Digital Signature Authentication

  • Last update:September 19, 2025
  • Overview

    Version

    Report Server Version
    11.0

    Application Scenario

    When the admin needs to share reports with external users and wants to ensure that the report data is not leaked:

    The admin can set a digital signature and a validity period. Through the URL and digital signature, users can view the report within the specified validity period.

    Without a digital signature or after the signature expires, the viewing link becomes invalid to ensure security.

    Function Description

    (1) The access to the template will be allowed only after the legality of the signature information is authenticated through the digital signature. Otherwise, an error will be returned indicating no permission to access the template.

    (2) When accessing the Types of Template Preview, you need to add the suffix &fine_digital_signature=value to the URL.

    功能简介.png

    Enabling Digital Signature Authentication

    Obtaining the fine_digital_signature Value

    Obtain the fine_digital_signature value of the corresponding digital signature key. This section takes the GettingStarted.cpt template as an example.

    (1) You need to prepare the Java environment and IDE tool in advance and create a Java file, and import multiple JAR packages from %FR_HOME%\webapps\webroot\WEB-INF\lib into the newly created project, as shown in the following figure.

    The JAR packages that need to be imported include: fine-core-11.0.jar, fine-third-11.0.jar, fine-accumulator-11.0.jar, and fine-cbb-11.0.jar.

    获取 fine_digital_signature 值-1.png

    (2) Copy the code into the newly created file, modify the template that needs digital signature authentication, and customize the digital signature key, as shown in the following figure.

    iconNote:
    The value of path is the template path, a relative path, in the form of doc/xx.cpt; the value of key is the digital signature key. These two values will be used in the section "Platform Setting" of this document.

    获取XXX-2.png

    The code is as follows:

    import com.fr.cert.token.JwtBuilder;
    import com.fr.cert.token.Jwts;
    import com.fr.cert.token.SignatureAlgorithm;
    import java.util.Date;
    public class test {
        public static void main(String[] args) {
            //Validity period for the digital signature (in milliseconds)
            long validTime = 30 * 60 * 1000L;
            //Content of the digital signature, which is the relative path for accessing the resource 
            String path = "GettingStarted.cpt"; //Change this parameter to the path of the template that requires digital signature authentication, which is a relative path, for example, doc/xx.cpt.
            String key = "123456"; //Digital signature key, which can be customized
            //Generate fine_digital_signature
            String fine_digital_signature = createJwt("", "", path, validTime, key);
            //Output fine_digital_signature
            System.out.println(fine_digital_signature);
        }
        private static String createJwt(String issuer, String id, String subject, long validTime, String key) {
            //Used to generate the digital signature, that is, the value of the parameter fine_digital_signature
            SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
            Date currentTime = new Date();
            Date expirationTime = new Date(currentTime.getTime() + validTime);
            JwtBuilder builder = Jwts.builder()
                    .setIssuer(issuer)
                    .setSubject(subject)
                    .setIssuedAt(currentTime)
                    .setExpiration(expirationTime)
                    .setId(id)
                    .signWith(signatureAlgorithm, key);
            return builder.compact();
        }
    }

    (3) Run the test file and obtain the fine_digital_signature value of the digital signature key, as shown in the following figure.

    获取XXX-3.png

    The value of the running result will be used in the section "Effect Display" of this document.

    Platform Setting

    Log in to the decision-making system as the admin, chooses System Management > Template Authentication, and enters the key value in the Digital Signature Key input box, as shown in the following figure.

    平台设置.png

    Effect Display

    Directly access the Types of Template Preview. The example link for this document is: http://localhost:8075/webroot/decision/view/report?viewlet=GettingStarted.cpt. A prompt indicating no permission is displayed, as shown in the following figure.

    效果预览.png

    Add the parameter &fine_digital_signature=value to the end of the URL, where value is the data obtained by running the Java file in the section "Obtaining the fine_digital_signature Value" of this document. Now, the template can be viewed normally, as shown in the following figure.

    效果预览-2.gif

    Notes

    Digital Signature Authentication Not Required for Previewing Templates in the Remote Design Mode

    To facilitate template creation, when the designer remotely connects to a remote server with digital signature authentication enabled, previewing the template does not need digital signature authentication.

    (1) In the remote design mode, a user can directly preview the template effect by clicking the preview button on the designer, without the need for digital signature authentication.

    (2) After a user exits the remote design mode, the template cannot be directly previewed through the template preview URL anymore. In this case, the digital signature must be authenticated for the user to preview the template.

    Hiding the Digital Signature Authentication Function

    The super admin wants to enable the template authentication function for the sub-admin, but does not want the sub-admin to use the digital signature authentication function.

    In this case, the super admin can hide the function through the fine_conf_entity visualization configuration plugin. The settings take effect after the server is restarted.

    iconNote:
    For details about modifying field values in tables of FineDB databases, see FINE_CONF_ENTITY Visualization Configuration.

    Configuration Item

    Modification Rule

    TemplateAuthConfig.digitalAuthAvailable

    The parameter values are as follows, and the default value is true.

    false: The admin cannot use the digital signature function under Template Authentication.

    true: The admin can use the digital signature function under Template Authentication.

    After the admin changes the value of the configuration item TemplateAuthConfig.digitalAuthAvailable to false, and restarts the server, when the admin chooses System Management > Template Authentication > Permission Configuration, the admin will find that Authenticate Digital Signature is hidden.

    iconNote:
    Before hiding Authenticate Digital Signature, do not set Authentication Method to Authenticate Digital Signature. Otherwise, the authentication will still be effective after Authenticate Digital Signature is hidden.

    屏蔽数字签名认证功能.png

    Failure of Viewing the Decision-Making System Homepage

    Problem description & cause analysis:

    When Template Authentication is enabled:

    (1) Template authentication is not required when users view directory templates on the decision-making system.

    (2) Template authentication is required when users view homepage templates on the decision-making system.

    If template A is mounted on the homepage, a user cannot view the homepage if the user does not have the template authentication permission of template A. A prompt will be displayed: No permission to access this page. To access, please contact the administrator.

    决策平台首页无法查看.png

    Solution:

    (1) Directly disable digital signature authentication for the corresponding template in Template Authentication, and then mount the corresponding template through the homepage configuration page.

    (2) Use a link on the homepage to mount the template: URL of the template + Parameter & fine_digital_signature=value.

    The value is the digital signature generated by the key, not the key itself. For the method to obtain it, see the section "Obtaining the fine_digital_signature Value" of this document.

    Attachment List


    Theme: Decision-making Platform
    Already the First
    Already the Last
    • Helpful
    • Not helpful
    • Only read

    滑鼠選中內容,快速回饋問題

    滑鼠選中存在疑惑的內容,即可快速回饋問題,我們將會跟進處理。

    不再提示

    10s後關閉

    Get
    Help
    Online Support
    Professional technical support is provided to quickly help you solve problems.
    Online support is available from 9:00-12:00 and 13:30-17:30 on weekdays.
    Page Feedback
    You can provide suggestions and feedback for the current web page.
    Pre-Sales Consultation
    Business Consultation
    Business: international@fanruan.com
    Support: support@fanruan.com
    Page Feedback
    *Problem Type
    Cannot be empty
    Problem Description
    0/1000
    Cannot be empty

    Submitted successfully

    Network busy