How to disable SQL security validation in Unified Reports

Document ID : KB000034669
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction

Certain queries will work in iReport but will not work in Unified Reports. ?This is due to Unified Reports performing a SQL security validation on the SQL code and rejecting certain SQL commands for security reasons. ?This helps to prevent tampering via malicious SQL embedded into the reports.

Checking the jasperserver.log file will reveal errors similar to the following error:
2015-10-19 13:31:59,397 ERROR Validator,pool-32-thread-2:493 - Invalid SQL:An error has occurred. Please contact your system administrator.?

The security checks can be disabled to allow more flexibility in the commands being used.




Procedure

Log into the UMP server
Open security-config.properties in an editor.
On Windows systems, the default location will be?C:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\jasperserver-pro\WEB-INF\classes\esapi
On Linux systems, the default location will be /opt/nimsoft/probes/service/wasp/webapps/jasperserver-pro/WEB-INF/classes/esapi

Locate?security.validation.sql.on
Change true to false
Restart wasp