My team is developing a web application that uses JasperReports Server (AWS) and Visualize.js to display data visualizations to our customers within our application. One of the key components with this setup is the JRS authentication that must happen with Visualize.js on our frontend when a user attempts to view embedded reports. The documentation available for Visualize.js consistently mentions three methods: Plain text credentials, SSO Tokens, and Login Hooks.
Our goal is as follows: When Visualize.js attempts to authenticate a user, we want to ensure that the username and password being sent to JRS actually belong to the user making the request. This requires that a request be made to our web application.
Is anyone aware of documentation that further explains how this authentication method works? Specifically, we are hoping to understand definitively:
1. Can the URL of the custom login function point to our web application’s server (such as http://our-web-application.com/jrs-authenticate) or can it only point to JRS (such as http://my.jasperserver.com/customLogin, shown in the documentation)?
2. If our only choice is a URL pointing to JRS (such as http://my.jasperserver.com/customLogin), is there documentation that details how to create such a custom login function?