Deny access to any page except the reports and dashboards to a user/viewer in Helical Insight

Use case: When a client is integrating Helical Insight then you may want to make sure that the user should only be able to view the reports and dashboards which are integrated within your application. Even if a person is able to inspect and find the Helical Insight BI URL even then he should not be able to access any page whatsoever.

In the below we have clarified how the same can be achieved. This is one of the best practices to be followed while integrating as it gives enhanced level of security.

Step 1:- We will be creating a new role and any user who is assigned to that role will only be able to access the reports dashboards and will be denied access to any other kind of page. Let us call this new role as (ROLE_VIEWER) and add this role to all users to whom access needs to be restricted. This can be done in spring_security.xml

    • Open spring_security.xml file present at location “..\hi\apache-tomcat-7\webapps\hi-ee\WEB-INF\classes”
    • You will see a list of html pages. For all the pages where you want to restrict access, add ROLE_VIEWER in the access attribute.

For your reference you can download the spring-security.xml file from spring-security.zip here.

  • Save the file.

Step 2:- Next step is to create the id for HTML access denied page in tiles-definitions.html

    • Open tiles-definition.html present at location location \hi\apache-tomcat-7\webapps\hi-ee\WEB-INF\classes
    • In this file, we need to define a new template. Access Denied error page is already present in location “/hi/apache-tomcat-7/webapps/hi-ee/WEB-INF/jsp/errorPages/accessdenied.jsp”
    • The template definition should refer to this file. The name of the template can be anything of your choice. However, this name shall appear in the URL of the access denied page.

  • Save the file. For your reference we are also sharing the tiles-definition.xml file as well. From tiles-definitions.zip you can download XML file.

Step 3:- Define the condition for invoking the error page in landing.jsp

    • Path of landing.jsp file is “…hi-ee/WEB-INF/pages/sections”/ The landing.jsp page defines the landing page whenever a user logs in.
    • In this page, we shall define the condition when the access denied page should be displayed. In this case, whenever role of the user is ROLE_VIEWER and he tries to access any page other than report/dashboard, he should get access denied page. Even if a user is having multiple roles but if one of the role is ROLE_VIEWER he would be denied access.
    • Whenever any report/dashboard is opened it always contains parameter of file name in the URL as “&file=”. We shall check the presence or absence of this condition to decide whether access denied page should be displayed.

  • Save the file. For reference the landing.jsp file is also shared here in landing.zip file.

Step 4:- Restart the HelicalInsight service

Step 5:- Define users that will have ROLE_VIEWER as one of their roles. If you are using SSO, then pass ROLE_VIEWER as one of the role parameters within the token.

Now, if any user with role=ROLE_VIEWER tries to access the report using the URL, he will see this page:

When he tries to login to hi.html page or absolutely any other page directly, he will get the following error. For changing the look and feel of this error page (shown below) which is being displayed you can make changes in the file “accessDenied.html”

