Issue:
How to disable the password memory stored in the browser so that users' passwords should not be stored or filled in automatically by the browser.
Solution:
The server administrator can set autoCompleteLoginForm to false (the default value is true) in the following server configuration file:
.../WEB-INF/jasperserver-servlet.xml
<property name="autoCompleteLoginForm" value="false"/>
followed by a restart of the TIBCO JasperReports® Server.
To validate the effect of the change, right click on the TIBCO JasperReports® Server login page and click "View page source" and locate the following section:
<form id="loginForm" method="POST" action="j_spring_security_check" autocomplete="off"
which contains the autocomplete="off" HTML attribute.
As per the TIBCO JasperReports® Server Security Guide, under section "Configuring Password Memory", it states:
"JasperReports Server can send the property autocomplete="off" to indicate that its users’ passwords should not be stored or filled in automatically. This helps to ensure that your users don't store their passwords. Actual behavior depends on the browser settings and how the browser responds to the autocomplete="off" property."
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now