tlsilcankln Posted June 1, 2016 Share Posted June 1, 2016 I have installed a jasper server ce 6.2.1 and now want to use the ldap to synchronize windows AD users. but the setting in default_master.properties will expose the windows user and password. found some documentation on jaspersoft community that "Passwords in configuration files are encrypted during JasperReports Server installation." My question is : is it possible to add password encryption protection to my jasper server after installation ? thanks! Link to comment Share on other sites More sharing options...
hozawa Posted June 1, 2016 Share Posted June 1, 2016 I'm not sure if this will answer your question but you can try installing another instance on the same server with encryption on. Note, that encryption will not only encrypt the buildomatic configuration file but also context.xml file as well." All subsequent JasperReports Server installations on the same server rely on the same keystore; they don't regenerate the key."http://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v610/encrypting-passwords-configuration Link to comment Share on other sites More sharing options...
tlsilcankln Posted June 1, 2016 Author Share Posted June 1, 2016 what is the purpose of installing another instance ? to reuse the existing repository and all reports and resources ?rather than installing another instance, can I export everything to zip file using the manage > server setting > export feature and then uninstall the server and re-install it with encryption turn on ?all my purpose is to avoid exposing the windows user and password for ldap setting. thanks Link to comment Share on other sites More sharing options...
hozawa Posted June 1, 2016 Share Posted June 1, 2016 Yes. Re-installing would be easier. I just thought you wanted to use the current installation. In that case, just install another instance and copy the encrypted files over the the current installation. Link to comment Share on other sites More sharing options...
tlsilcankln Posted June 3, 2016 Author Share Posted June 3, 2016 thanks. re-installing seems to be easier. Modify default.master.properties's property encrypt=true prior to installation (build from source) can archieve obfuscating plain text password in ldap config file sampleapplicationContext-externalAuth-LDAP.xml but what are the steps to maintain the credentials for password change ?i.e. in the applicationContext-externalAuth-LDAP.xml :<bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="${external.ldap.url}" /> <property name="userDn" value="${external.ldap.username}" /> <property name="password" value="${external.ldap.password}"/></bean> the default_master.properties file containsexternal.ldapUrl=ldap://hostname:389/dc=example,dc=comexternal.ldapDn=cn=Administrator,dc=example,dc=comexternal.ldapPassword=password my problem is that if there is password change after installation, how to update the default_master.properties file.can the buildomatic script run again to encrypt the changed password in plain text in default_master.properties file over an existing installation and just restart the server after build ? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now