How to Encrypt User Credenatils in the URL, While Jasper Server is Authenticated with some other Application.

Hi Everyone,

           I have Authenticated Jasper server with other Application by using External Pre-AUTH Single Sign On(SSO). where by one click on the Hyperlink the user will Directly navigate to Jasper Server without any Login page. The user in our application and Jasper should be Logged as same. 
For example: If I Login as Testuser1 in our Application then in Jasper Server also I have to Login as Testuser1. The same user should be Logged in in both the Applications. So, By using this External Pre-Aut this is Possible and it is working.

The URL which I am using as a Hyperlink for Jasper Server is having user Credentials in it as shown in below.
[URL: http://17.728.254.172:8082/jasperserver-pro/flow.html?_flowId=homeFlow&p... where I am passing Username and role in the URL

These user Credentials should be Encrypted so that the URL will be more secured. But the Problem here is when I am Encrypting the User Credentials I am able to Login only for Existing user. For newly creating user it is not working and it is Navigating to Jasper Serve Login page which is not the requirement. It means Encryption is only working for Existing User who are present in Jasper Server. For newly creating user it is not working. 

[NOTE: For Encryption I have used AES Encryption method. The URL which I used above is dummy URL.]

Thanks in Advance for all the answers.'s picture
Joined: May 7 2023 - 11:16pm
Last seen: 2 weeks 4 days ago

Thank you for posting to the Jaspersoft Community. Our team of experts has read your question and we are working to get you an answer as quickly as we can. If you have a Jaspersoft Professional Subscription plan, please visit for direct access to our technical support teams offering guaranteed response times.

arai_4 - 4 months 3 weeks ago

1 Answer:

Hi, JasperReports Server (JRS) preAuth token encryption is handled in the first stage when you call a JRS URL with your token in param or header (depends on your configuration). 

When you have encryption in place, JRS will first decrypt your token using your own decryption class, and the results should match the structure of the PP token you've defined in the configuration file. JRS will create and authenticate your user if it's a new user or only authenticate if it already exists. 

It looks to me that you have some miss configuration in your security set up, please make sure you followed the following link to make sure your set up is correct : 

Dr. Jaspersoft PreAuth session: Tag : Encryption code example

Working Github sample of encryption 

bdraifi's picture
Joined: Mar 17 2020 - 11:53am
Last seen: 1 week 3 days ago