Hello JasperSoft-Community,
i'm working on the encryption of the password which is sent to the jasperserver login. i've read the documentations how to use it and also how the settings in the config-file have to be (is use the dynamic key setting).
First when i want to get a report from the server, i start a method which gets the encryption key with the "localhost/GetEncryptionKey" and encrypt the password with bouncy castle for C#.
Here's the code i use for encryption (in C#, baseurl is a string: "http://localhost/jasperserver"):
public string Authenticate(string username, string password)
{
bool encryptedAuthentification = false;
string uriS = String.Format(baseurl + "/GetEncryptionKey");
Uri uri = new Uri(uriS);
HttpWebRequest request = (HttpWebRequest)WebRequest.CreateHttp(uri);
request.Method = "GET";
request.CookieContainer = cookies;
string responseContent = "";
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
if (_returnCodes.ContainsKey(Convert.ToInt32(response.StatusCode)))
{
if (_returnCodes[Convert.ToInt32(response.StatusCode)] == "ok")
{
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
{
while (!reader.EndOfStream)
{
responseContent += reader.ReadLine() + "\n";
}
}
if (!responseContent.Contains("Error: Key generation is off"))
{
encryptedAuthentification = true;
}
if (encryptedAuthentification)
{
//encrypt password
BufferedAsymmetricBlockCipher abc = new BufferedAsymmetricBlockCipher(new RsaEngine());
string nString = responseContent.Split(',')[2].Split(':')[1].Replace("\"", "").Replace("}", "").Replace("\n", "");
string eString = responseContent.Split(',')[1].Split(':')[1].Replace("\"", "");
string maxdigitsStirng = responseContent.Split(',')[0].Split(':')[1].Replace("\"", "");
byte[] input = Hex.Decode(password);
int maxD = Convert.ToInt32(maxdigitsStirng);
BigInteger e = new BigInteger(eString,16);
BigInteger n = new BigInteger(nString, 16);
RsaKeyParameters rsak = new RsaKeyParameters(false, n, e);
byte[] cipherText = new byte[128];
abc.Init(true, rsak);
abc.DoFinal(input, cipherText, 0);
string base64PW = Convert.ToBase64String(cipherText);
password = base64PW;
}
}
else
{
throw new WebException(_returnCodes[Convert.ToInt32(response.StatusCode)]);
}
}
else
{
throw new WebException("unknown response status code.");
}
return password;
}
after that i save the new password in a string-variable and use it in a new request in which i want to login. Here's the code (also in C#, newPW is the encrypted password):
string uriS1 = String.Format(baseurl + "/login.html?j_username={0}&j_password={1}", user, newPW);
Uri uri1 = new Uri(uriS1);
HttpWebRequest loginRequest = (HttpWebRequest)WebRequest.CreateHttp(uri1);
loginRequest.Method = "POST";
loginRequest.CookieContainer = cookies;
HttpWebResponse loginResponse = (HttpWebResponse)loginRequest.GetResponse();
And here's the problem. the response of this request gives me the following uri: "http://localhost/jasperserver/login.html?error=1". This means that the login has failed.
I'm new to the Jasperserver so my Question is:
Can someone explain to me how i login correctly with the encrypted password because i'm desperating here :) Also i don't know extactly wether the problem is the HttpWebRequest or the problem is the encryption itself and the password is wrongly encrypted.
I hope someone can help me or got the same problem and found a solution for it.
PS: sorry for bad english
