I've replaced Jasper default encryption mechanism with md5PasswordEncoder. When I login to JasperServer to edit/add user, the password that I've provided was stored in plaintext.
Thanks for reporting the defect.
The defect has been logged in internal tracker.
This is a fairly major issue, any idea on when this is likely to be addressed?