A Java proxy for MS SQL Server Reporting Services



Similar documents
TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual

Crawl Proxy Installation and Configuration Guide

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Installation and configuration guide

Configuring Single Sign-on for WebVPN

Entrust Managed Services PKI Administrator s Quick Start Guide

Oracle Forms Services Secure Web.Show_Document() calls to Oracle Reports Server 6i

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

Acrobat Connect. Using Connect Enterprise Web Services

T320 E-business technologies: foundations and practice

qliqdirect Active Directory Guide

SharePoint Integration Framework Developers Cookbook

User Pass-Through Authentication in IBM Cognos 8 (SSO to data sources)

BusinessObjects Enterprise XI Release 2

Single Sign-on (SSO) technologies for the Domino Web Server

Create Reports Utilizing SQL Server Reporting Services and PI OLEDB. Tutorial

Instant Chime for IBM Sametime Installation Guide for Apache Tomcat and Microsoft SQL


CA Performance Center

Xtreeme Search Engine Studio Help Xtreeme

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

Oracle9i Application Server: Options for Running Active Server Pages. An Oracle White Paper July 2001

Penetration Testing with Kali Linux

Test Plan Security Assertion Markup Language Protocol Interface BC-AUTH-SAML 1.0

Building Java Servlets with Oracle JDeveloper

SharePoint AD Information Sync Installation Instruction

SelectSurvey.NET Developers Manual

Communiqué 4. Standardized Global Content Management. Designed for World s Leading Enterprises. Industry Leading Products & Platform

Easy CramBible Lab DEMO ONLY VERSION Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0

The full setup includes the server itself, the server control panel, Firebird Database Server, and three sample applications with source code.

Enabling Single Signon with IBM Cognos ReportNet and SAP Enterprise Portal

Xerox DocuShare Security Features. Security White Paper

WHITE PAPER. Domo Advanced Architecture

GravityLab Multimedia Inc. Windows Media Authentication Administration Guide

Svn.spamsvn110. QuickStart Guide to Authentication. WebTitan Version 5

Feature and Technical

ICE Trade Vault. Public User & Technology Guide June 6, 2014

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH CITRIX PRESENTATION SERVER 3.0 AND 4.5

Enabling Single Signon with IBM Cognos 8 BI MR1 and SAP Enterprise Portal

Active Directory Integration with Blue Coat

Portals and Hosted Files

User Identification (User-ID) Tips and Best Practices

TG Web. Technical FAQ

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

User Identification and Authentication

Entrust Managed Services PKI Administrator Guide

XIA Configuration Server

Oracle Forms Services Secure Web.Show_Document() calls to Oracle Reports

PingFederate. IWA Integration Kit. User Guide. Version 3.0

Apache Server Implementation Guide

FAQs for Oracle iplanet Proxy Server 4.0

Evaluation of different Open Source Identity management Systems

Lotus Domino Security

DiskPulse DISK CHANGE MONITOR

TIBCO Spotfire Statistics Services Installation and Administration Guide

What Is the Java TM 2 Platform, Enterprise Edition?

Evaluator s Guide. PC-Duo Enterprise HelpDesk v5.0. Copyright 2006 Vector Networks Ltd and MetaQuest Software Inc. All rights reserved.

RemotelyAnywhere Getting Started Guide

CA Technologies SiteMinder

Authentication Integration

Installation & Configuration Guide User Provisioning Service 2.0

SQL Server 2005 Reporting Services (SSRS)

HYPERION SYSTEM 9 N-TIER INSTALLATION GUIDE MASTER DATA MANAGEMENT RELEASE 9.2

MS Enterprise Library 5.0 (Logging Application Block)

1 (11) Paperiton DMS Document Management System System Requirements Release: 2012/

Using TestLogServer for Web Security Troubleshooting

Web. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture # Apache.

