For projects, using Jaspersoft Server community edition is secure or not.
Because I was trying "Login" Rest API service through POSTMAN and I just passed username without password but still I am able to login & can access the reports using "Report" Rest API call.
Should we change something default settings manually in the internal files to make it secure or what is the solution for this.
Please let me know about how to make it secure.
You might be authenicated already. You using the plugin to the browser ? If you have another tab open in same browser instance where you are already sign into jasper your request will work.
Try to sign out of jasperserver and then request again.
I made use of my postman app and I simulated put request with same setup as yours and it failed. If sign into jasper in browser or not.
If I use plug in, then it works.
Same with R client.
You are more than likely already logged in. More information on authentication can be found here: