Force Datasource Password Prompt?

[mcclellc]

JasperServer doesn't appear to comply with our enterprise security standards because it is necessary to save the connection password for a datasource in the Jasper Server repository. Our requirements are to always prompt for the database password, even while developing against some test databases. Is this possible?

I realise that the passwords are encrypted, but so far saving encrypted passwords is not an approved practice. My workaround right now will be to manually delete the password from the Jasperserver Mysql repository database before I walk away from the terminal, then reconfigure the datasource when I come back ...

[mdahlman]

Hmm... if you think this feature is important, I think you'll need to log an ehancement request for it. Currently there is no way to force JasperServer to prompt you for the data source password each time you use the data source. It would be possible to do this with a parameter and a custom data source, but it would be a lot of work.

It's a valid request, but it seems unusual. Typing in the password everytime you test a report would drive me crazy. And in production it's worse: normally end users running the reports should not know the password to the data source they are accessing. Generally the web application will pool connections for better performance. That can't be done if each execution of the report has to create a new connection.

Regards,
Matt

[huwtrimet.org]

I think you can.

 

1. Create a subreport

2. Main report's subreport properties, use Connection/Data Source Expression like below:

java.sql.DriverManager.getConnection("jdbc:oracle:thin:@//XXXXXX:1521/XXXX", "username", $P{param_password})

3. Make a Parameter "param_password" and set to always prompt

 

I have tested it works...