palashkaralit Posted March 23, 2012 Share Posted March 23, 2012 Dear ALL,Currently i am trying to integrate Jasper dashboard to my portal application.How can i integrate the dashboard whih i have created in jasper server portal.I did it using iframe from a jsp and called the dashboard using url and passing the authentication. It is resolving the issue but its not secure.URL: http://localhost:8080/jasperserver-pro/flow.html?_flowId=dashboardRuntimeFlow&dashboardResource=%2Forganizations%2Forganization_1%2Fsupermart%2FSupermartDashboard30&viewAsDashboardFrame=true&j_username=superuser&j_password=superuserHow i need to do this without passing the authentication details through url.Please help me.Thanks in advance. Link to comment Share on other sites More sharing options...
mikewoinoski Posted March 24, 2012 Share Posted March 24, 2012 I think the only secure solution is to configure your server for SSL/TLS and use https instead of http. You can get the credentials out of the URL by using Http Basic Authentication instead of the request parameters. That way a browser won't display the credentials in the address bar. But with Basic Auth, the Authorization header that holds the credentials is still passed as clear text. So if you use Basic Auth, you must still use SSL. Link to comment Share on other sites More sharing options...
sprilukin Posted November 29, 2012 Share Posted November 29, 2012 Other suggestion is to add permission for anonymous user to run this dashboard - in this case you do not need to put credentials in url or headers.More details about how to setup such access you can read here Link to comment Share on other sites More sharing options...
mrcaffeine Posted January 11, 2013 Share Posted January 11, 2013 Another option would be to add a single sign on solution where either an external token server such as CAS is used. The External Authentication Cookbook and the Ultimate Guide provide further details. Also, in the wiki you find some more specific examples such as using JBoss SSO etc (see here for full list).You could also consider to implement a custom SSO solution where you pass all relevant user information with each request to JasperReports Server. JasperReports Server translates it into a user object (that knows about roles, permission and tenant information) and allows you to utilize all security features JasperReports Server provides. Link to comment Share on other sites More sharing options...
fran.serrano Posted June 18, 2014 Share Posted June 18, 2014 You can also use the password direclty on the iFrame URL, but first encrypting it.You can enable having an encryption key available on the server, so that you can retrieve it every time you need to authenticate. With this encryption key encrypt the password and it should secure enough to use it on the url.For getting the password encrypted using this encryption key you can also use the available java rest library to communicate with the jasper server:https://github.com/Jaspersoft/jrs-rest-java-client/Hope it helps.Fran Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now