gjohnson_2

Hi ... I am still having problems with CSRF behind a proxy. I use AWS CloudFront to proxy requests to Jasper Server. When I try to login over HTTPS I get the error "Failed to retrieve CSRF token" in the developer console and the message "Connection error! Try reloading! | close" as a banner acrosss the page. I have made the edit to the jrs.csrfguard.js file as mentioned above: - //if(isValidDomain(document.domain, "%DOMAIN_ORIGIN%")) { if (true) { // GCJ 2019-01-21 https://community.jaspersoft.com/wiki/owasp-csrfguard-javascript-was-included-within-unauthorized-domain /** optionally include Ajax CSRF support **/ ... and I've also changed the jrs.csrfguard.properties file: - # If csrfguard filter is enabled org.owasp.csrfguard.Enabled = false ... but it still fails because the Origin header is different from the Request URL as seen by the Tomcat Server. @pierre.ortalo It seems you had the exact same problem. Wonder if you've got any more insights?

Hi I am running the TIBCO Jaspersoft Reporting and Analytics for AWS edition (non multi-tenant). The server is built with the wrong sample files installed - appears to have the multi-tenant versions. Can anyone help point me to the correct non-multi tenant versions. For example if you run this command from the shell ... ls /usr/share/jrs_dist/jasperreports-server-bin/samples/externalAuth-sample-config this is the results ... sample-applicationContext-externalAuth-CAS-db-mt.xmlsample-applicationContext-externalAuth-LDAP-mt.xmlsample-applicationContext-externalAuth-CAS-LDAP-mt.xmlsample-applicationContext-externalAuth-preAuth-mt.xmlsample-applicationContext-externalAuth-CAS-staticRoles-mt.xmlsample-applicationContext-externalAuth-sso-mt.xmlsample-applicationContext-externalAuth-db-mt.xmlsample-applicationContext-externalAuth-template-mt.xml This is stopping me from being able to correct configure the server as I believe I should be using the non multi-tenant versions of the files. Thanks Gary