We installed a new version of Jasper Server Community Edition (v64.3) coming from an obsolete version (v3.7). We noticed that the password of users have already been obscured. I want to know what mechanism were used from password protection? What type of encryption?
Thanks @hozawa for getting back with me. The one you sent is used to encrypt passwords in configuration files.
I used your reference, though, to check for v6.4.X series and it lead me to this article: https://community.jaspersoft.com/documentation/tibco-jasperreports-serve.... There's a part there for cipher transformation. It is the one used to encrypt user passwords in the DB.
Thanks a lot!
To enable encryption, check section 5. Password encryption in the JasperReports Server installation manual
The default_master.properties file has a property setting to enable encryption of passwords that reside on the file system. This applies to all files found under the buildomatic folder, as well as the connection pooling file used by Apache Tomcat (context.xml). Currently, password encryption for connection pooling supports only the Tomcat application server.
To enable encryption on the file system, uncomment the encrypt property so it looks like this:
Thanks for your responses @elizam and @hozawa. But what I mean is something like the below.
In version 3.7, the password of a user can easily be retrieved in the Users module using Developer Tools in Chrome as seen below.
In version 6.4.3, this is no longer available.
Also, if you check the DB entries for the users, the password stored there is encrypted as well. I'd like to know the encryption mechanism.
Not sure if this is what you're asking for but if you look at default_master.properties file, there's something like the following line. This is the default.
JasperReports Server is using Spring Security. Have you checked the following manual?