Jump to content
We've recently updated our Privacy Statement, available here ×

  • Getting "Invalid Credential" When Trying to Login to TIBCO JasperReports®​​​​​​​ Server 7.5 in a Two Nodes Server Farm Deployment

    Tom C

    By Tom C

      • Features: JasperReports Server, Repository Version: v7.5 Product: JasperReports® Server
     Share

    Problem

    User has reported that they are having problems logging into TIBCO JasperReports® Server 7.5 web application from a two node server farm deployment. Both nodes are connected to a single JasperReports® Server 7.5.0 repository database. While from one node user is able to login it is failing from another node using the same credential. If the user changes the password from one node, only that node will allow the user to login. The other node that was working will fail the login after the password change with a "Invalid Credential" error.

    Cause

    In the pre version 7.5.0 implementation, all JasperReports Server installations will share the same keystore by default to encrypt and decrypt password content stored in the JasperReports Server repository database. JasperReports Server instances running in different server nodes can access password information in a shared repository without problems.

    Starting in version 7.5.0, JasperReports Server is implemented with a server specific keystore to encrypt password information in repository resources. If users have two server nodes serving JasperReports Server 7.5.0, the keystore encryption will be different by default among those two nodes. Therefore, in a JasperReports Server 7.5.0 server farm deployment where multiple server nodes share the same repository, those JasperReports Server 7.5.0 instances must use the same keystore in order to correctly encrypt and decrypt resource password content from that shared repository. Otherwise, only the JasperReports Server node that most recently created/updated a password encrypted and stored in the shared repository will be able to decrypt that password content to correctly authentical an access request.

    Solution

    Users need to make sure the content of the following two files (under Linux root or Windows Users{user} root) are identical in all JasperReports Server 7.5.0 server deployments in a server farm sharing a single repository:

    • .jrsksp
    • .jrsks

    Users can simply copy those files from the JasperReports Server deployment that was used to set up the repository DB during the installation and replace those files in another deployments in identical location.

    References

    Please refer to this wiki article for the thorough explanation of this JasperReports Server 7.5.0 encryption implementation and use case scenarios dealing with the deployment issues:

    Additional information from the following customer wiki postings are also helpful to further detail the implementation:

    TTC-20200827 

     Share
    Go to entries

    User Feedback

    Recommended Comments

    chandhar786

    Steps:

    1. Installed on first server with js-install.bat minimal.

    2. copied .jrsksp and .jrsks files on second server user home.

    3. installed on second server with js-install minimal and skip the option of recreating database.

    4. started tomcoat on 2nd instance and it still give following error in webapp jasperserver.log

    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mtDaoAuthenticationProvider' defined in ServletContext resource [/WEB-INF/applicationContext-multiTenancy.xml]: Cannot resolve reference to bean 'passwordEncoder' while setting bean property 'passwordEncoder'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'passwordEncoder': Unsatisfied dependency expressed through field 'keystoreManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'keystoreManager': Invocation of init method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.jaspersoft.jasperserver.crypto.KeystoreManager]: Please make sure that `create-keystore` was executed; nested exception is java.lang.RuntimeException: KeystoreManager was never initialized or there are errors while instantiating the instance.
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:359)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:108)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1533)
        at org.spri

    Link to comment
    Share on other sites
    Tom C

    You need to make sure the keystore files in the directory are accessible by the user running the web app process. Or you need to move the keystore to a location that permits such access. Please refer to the following wiki article on how to update keystore files to make the keystore relocation work.

    https://community.jaspersoft.com/wiki/encryption-jasperreports-server-75#Updating_Keystore_files

     

    Link to comment
    Share on other sites


    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore