jasperreports icon indicating copy to clipboard operation
jasperreports copied to clipboard
verified publisher icon TIBCOSoftware

What are the authentication methods supported to access data source URLs?

Open tuspatil1 opened this issue 10 months ago • 4 comments

Hi Team,

We have jasperreports-6.21.3 community edition deployed in our environment & we uses JRXmlDataSource() to access the data source URLs, we would like to understand the authentication methods available for securely accessing data source URLs, such as OAuth, Bearer Token, or Digest Authentication. Could you please provide information on the authentication methods supported by Jasper Studio and the corresponding Jasper APIs?

[Note: We have recently purchased te commercial edition jasperreport-9.0.0 & integration work is in progress]

Thanks, Tushar

tuspatil1 avatar Jan 27 '25 16:01 tuspatil1

The JasperReports Library CE only has built-in support for Basic Authentication for data adapters. As a customer of Jaspersoft, you woud probably be assisted with other types of connecting to remote sources of data for the reports.

teodord avatar Jan 28 '25 12:01 teodord

Just to add more information here about data adapters which retrieve file data (JSON, XML, Excel, CSV, etc) from remote URLs:

They rely on pluggable implementations of the DataFileService and DataFileConnection interfaces, which can be added as extensions to the JRL core engine. You can look at our default implementation of these two interfaces that provide basic authentication functionality and see how these could be used as examples when implementing more sophisticated authentication methods such as those using tokens and/or request headers:

https://github.com/TIBCOSoftware/jasperreports/blob/master/ext/data-adapters-http/src/main/java/net/sf/jasperreports/dataadapters/http/HttpDataService.java

https://github.com/TIBCOSoftware/jasperreports/blob/master/ext/data-adapters-http/src/main/java/net/sf/jasperreports/dataadapters/http/HttpDataConnection.java

In our standard HTTP basic authentication, we pass username and password. But in a custom implementation of your own, you could pass tokens in request headers or others stuff.

teodord avatar Feb 03 '25 13:02 teodord

It's been a while since I last looked at HTTP data adapters, so I took a fresh look and I can tell you that if your method of authentication relies on passing certain headers to the HTTP request (tokens or something), then what you need is probably already possible:

If you create a JSON or XML data adapter file in Jaspersoft Studio, to retrieve JSON or XML data from a remote URL, you'll see that the wizard proposes you to set static request headers or GET or POST parameters. Once you type in a remote URL starting with http:// or https:// the Options button opens a dialog that allows you to introduce such HTTP request specific information.

Image

Image

In addition to this static information that can be stored in the data adapter file itself, request headers can have dynamic values that come from report parameters. This is achieved by marking report parameter definitions inside the JRXML with this configuration property that would cause their value to be injected in the request as request header values:

https://jasperreports.sourceforge.net/config.reference.html#net.sf.jasperreports.http.data.header

I assume that the authentication requiring some UI login screen happens somewhere inside your application, prior to the report execution and thus you obtain a token or something that you than can use to authenticate the data retrieval request. So you can pass that token as report parameter value and thus use it as data adapter HTTP request header value.

teodord avatar Feb 03 '25 18:02 teodord

Also see the the sample reference.

dadza avatar Feb 03 '25 19:02 dadza