Last update: February 23, 2004

Web services with WebSphere Studio: Deploy and publish

IBM Aspera Add-in for Microsoft Outlook 1.3.2

versasrs HelpDesk quality of service

Citrix Access on SonicWALL SSL VPN

multiple placeholders bound to one definition, 158 page approval not match author/editor rights, 157 problems with, 156 troubleshooting,

Axway API Gateway. Version 7.4.1

Installation Guide for Pulse on Windows Server 2012

FileMaker Server 9. Custom Web Publishing with PHP

TIBCO ActiveMatrix BPM - Integration with Content Management Systems

Oracle Managed File Getting Started - Transfer FTP Server to File Table of Contents

Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies

Fax User Guide 07/31/2014 USER GUIDE

Instant Chime for IBM Sametime For IBM Websphere and IBM DB2 Installation Guide

Cognos (R) 8 Analytic Applications

Design and Functional Specification

IIS SECURE ACCESS FILTER 1.3

TIBCO Administrator User s Guide. Software Release March 2012

Polar Help Desk Installation Guide

Bentley CONNECT Dynamic Rights Management Service

Enabling single sign-on for Cognos 8/10 with Active Directory

Tableau Server Trusted Authentication

Dell SonicWALL SRA 7.5 Citrix Access

CA Clarity PPM. Connector for Microsoft SharePoint Product Guide. Service Pack

Specops Command. Installation Guide

Gigabyte Content Management System Console User s Guide. Version: 0.1

Deploying F5 with IBM Tivoli Maximo Asset Management

IBM WebSphere Application Server

Tableau Server Trusted Authentication

FEATURE COMPARISON BETWEEN WINDOWS SERVER UPDATE SERVICES AND SHAVLIK HFNETCHKPRO

Transcription:

1 of 5 1/10/2005 9:37 PM Advertisement: Support JavaWorld, click here! January 2005 HOME FEATURED TUTORIALS COLUMNS NEWS & REVIEWS FORUM JW RESOURCES ABOUT JW A Java proxy for MS SQL Server Reporting Services Explore the URL interface of a new contender on the enterprise reporting tool market Summary Generating high-quality print output from a Web application is often difficult because browsers provide only limited control over a document's layout. Adjusting page margins or positioning document elements at a precise location on the page proves impossible when printing from the browser. When preprinted forms are being used or when page flow must be controlled tightly, you must use a server-based document generation engine. Many such technologies and products are available. A solution should provide good report development productivity, a GUI report designer, be highly scalable, perform well (especially when rendering PDF documents for concurrent sessions), and come with an attractive price tag. We tested and benchmarked several products and settled for Microsoft SQL Server Reporting Services (RS). RS can easily be integrated and deployed in a Microsoft-centric environment, but making it accessible to a Java Web application requires some work. This article provides some guidance in integrating RS with your Java Web application. (2,100 words; January 10, 2005) By Christian Donner and Ilia Papas Java Web application often uses a SQL Server database. SQL Server now comes bundled with a reporting tool, Reporting Services. RS has generated a lot of attention among developers since it first came on the market about a year ago. It is a full-featured reporting tool that includes a WYSIWYG report editor with scripting/programming capabilities, a delivery engine, and a powerful Web services interface. Using RS makes sense not only from a cost perspective, but also because of the reduced development and deployment complexities compared with using a third-party vendor. This article explores such an integration scenario. RS can be added to any SQL Server installation with no additional license fees (the current distributions of SQL Server 2000 Enterprise, Standard, or Developer Edition already include RS). RS requires that IIS (Internet Information Services) run on the server as well. The Report Developer client is a Visual Studio plug-in and installs as part of the RS client setup. The most recent version is 1.0; however, Microsoft has made available Service Pack 1 for download. Considering that the product is relatively young, it provides a complete and consistent development experience. Note: In this article, the terms "report" and "document" are used interchangeably, assuming that RS is used for the generation of any print output. Reporting Services overview The solution described in this article enables numerous users to generate individual documents; that is, reports are generated exclusively on an ad-hoc basis. This article focuses specifically on ad-hoc generation and delivery of reports via HTTP streams to a Web browser; other approaches are not covered. Our Web application issues a rendering request to RS after collecting all the necessary input for a report, either by storing control data in the database or by passing parameters. The result in the requested format subsequently appears on the user's screen. There are two fundamentally different approaches for integrating RS with a Web application. First, users can access the report server directly. Therefore, RS must be exposed to the external network. The application would typically link or redirect to the reports served by the RS server. Second, RS can be wrapped by the Web application. The report server should not be directly accessible. The Web application issues requests to the RS server and streams report data back to the user. Let's look closer at these alternatives. RS server exposed to users When users access the RS server directly, the application can simply link or redirect to the reports (see Figure 1). While this scenario at first looks attractive because it is simple, it often results in an undesirable implication.

