This is the controller class
@Controller
public class ReportController {
@RequestMapping("/reports.htm")
public void onSubmit(ModelMap map, HttpServletResponse response) {
PayrollService ps = new PayrollServiceImpl();
JRBeanCollectionDataSource jr = new JRBeanCollectionDataSource(ps.listAllLoans(), false);
try {
JasperPrint jp = JasperFillManager.fillReport(new FileInputStream("C:\\Documents and Settings\\Administrator\\workspace\\payroll\\WebContent\\WEB-INF\\payrollReports\\report2.jasper"), null, jr);
JRExporter jre = new JRPdfExporter();
jre.setParameter(JRExporterParameter.OUTPUT_FILE_NAME, "report.pdf");
jre.setParameter(JRExporterParameter.JASPER_PRINT, jp);
ServletOutputStream output = response.getOutputStream();
jre.setParameter(JRExporterParameter.OUTPUT_STREAM, output);
jre.exportReport();
output.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
When I run this, A dialog box opens asking to download file, reports.htm, when I open the file, I get this
%PDF-1.4 %âãÏÓ 3 0 obj <>stream xœ+är á26S°00SIár áä2Rð‰!ˆ´01RÉåÒw3T0²Ò¸44C²@jJ’s‘5Z˜[ë™!t€t€å‹Ò¹4¼‹R‹@(¤c1,:H§€ƒÇCs3C<Ö˜êè*XX˜(8úe p7E endstream endobj 1 0 obj<>/Parent 4 0 R/Contents 3 0 R/Type/Page/Resources<>/Font<>>>/MediaBox[0 0 595 842]>> endobj 5 0 obj[1 0 R/XYZ 0 854 0] endobj 2 0 obj<> endobj 4 0 obj<> endobj 6 0 obj<> endobj 7 0 obj<> endobj 8 0 obj<>/Pages 4 0 R>> endobj 9 0 obj<> endobj xref 0 10 0000000000 65535 f 0000000220 00000 n 0000000487 00000 n 0000000015 00000 n 0000000574 00000 n 0000000453 00000 n 0000000624 00000 n 0000000677 00000 n 0000000708 00000 n 0000000810 00000 n trailer <<9f3f4526709d5e33fd22d07da10c3883>]/Info 9 0 R/Size 10>> startxref 976 %%EOF
But when I save the file and open with adobe PDF, I get the correct PDF. How can I download reports.pdf instead of reports.htm?
.jasperfiles outside of the web directory. If I can guess the name of the.jasperfile, I can probably download it. If I can download it, I can see the SQL. If I can see the SQL, I have an attack vector on your system. – Dave Jarvis