When a user pushes report from Jasperstudio to Jasperserver we will able to see the password of the user who pushes the report into server in Tomcat Logs.Is there any way we can encrypt the password in Jaspersoft studio?
This case has already been logged by us to TIBCO support.
The only suggestion they provided us was to modify the logging formats. Filtering the access log.
Remove %s from the following in server.xml under the tomcat directory
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" startStopThreads="-1"> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b"></Valve> </Host>
Once this is done, instead of logging the clear text password, it will log some id into the logs.