2 of 5 1/10/2005 9:37 PM Figure 1. In this configuration, users access RS directly. Click on thumbnail to view full-sized image. RS supports only Windows Integrated Authentication (formerly called NTLM, or NT Lan Manager). By default, the RS install script configures IIS so that Integrated Authentication is the only allowed option. This means that Internet Explorer automatically authenticates using the current user's Windows credentials, while other browsers cannot achieve access. Once basic authentication is enabled, non-ie browsers will challenge a user (some features of RS do not work with non-ie browsers, though more about browser limitations later). Whatever form of authentication is used, the user must have access to the report server, either through a domain account or a local account. Thus, direct access to RS proves impractical if you must authenticate a large user base that does not have Windows domain accounts. In our case, the Web application uses IBM's Tivoli Access Manager and an LDAP (lightweight directory access protocol) directory to manage user permissions. We were unwilling to develop a custom security extension to RS for this integration. By the way, this extensibility feature is not available in the Standard Edition it requires a more expensive SQL Server Enterprise Edition license. Configuring RS for anonymous access is possible, but, for obvious reasons, should be avoided on a publicly accessible server. Because of these concerns about the limited out-of-the-box ability to directly authenticate users, the direct-access option is not attractive for our purposes. RS server wrapped by a Java servlet When users don't need to access the report server directly, a service account can be used. With a service account, all requests to the report server are made with the same user account, regardless of who is signed on to the Web application. A Java servlet that manages calls to RS and streams report data back to the client eliminates the need for individual user accounts on the RS server. In such a scenario, the Web application must provide a domain name and can then authenticate with IIS even in the default configuration, regardless of the user's browser type. Figure 2. In this configuration, RS is wrapped by the application server. Click on thumbnail to view full-sized image. RS (i.e., IIS on the RS server) should be configured to run on a nonstandard port blocked to outside users. We decided to use this approach because the application's large user base of more than 10,000 made authentication through a service account mandatory. Report access methods Up to this point, we have talked about calling RS without detailing how a report can be invoked. Reports can be accessed through three approaches: through Report Manager, through a Web service interface, and through a URL interface. Report Manager The Web management interface for RS is called Report Manager. It comes with its own (albeit customizable) look and feel, requires users to be authenticated (enabling anonymous access in IIS results in error messages), and does not work properly in Netscape 7 despite that Microsoft claims otherwise in the documentation. Report Manager provides access to all the features of RS. It can be used to upload and run reports, but because of its administration

3 of 5 1/10/2005 9:37 PM features, it is not the right tool for users and cannot be easily integrated with another Web application. Web service interface RS's Web service interface is complete and exposes virtually all of its features. Report Manager itself is implemented as a Web services client. You could access the RS Web service interface from a Java/Apache Axis client if you wish. However, in this article, we focus on the URL interface. URL interface By using the URL interface, it is possible to get a good level of access to RS functions while still using a simple API. Reports are generated by sending an HTTP request to an RS URL. The query string can contain many parameters that detail such items as the report name and the output format. The report server streams the response back to the requestor in the specified format. A PDF report, for instance, would consist of only one binary stream, while an HTML report would require a separate stream for the page and each embedded image. Because the servlet streams the HTML to the user's browser, which does not maintain a session with the report server, the user would not see such images, but instead receive an authentication error from the report server. The servlet therefore must parse the HTML stream for image references and replace them with the URL of a second servlet that can simulate the original session to RS for requesting the image streams. URL interface wrapper servlets The remainder of this article shows you how to implement a set of servlets that act as a URL interface client to RS. ReportRequest.java The ReportRequest is the main servlet that makes the initial report request and processes the report stream. The ReportRequest servlet is designed to act as a mediator between the J2EE infrastructure and a Microsoft Reporting Services Web server. It is accessible from the Internet, but the reporting server itself is not exposed for security purposes. The tasks that this servlet performs include authenticating to the reporting server, passing a form post containing report parameters, and then returning the requested response. Authentication ReportRequest authenticates to IIS using NTLM via Java's Authenticator class (NTLM requires Java 1.4.2 or later). A custom class called ReportAuthenticator extends java.net.authenticator and handles the transmission of the encrypted username and password. To specify the user's realm or domain name, use the following format: DOMAIN\username or: SERVER\username To set the callback object, ReportRequest makes the following call: Authenticator.setDefault(new ReportAuthenticator()); Once the URL connection is made, the server uses the credentials defined in ReportAuthenticator to negotiate authentication. Receiving the request Requests are sent to ReportRequest as HTTP form posts containing the report parameters loaded into an Enumeration. The servlet calls the GetAvailableParameters class, which queries the database and populates an ArrayList with the parameters that users are allowed to pass to the report server. The parameters are filtered by this list and parsed into a string. This way, only approved predefined parameters are included in the request. The name of the report being generated is extracted into a separate string to be used later in forming the URL to be posted to the report server. Posting to the report server The next step is to create the connection to the report server using an HttpURLConnection to mimic a browser's request. When requesting an HTML report, the report server references auxiliary items such as images by using a stream ID stored in a cookie that is returned to the client in the HTML stream's header. This stream ID identifies the initial report session. By default, ReportRequest posts to the server with the User-Agent header set to Java 1.4.2, which the report server believes does not accept cookies and thus disables the stream. To keep the references active, it is necessary to spoof the header using the following line: repcon.setrequestproperty("user-agent", "Mozilla/5.0"); Forwarding the response to the client If the requested report is a format other than HTML, all that is required is a buffered binary stream from the HttpURLConnection's input stream to the client response's output stream. Before streaming the data, you must mimic the server stream's content type and disposition headers on the client using the following code: String contenttype = reportcon.getcontenttype(); clientresponse.setcontenttype(contenttype); clientresponse.setheader("content-disposition", reportcon.getheaderfield("content-disposition")); If the report is in HTML format, the stream must be modified to accommodate any external items, such as images, that may be included in the report. The ReportRequest servlet parses the HTML stream character by character, searching for any reference to the reporting server which will be replaced with a link to the GetReportItem servlet including the cookie originally returned with the stream. So, an image tag that looks like this:

