保护 BIRT 的报告 [英] Protect BIRT's report

问题描述

我可以阻止用户从我建立的网站打开 BIRT 报告.但考虑到报告的链接仍在浏览器的历史记录中，这台计算机上的任何用户仍然可以通过调用历史记录中的链接来打开报告.

I can prevent users opening BIRT report from website that I built. But considering the report's link still in browser's history, any user from this computer still able to open the report by calling the link from history, for instance.

如何防止BIRT的报告链接在用户关闭报告后停留在浏览器中?所以打开报告的唯一方法是从网站上.

How to prevent the link of BIRT's report stays in the browser, after user close the report? So the only way to open the report is from the website.

或者也许有人有其他更好的方法来实现相同的目标?就像在 BIRT 中显示用户名和密码一样，用户才可以使用报表参数?

Or maybe someone has other better method to achieve the same goal? Like showing a user name and password in BIRT, before user can use the report parameter?

推荐答案

使用密码参数的最简单方法.

The easiest way to use a password parameter.

select <feilds>


Where 'password' = ?

使用文本框参数，当用户运行报表时，他们在文本框中输入密码"，否则 SQL 不会返回结果.

Use a text box parameter, and when the user runs the report they enter "password" in the text box or the SQL does not return results.

SQL 不区分大小写，因此您的密码不区分大小写.这也是一种非常低的安全措施.只适合防止随意访问.

SQL is not case sensitive so, your password would not be case sensitive. Also this is a very low security measure. It is only appropriate to prevent casual access.

JavaScript 区分大小写，因此您可以编写一些内容(例如查询的过滤器)，其中 Pa$$worD 位于 JavaScrip 变量中，并与区分大小写的变量进行比较.

JavaScript is case sensitive, so you could write something (like a filter on the query) where your Pa$$worD is in a JavaScrip variable and compare to that for case sensitivity.

开源BIRT 并非旨在提供对数据的安全"访问.如果您必须提供数据的真正安全性，则需要在客户端访问 BIRT 之前完成.

Open source BIRT is not intended to provide "Secure" access to data. If you must provide real security of the data, you need to do it before the client has access to BIRT.

这篇关于保护 BIRT 的报告的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！