Overview
Version
Report Server Version | Function Changes |
V11.0 | / |
Problem Description
When downloading or locally installing a plugin, a pop-up box will prompt you: The signature of the plugin installation package is damaged, which poses a security risk and cannot be installed.
Cause Analysis
To prevent malicious tampering with the code in the plugin package during downloading/local installation, an integrity verification function is provided for plugin installation.
If the plugin integrity verification function is enabled, when downloading or locally installing a plugin from a decompressed/damaged plugin package, this plugin will be prohibited from being installed in the system.
Solution One: Disable the Integrity Verification Function
Application scenario: This solution will disable the plugin integrity verification function of the project, and no plugin installation will be verified. You need to proceed with caution in this chapter.
Introduction: By filling in and modifying the PluginFileValidateConfig.fileValidateOpen field in FineDB, the plugin integrity verification function is disabled. In the second section of this chapter, the solution of modifying the FineDB table field in the platform is used. For details, see FINE_CONF_ENTITY Filling out and Modification.
Creating Data Connection
Log in to the decision-making platform and click Manage > System > General.
If External Database is To be Configured, you can see FineDB Database Introduction for details about FineDB database information.
If External Database is Configured, you can click to view the information of the external FineDB database.
Create a data connection named FineDB, and the database configuration information can be obtained from the context above.
Note: You cannot modify Data Connection Name, otherwise you may not use the template below successfully.
Updating the Field by Filling out the Table
Remotely connect to the project using the designer. Preview the template: finedb field modification.zip
1. Search for the field PluginFileValidateConfig.fileValidateOpen. If it does not exist, click Add Record to add the field.
2. Modify the field value to false.
3. Click Submit.
Restarting the Project
After successfully filling out and submitting, restart the project, and log in to the decision-making platform again to disable the integrity verification function.
Solution Two: Manual Installation
Application scenario: If you need to enable the integrity verification function, but still have to install a plugin whose signature is damaged (such as a customized plugin), you can install the plugin manually.
Introduction: Manually upload the plugin file package installed in other projects to the designated server.
Determining the Plugin Folder
1. The plugins installed in the FineReport Designer are stored in the path %FR_HOME%\webapps\webroot\WEB-INF\plugins.
Note: The folders under the path must be generated by installing plugins in the designer, not the folders obtained by extracting the plugin compression package downloaded from the official website.
2. Open the plugin.xml file under a certain plugin folder to determine the specific plugin.
Copying and Pasting the Plugin File
Copy and paste the folder plugin-com.fr.plugin.mobile.widget.date-10.4.55 from %FR_HOME%\webapps\webroot\WEB-INF\plugins to the path %Tomcat_HOME%\webapps\webroot\WEB-INF\plugins.
Restarting the Project
After manually installing the plugin, you need to restart the report project for the plugin to take effect.
Effect
After restarting, log in to the decision-making platform, click Manage > Plugin, and you can see that the plugin has been successfully installed.