4 of 5 1/10/2005 9:37 PM <img src="http://reportserver/reports?querystringxxxx"> becomes: <img src="http://proxy/getreportitem?cookie=cookiedata&querystringxxxx"> As each character is processed, it is then passed to the client output stream. GetReportItem.java The GetReportItem servlet takes the parameters that would normally be passed back to the report server to retrieve an auxiliary item along with the original cookie provided with the report. GetReportItem extracts the query string from the calling URL, removes the cookie parameter, and uses it to set the header of the HTTP GET request it makes to the report server, forwarding the remaining parameters. The cookie tells the report server to which stream the servlet is referring, which is required for the server to pass back the requested object. The content type and disposition is then set with the same method used in ReportRequest.java, and then the data is passed to the client using buffered binary streams. The following sequence diagram illustrates the interaction between the user's browser and the servlets, and the servlet interaction with RS. Figure 3. Sequence diagram. Click on thumbnail to view full-sized image. Conclusion Using the GetReportItem and ReportRequest servlets together successfully allows users to integrate MS SQL Server Reporting Services into a J2EE environment without compromising security policies or exposing the server to the Internet. Also, full reporting functionality is maintained, as the ReportRequest servlet can be posted to via a form or the traditional URL method. Since the main ReportRequest servlet also parses out each submitted parameter, implementing additional security checks and restrictions is relatively simple. Unfortunately, at this time, the servlet does not support interactive HTML features such as those found in drill-down reports, but perhaps with further development, this functionality could be added. About the author Christian Donner is a senior consultant and software architect at Molecular. His interests include enterprise application and data integration, and strategies for introducing new technologies to large corporations. Donner is a Sun Certified Enterprise Architect for the Java 2 Platform. He currently lives south of Boston. Ilia Papas is an associate software engineer at Molecular. He has worked with Web applications for four years, and lives west of Boston. Resources Download the source code that accompanies this article: http://www.javaworld.com/javaworld/jw-01-2005/sqlrs/jw-0110-sqlrs.zip Download the RS Trial Version and Service Pack 1: http://www.microsoft.com/sql/reporting/downloads/default.asp Also by Christian Donner: "Java and.net Interoperability Using CORBA" (JavaWorld, May 2004): http://www.javaworld.com/javaworld/jw-05-2004/jw-0517-java.net.html For more articles on Java development tools, browse the Development Tools section of JavaWorld's Topical Index: http://www.javaworld.com/channel_content/jw-tools-index.shtml For more articles on servlets, browse the Servlets section of JavaWorld's Topical Index: http://www.javaworld.com/channel_content/jw-servlets-index.shtml

5 of 5 1/10/2005 9:37 PM Advertisement: Support JavaWorld, click here! HOME FEATURED TUTORIALS COLUMNS NEWS & REVIEWS FORUM JW RESOURCES ABOUT JW FEEDBACK Copyright 2004 JavaWorld.com, an IDG company

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information