How do we encrypt the passwords of the Data Adapters and server connections?
We would like to generate the export files (NO passwords in clear text) to transport them to another machine.
Release :Jasper Server and Jasper Studio
It is not possible to encrypt the password for the datasource for the reasons explain bellow:
The Jasper Reports use Eclipse secret storage in JSS in order to be able to use passwords and not expose them, to avoid users fill the password every time needed.
Basically, in data adapter we store a key in this case, a key will be used to get the password from the storage.
A user may have copied a data adapter, in the password field there is a key which is not useful. And this is good, this means, one cannot get the password, so it's secure. This is his data adapter he should know the password.
There are 2 additional scenarios that we might need to consider:
What happens if we want to publish the adapter to another system like JRS?
There is no algorithm defined right now, we'll copy the adapter as is, user will have to change the password on JRS manually. Because, if we are working in secured environment we should not expose password in any way.
What happens if we want to publish the adapter to another JSS?
User will copy the adapter as is, no clear text password. On the target JSS, user should activate secure storage and safely, manually rewrite the password. Each JSS has its own secure storage with own key/values, own password to access the storage.