italoosorio

I got this solved thank you to JasperSever support. Here is their comment: I stumbled across a couple of similar cases. It seems that CsrfGuard log is set to INFO in this release. This is getting changed in a future release. You can fix this by modifying jasperserver-pro/WEB-INF/web.xml: <context-param> <param-name>Owasp.CsrfGuard.Config.Print</param-name> <param-value>true</param-value> </context-param> Change the value to false to suppress CSRF warnings Now the mesage if not showing in the log anymore.

I got the error. It was a pesky String concatenation in my code. I used a REST plugin client for firefox which helped debuging the problem. Thank you to JasperServer support for pointing out the pluing. The plugin is called Poster. I am including the code I used to test the REST connection. It is a JSP code. You can migrate this code to a Spring Bean, a MVC Controller, whatever you are conforatable with. It uses the org.apache.commons.httpclient and after execution it should display the report as PDF format. I hope it helps to someone needing to get a report using REST. Code: Post Edited by italoosorio at 05/01/2012 18:31

I have found this interesting. http://stackoverflow.com/questions/9623685/get-report-from-jasperserver-using-rest-webservice-and-asp-net-c-sharp Hoever in JAVA I am using the smae httpClient for all the transaction. I have checked the cookie's values and it keep constant for all the connections. So, PUT and GET have this values all the time. Cookie: JSESSIONID, Value: A629805888DF35908E55BF3D491D9181, IsPersistent?: false I don't know what could be missing.

I am running a report using REST. I am programing using JAVA. I am folloing the indications from this topic, the steps shared by sanzah: http://jasperforge.org/plugins/espforum/view.php?group_id=83&forumid=101&topicid=94262 All works well until step 4. Whe I run the GET method to get the Report I received the message: Report not found (uuid not found in session) I have check the session and cookies and everyting seem to be in place. The log shows this: 2012-04-29 19:22:37,107 DEBUG RESTServlet,TP-Processor5:92 - --------------------------------------------------------------------------------.2012-04-29 19:22:37,107 DEBUG RESTServlet,TP-Processor5:130 - request params: Path: /login Requested Service: login Service from registry: class com.jaspersoft.jas2012-04-29 19:22:37,113 DEBUG RESTServlet,TP-Processor5:92 - --------------------------------------------------------------------------------.2012-04-29 19:22:37,113 DEBUG RESTServlet,TP-Processor5:130 - request params: Path: /resource/Reports/Test Requested Service: resource Service from registry:2012-04-29 19:22:37,114 DEBUG RESTAbstractService,TP-Processor5:101 - execute: Resource=/resource/Reports/Test Method=get2012-04-29 19:22:37,114 DEBUG RESTResource,TP-Processor5:110 - adding the local resource with data flag2012-04-29 19:22:37,166 WARN FileResourceHandler,TP-Processor5:112 - Placed attachment for Test_jrxml in the output attachments list2012-04-29 19:22:37,167 DEBUG RESTAbstractService,TP-Processor5:123 - finished: Resource=/resource/Reports/Test Method=get2012-04-29 19:22:37,178 DEBUG RESTServlet,TP-Processor5:92 - --------------------------------------------------------------------------------.2012-04-29 19:22:37,179 DEBUG RESTServlet,TP-Processor5:130 - request params: Path: /report/Reports/Test Requested Service: report Service from registry: clas2012-04-29 19:22:37,179 DEBUG RESTAbstractService,TP-Processor5:101 - execute: Resource=/report/Reports/Test Method=put2012-04-29 19:22:37,179 DEBUG Utils,TP-Processor5:159 - 0 attachments were extracted from the POST2012-04-29 19:22:37,184 DEBUG RESTReport,TP-Processor5:287 - Running report /Reports/Test with parameters: {personID=1244} and options: {RUN_OUTPUT_FORMAT=PDF}2012-04-29 19:22:37,945 ERROR GetService,TP-Processor5:235 - Exporter params: [OutputStream Object, JasperPrint Object, URL Handler Factory]2012-04-29 19:22:37,946 ERROR GetService,TP-Processor5:357 - Format requested: PDF HTML2012-04-29 19:22:37,947 DEBUG RESTAbstractService,TP-Processor5:123 - finished: Resource=/report/Reports/Test Method=put2012-04-29 19:22:38,207 DEBUG RESTServlet,TP-Processor5:92 - --------------------------------------------------------------------------------.2012-04-29 19:22:38,208 DEBUG RESTServlet,TP-Processor5:130 - request params: Path: /report/Reports/Test Requested Service: report Service from registry: clas2012-04-29 19:22:38,208 DEBUG RESTAbstractService,TP-Processor5:101 - execute: Resource=/report/Reports/Test Method=get2012-04-29 19:22:38,208 DEBUG RESTAbstractService,TP-Processor5:123 - finished: Resource=/report/Reports/Test Method=get What I don't undestand are these lines: ERROR GetService,TP-Processor5:235 - Exporter params: (OutputStream Object, JasperPrint Object, URL Handler Factory) ERROR GetService,TP-Processor5:357 - Format requested: PDF HTML The report execution seem to work properly accoding to the XML returned. b139fc17-2a45-4355-b160-b2bfdf36e8c5 /Reports/Test 16 1 16 [/code]I am sending the uuid included in the get URL but I can't get the PDF file. Thank you for help. Post Edited by italoosorio at 04/30/2012 00:50

Yes, I tried that before plus other things and it did not fix the log problem. I have it setup on this way: security.validation.csrf.on=true I chnage it to: security.validation.csrf.on=false, no effect. However, a solution which disables security does not seem much attractive. Post Edited by italoosorio at 04/30/2012 00:27

I have jasperserver-pro running behind Apache. I have tomcat configure with multiple vhosts. One is for jasperserver-pro only. Everything seems to work perfectly. However each time a login process happens in the front-end this message appears in the logs. It also happens while authenticating using REST services. ****************************************************** Owasp.CsrfGuard Properties** Logger: com.jaspersoft.jasperserver.api.security.JSCsrfLogger* NewTokenLandingPage: /jasperserver-pro/login.html* PRNG: SHA1PRNG* SessionKey: JASPER_CSRF_SESSION_KEY* TokenLength: 96* TokenName: JASPER_CSRF_TOKEN* Ajax: true* Rotate: true* TokenPerPage: true* Action: org.owasp.csrfguard.action.Rotate* Action: org.owasp.csrfguard.action.Redirect* Parameter: Page = /jasperserver-pro/login.html* Action: org.owasp.csrfguard.action.Log* Parameter: Message = potential cross-site request forgery (CSRF) attack thwarted (user:%user%, ip:%remote_ip%, uri:%request_uri%, error:%exception_message%)***************************************************** I would like to know what is triggering this message and how to configure jasperserver properly to avoid it. Post Edited by italoosorio at 04/29/2012 21:46

I started using JasperServer and iReport and I can say that I am satisfied with these products. However, I have a little problem with iReport user interface in Mac OS X Leopard. The Property values are not displayed. What I need to do is to click on the property value to see what values are selected. I am including an image which shows the problem. http://italo.swau.edu/IDEproblem.jpg This problem does not affect jasper functionality, but affects user productivity. I want to show and train in the use of this application to some of our officers and having these little glitches can lead to rejection. Thank you for your help.