barkoco

So I've scoured the net (best I can) for any examples of javascript or PHP that encrypt a password with an RSA public key using the Bouncy Castle provider (RSA/NONE/NoPadding algorithm). The samples from the install don't work (at least I couldn't get them to - encrypt.js, encrypt.html, etc). The code has to work with JRS 5.5.0 CE server encryption. I have turned on dynamic key encryption, so will be getting public key before every http call and encrypting the password before sending to server. Ironically, I can send plain text passwords just fine, so I guess dynamic key encryption has a fallback and works with plain text too. In addition to any code examples, does the client have to base64 encode the encrypted password before sending it? The SOAP docs mention encoding the userid and password, but not the REST docs. This topic seems to be a guarded secret to those learning how it works. Lots of online postings, but very little working assistance. My client app is PHP, so that is easier to integrate, but can use javascript also. Will be very grateful for either one. Thanks in advance. Chris

Thanks for your reply hozawa. I'm running CE 5.5.0. Someone else installed the server, so not sure if war was installed. I did change allowUserPasswordChange = "true", which shows the password change link on the login page. I tried changing the password again via the Manage Users page, no luck. Same error as before. But, I tried changing the password via the login page (using the new link), and it worked. So something must be different between the two screens. Thanks for your assistance. Any advice on my other problem with encrypting data (see posting)?

I've searched the web for examples and found many, BUT they don't fit the default Jasper settings on the server side (Bouncy Castle provider with the RSA/NONE/NoPadding algorithm). So, calling getEncryptionKey the server passes the RSA public key (in JSON format). That's easy. Now is there a javascript library to input the received modulus and exponent to encrypt string data that matches the server encryption settings (mentioned earlier)? I've tried jCryption and a handful of other custom RSA libraries, but no luck. I thought about using PHP security functions/libraries as plan B (might work, might not). Does anyone have a working example (from the client side)? Much appreciated. I've learned more about encryption in the past week than ever before...not a bad thing I guess.

I cannot change the default password for jasperadmin using the Manager Users interface. When entering the new password and confirming it, I get the following error: "Expected a decrypted password in request attribute, but found none" I am entering a new clear text password. I do have dynamic key encryption enabled (although doesn't seem to work - that's another thread), and login with the unencrypted passwords successfully. So how can the jasperadmin user password be updated? Thanks. Chris