Is it possible to add api for password encryption when logging in jasper server about jrs-rest-java-client HOT 10 CLOSED

Not sure what you are asking. DO you want to know if you could find out whether JasperReports Server is accepting encrypted password at login? If that's the case you can send a request to /GetEncryptionKey servlet. If it comes back with an error, login encryption is off. Otherwise, it will send you a key.

from jrs-rest-java-client.

that's what i want. So will this api handle this case automatically? Does it provide some method to access GetEncryptionKey ?

from jrs-rest-java-client.

Not sure what api you are talking about.  You just call host:port//GetEncryptionKey after you are authenticated. If a key is returned, the server expects encrypted password;  otherwise, if an error is returned,  login password encryption is turned off. 

Dmitriy

-------- Original message --------
From: TestOverload [email protected]
Date: 02/22/2014 9:27 AM (GMT-06:00)
To: Jaspersoft/jrs-rest-java-client [email protected]
Cc: dilit [email protected]
Subject: Re: [jrs-rest-java-client] Is it possible to add api for password encryption when logging in jasper server (#1)

that's what i want. So will this api handle this case automatically? Does it provide some method to access GetEncryptionKey ?

—
Reply to this email directly or view it on GitHub.

from jrs-rest-java-client.

After turning on log-in password encryption in jasper server, i have tried to use jrs-rest-java-client to get a report from local jasperserver (like Code(1)), but it return status code 401 and no input stream return.

Also I have tried another raw method, using Jersey2 lib to access GetEncryptionKey to encrypt my password then log-in successfully. After setting a session id to cookie from a response when GetEncryptionKey, a report can be requested from jasperserver successfully.

So I guess the library jrs-rest-java-client may not check log-in password encryption is enabled in jasper server before log-in or executing a run like
OperationResult result = client
.authenticate("jasperadmin", "jasperadmin")
.reportingService()
.report("/reports/samples/Cascading_multi_select_report")
.prepareForRun(ReportOutputFormat.HTML, 1)
.parameter("Cascading_name_single_select", "A & U Stalker Telecommunications, Inc")
.run();
Code(1)

I want to use jrs-rest-java-client to do some operations. Since jasper server need session id to identity and maintain a connection, i have no idea to pass the session id to the library after log-in, Then my program cannot continue to get report....

So My question is how to fix this issue. Can this library handle this case?

Thanks

from jrs-rest-java-client.

run rest service call (old rest service, not rest_v2)
/rest/GetEncryptionKey - Get Public Key
Encript the password with algorithm:

public String getEncryptedPassword(PublicKey publicKey, String originalPassword) throws Exception {

    Cipher enc = Cipher.getInstance("RSA/NONE/NoPadding");

    //Encryption
    enc.init(Cipher.ENCRYPT_MODE, publicKey);

    String utfCePass = URLEncoder.encode(originalPassword, CharEncoding.UTF_8);

    byte[] encryptedUtfCePass = enc.doFinal(utfCePass.getBytes());

    return byteArrayToHexString(encryptedUtfCePass);
}

Put this encripted password to chain:
".authenticate"

GetEncryptionKey is not implemented in this rest java client library yet.

from jrs-rest-java-client.

Thanks for your response. I will try it.

from jrs-rest-java-client.

/rest/GetEncryptionKey should actually work even before authentication. Sending this request url to the server will tell you whether the server accepts encrypted or plain text passwords.

from jrs-rest-java-client.

Resolved

from jrs-rest-java-client.

I am stuck at this as for now. What i am not getting is. Do i have to write a service for it or i have to just enable the service in JasperServer and hit that?

from jrs-rest-java-client.

This library automatically encrypts your password before send it if encryption is on, so to authenticate you need just specify login and password (not encrypted) in authenticate() method.

I found in documentation sentence above. Please tern password encryption on (on a server) and try to use client as usually (with not encrypted password). It should work for you. If not - please reopen this issue.

from jrs-rest-java-client.