You May Also Like

Helical Insight’s self-service capabilities is one to reckon with. It allows you to simply drag and drop columns, add filters, apply aggregate functions if required, and create reports and dashboards on the fly. For advanced users, the self-service component has ability to add javascript, HTML, HTML5, CSS, CSS3 and AJAX. These customizations allow you to create dynamic reports and dashboards. You can also add new charts inside the self-service component, add new kind of aggregate functions and customize it using our APIs.
Helical Insight’s self-service capabilities is one to reckon with. It allows you to simply drag and drop columns, add filters, apply aggregate functions if required, and create reports and dashboards on the fly. For advanced users, the self-service component has ability to add javascript, HTML, HTML5, CSS, CSS3 and AJAX. These customizations allow you to create dynamic reports and dashboards. You can also add new charts inside the self-service component, add new kind of aggregate functions and customize it using our APIs.
Helical Insight, via simple browser based interface of Canned Reporting module, also allows to create pixel perfect printer friendly document kind of reports also like Invoice, P&L Statement, Balance sheet etc.
Helical Insight, via simple browser based interface of Canned Reporting module, also allows to create pixel perfect printer friendly document kind of reports also like Invoice, P&L Statement, Balance sheet etc.
If you have a product, built on any platform like Dot Net or Java or PHP or Ruby, you can easily embed Helical Insight within it using iFrames or webservices, for quick value add through instant visualization of data.
If you have a product, built on any platform like Dot Net or Java or PHP or Ruby, you can easily embed Helical Insight within it using iFrames or webservices, for quick value add through instant visualization of data.
Being a 100% browser-based BI tool, you can connect with your database and analyse across any location and device. There is no need to download or install heavy memory-consuming developer tools – All you need is a Browser application! We are battle-tested on most of the commonly used browsers.
Being a 100% browser-based BI tool, you can connect with your database and analyse across any location and device. There is no need to download or install heavy memory-consuming developer tools – All you need is a Browser application! We are battle-tested on most of the commonly used browsers.
We have organization level security where the Superadmin can create, delete and modify roles. Dashboards and reports can be added to that organization. This ensures multitenancy.
We have organization level security where the Superadmin can create, delete and modify roles. Dashboards and reports can be added to that organization. This ensures multitenancy.
We have organization level security where the Superadmin can create, delete and modify roles. Dashboards and reports can be added to that organization. This ensures multitenancy.
We have organization level security where the Superadmin can create, delete and modify roles. Dashboards and reports can be added to that organization. This ensures multitenancy.
A first-of-its-kind Open-Source BI framework, Helical Insight is completely API-driven. This allows you to add functionalities, including but not limited to adding a new exporting type, new datasource type, core functionality expansion, new charting in adhoc etc., at any place whenever you wish, using your own in-house developers.
A first-of-its-kind Open-Source BI framework, Helical Insight is completely API-driven. This allows you to add functionalities, including but not limited to adding a new exporting type, new datasource type, core functionality expansion, new charting in adhoc etc., at any place whenever you wish, using your own in-house developers.
It handles huge volumes of data effectively. Caching, Pagination, Load-Balancing and In-Memory not only provides you with amazing experience, but also and does not burden the database server more than required. Further effective use of computing power gives best performance and complex calculations even on the big data even with smaller machines for your personal use. Filtering, Sorting, Cube Analysis, Inter Panel Communication on the dashboards all at lightning speed. Thereby, making best open-source Business Intelligence solution in the market.
It handles huge volumes of data effectively. Caching, Pagination, Load-Balancing and In-Memory not only provides you with amazing experience, but also and does not burden the database server more than required. Further effective use of computing power gives best performance and complex calculations even on the big data even with smaller machines for your personal use. Filtering, Sorting, Cube Analysis, Inter Panel Communication on the dashboards all at lightning speed. Thereby, making best open-source Business Intelligence solution in the market.
With advance NLP algorithm, business users simply ask questions like, “show me sales of last quarter”, “average monthly sales of my products”. Let the application give the power to users without knowledge of query language or underlying data architecture
With advance NLP algorithm, business users simply ask questions like, “show me sales of last quarter”, “average monthly sales of my products”. Let the application give the power to users without knowledge of query language or underlying data architecture
Our application is compatible with almost all databases, be it RDBMS, or columnar database, or even flat files like spreadsheets or csv files. You can even connect to your own custom database via JDBC connection. Further, our database connection can be switched dynamically based on logged in users or its organization or other parameters. So, all your clients can use the same reports and dashboards without worrying about any data security breech.
Our application is compatible with almost all databases, be it RDBMS, or columnar database, or even flat files like spreadsheets or csv files. You can even connect to your own custom database via JDBC connection. Further, our database connection can be switched dynamically based on logged in users or its organization or other parameters. So, all your clients can use the same reports and dashboards without worrying about any data security breech.
Our application can be installed on an in-house server where you have full control of your data and its security. Or on cloud where it is accessible to larger audience without overheads and maintenance of the servers. One solution that works for all.
Our application can be installed on an in-house server where you have full control of your data and its security. Or on cloud where it is accessible to larger audience without overheads and maintenance of the servers. One solution that works for all.
Different companies have different business processes that the existing BI tools do not encompass. Helical Insight permits you to design your own workflows and specify what functional module of BI gets triggered
Different companies have different business processes that the existing BI tools do not encompass. Helical Insight permits you to design your own workflows and specify what functional module of BI gets triggered