viewireport Posted July 6, 2010 Share Posted July 6, 2010 Trying to call jasperserver url as http://localhost:8080/jasperserver/flow.html?_flowId=searchFlow&j_username=jasperadmin&j_password=jasperadminIs there a way to encrypt the password when passing it as part of URL query string ? Link to comment Share on other sites More sharing options...
manshack_one Posted September 16, 2010 Share Posted September 16, 2010 I have the same question. I'm calling reports using a window.open from my application. I'd like to just use a simple md5 hash since the event driving the report call is in javascript. Is everyone else passing clear text passwords or have you guys already figured it out? Link to comment Share on other sites More sharing options...
javi_123 Posted September 16, 2010 Share Posted September 16, 2010 I haven't tried it yet but hope this link might help you guys.......http://www.raj2u.net/jasperserver-quick-how-to.html Link to comment Share on other sites More sharing options...
manshack_one Posted September 16, 2010 Share Posted September 16, 2010 From that link (thanks by the way):. How to change password encoding to MD5/SHA?Starting from JasperServer 3.5, the password encryption is enabled by default. Since there are quit number of encoding mechanism available, some of us want to change the default encoding to MD5 or SHA.This might be necessary to follow the organization's standard / policy or to synchronize the user details from other system which store the password in MD5 / SHA. To change the encoding, edit the $JASPER_ROOT/WEB-INF/applicationContext-security.xml, look for "passwordEncoder" bean.Original: <bean id="passwordEncoder" class="com.jaspersoft.jasperserver.api.metadata.common.service.impl.PasswordCipherer" lazy-init="false"> <property name="allowEncoding"><value>true</value></property> <property name="keyInPlainText"><value>false</value></property> <property name="secretKey"><value>0xC8 0x43 0x29 0x49 0xAE 0x25 0x2F 0xA1 0xC1 0xF2 0xC8 0xD9 0x31 0x01 0x2C 0x52 0x54 0x0B 0x5E 0xEA 0x9E 0x37 0xA8 0x61</value></property> <property name="secretKeyAlgorithm"><value>DESede</value></property> <property name="cipherTransformation"><value>DESede/CBC/PKCS5Padding</value></property> </bean>[/code]MD5: <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"> <property name="encodeHashAsBase64"><value>false</value></property> </bean>[/code]SHA: <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.ShaPasswordEncoder"> <property name="encodeHashAsBase64"><value>false</value></property> </bean>[/code]Then, you need to update the password is database according to the new encoding. Below is the sample encrypted password for "mypassword"MD5: 34819d7beeabb9260a5c854bc85b3e44SHA: 91dfd9ddb4198affc5c194cd8ce6d338fde470e2***************************************************************************************Sounds like I need to follow these steps to make it happen:1) change passwordEncoder bean to match MD5 option2) hash my passwords and update the database entries3) in my app use the hashed password in my web service url that pulls the report. [/code]Look ok to everyone else?[/code] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now