... 45 more
Caused by: java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
	at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:488)
	at javax.servlet.http.HttpServletResponse$sendRedirect.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:110)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:122)
	at Script2.run(Script2.groovy:11)
	at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:344)
	... 47 more

When I log in as administrator (root) and then call this script, it works: I am log as user and I am redirect to right page. But when I call again this script I get the same error.

I should say that I put my script just under bin folder so it should be visible without login, am I right?

When I change my script to log in always as root (in my case id = 6), it works as expected - redirect me everytime I call it.

Last edited by Patryx (2019-05-16 09:32:16)

Offline

#9 2019-05-17 12:27:10

Patryx
Member
Registered: 2019-03-25

Re: Execute script without login

Hi,
I found solution - it was my mistake because I didn't save script in a folder with marked "Share folder for web access" as it was written in documentation. When I create folder (for example: "shared") with marked option: "Share folder for web access" and put there my script, there is no error as I pasted in my previous post.

Offline

Board footer

Powered by FluxBB