Solution found - there are security configuration options to amend or disable the validation. 1 - The following regex fix should work for most cases. webapps/jasperserver/WEB-INF/classes/esapi/security-config.properties/validation.propertiesValidator.ValidSQL=^s*(?i)(withs+.*)?(select|call|exec(ute)?)s+[^;]+$ 2 - Alternatively turn it off webapps/jasperserver/WEB-INF/classes/esapi/security-config.propertiessecurity.validation.sql.on=false