Access jasper reports with URL authentication and remove jasper decoration for better integration

To give you some context recently while working on a new small project I needed to include a few Jasper Reports that where hosted in a Jasper Serverrepository. The main requirement was to include these reports in a lightweight application without the JAVA stack but using only HTML+JavaScript

To my knowledge there are 3 ways to accomplish this :

  1. Allow anonymous access to a given URL pattern (I had some troubles working with this approach)
  2. Use Jasper's REST APIand authenticate through it (probably the cleaner way)
  3. Provide credentials in the URL (quick and dirty) :)

For reasons outside the scope of this article I had to use the 3rd option and provide the credentials in the URL.

Note : This is not a clean way to access the repository (especially as you may see the username and password are clear text) but sometimes there no way around it

Jasper server uses spring under the hood to provide authentication/authorization so you can use the standard Java authentication mechanism, which basically consists in providing the following parameters in the URL :

  • j_username
  • j_password
  • j_acegi_security_check (this one is optional depending on the Jasper Server version)

If your Jasper Server is configured using an organization you will need to provide it as long with your credentials using the special syntax j_username=myUsername|myOrganization

So for example if the base url for your report is the following :


And your credentials are :

  • username : jasperadmin
  • organization : myOrg
  • password: jasperadmin

Your URL will become :


One last thing.By default when showing a report you will get all of Jasper Server decoration around it (menubars, links, etc.) you can get rid of this by appending the one of following parameters to the URL (please note that parameters are not the same depending on which version of Jasper you are using : Community or Corporate)

  • Remove jasper decoration in community version : &decorate=no
  • Remove jasper decoration in corporate version : &theme=embed&viewAsDashboardFrame=true


  1. Hi,

    Im kinda new to jasper and this helped me alot..i used the additional parameter to remove decoration but how could i still make it possible to export pdf,csv and other format..would it be possible?

  2. Great info! Thanks, this will help immensely in making the inclusion of Jasper Reports in our application appear seamless.

    1. Hi, thanks for the feedback and good luck with your integration!

  3. Hi ,I'm working with jasper server 5.6.1.I'm doing token authentication and it works.How can i call report using url by using token ?

  4. Hi,
    I never used token based authentication with Jasper, but in this url :

    It is mentioned that the server looks for a principalParameter in the URL or the HTTP Request, have you tried passing your token as the value for that parameter?

  5. Hi Ulises,

    I would like to ask:

    1. Is it possible to pass a dataSource to report through URL parameter?

    2. How to pass a parameters for encoding and report's format (.pdf, xlsx, ..)?

  6. tx a lot... :)
    this article is very helpfull

  7. Hi !
    When I export as pdf, in IE it always shows file name "flow.pdf", Is there any parameter by which I can pass OUTPUT_FILE_NAME ?

  8. Hi,
    As far as I know no, there is no way to accomplish this.

  9. Outstanding!! This works! Thank you so much for taking the time to let others know how to do this. I've spent countless hours researching. This was exactly what I needed. Thank you!

  10. Hi,
    It's really a good method but I have a serious problem : I can access to jasperserver without authentification since this step is accomplished after accessing to my php application where I embeded jasperserver reports.
    How can I solve this problem?
    Could please help me?
    Many thanks in advance
    Best Regards

    1. Hi, I'm not sure I understand your problem if you access jasperserver without authentication you should be able to embed your reports by adding at the end of your report url the parameter "&decorate=no" if you are using the community version or "&theme=embed&viewAsDashboardFrame=true" if using the enterprise version


OSX show used ports or listening applications with their PID

On OSX you can display applications listening on a given port using the lsof the commands described below will show listening application...