For projects, using Jaspersoft Server community edition is secure or not


For projects, using Jaspersoft Server community edition is secure or not.

Because I was trying "Login" Rest API  service through POSTMAN and I just passed username without password but still I am able to login & can access the reports using "Report" Rest API call.

Should we change something default settings manually in the internal files to make it secure or what is the solution for this.

Please let me know about how to make it secure.

vvenkatkarthikk's picture
Joined: Apr 24 2019 - 2:22am
Last seen: 3 years 1 week ago


Thank you all for the inputs.

Yes it was session related issue. As per the API doc I should get a session ID after successfull login. But, I'am not getting any session ID.

Thanks in advance.

vvenkatkarthikk - 3 years 3 months ago

3 Answers:

You might be authenicated already. You using the plugin to the browser ? If you have another tab open in same browser instance where you are already sign into jasper your request will work. 
Try to sign out of jasperserver and then request again. 
I made use of my postman app and I simulated put request with same setup as yours and it failed. If sign into jasper in browser or not. 
If I use plug in, then it works. 
Same with R client.  

joseng62's picture
Joined: Dec 5 2014 - 2:43am
Last seen: 9 months 2 days ago


You are more than likely already logged in. More information on authentication can be found here:



pjimenez_2's picture
Joined: Oct 26 2016 - 11:39am
Last seen: 22 hours 35 min ago

Sessions being shared along tabs are features of the web browsers and is not just with JasperReports Server.


hozawa's picture
Joined: Apr 24 2010 - 4:31pm
Last seen: 3 years 2 months ago