Report URL with Secured Parameter

i have report url like below:




but the parameter userid  is used inside the report as a input control which is not visible..

we need the paramerter value nithi as secured one.. . where user cannot predict the userid.

the value of the parameter userid will be changed dynamically

Is there any encoding or encryting that jasper supports for url parameter or to handle encryted valued in ireport >

Please help.



nithyanand11's picture
Joined: Jul 19 2010 - 12:11am
Last seen: 9 years 1 week ago

2 Answers:

Have you found a solution? I am facing to the same problem



paris11's picture
Joined: Oct 1 2008 - 8:09am
Last seen: 1 year 1 month ago

You should make the application that embeds the report generate a temporary token in your database, and then pass it in the url. Afterwards, the report could check that the security token exists in your database. After some time or when the user session ends, the token would be deleted.

Another easier but less secure option would be having your application "encrypt" the parameter using some algorithm, and then have your reports decode those encrypted parameters. The issue with this is that the encrypted parameter would always be the same, which is another potential security risk if the users learn how to exploit it.

ftama7's picture
Joined: Jun 26 2013 - 8:28am
Last seen: 7 years 10 months ago