Hello, I have implemented token based authentication on our jasper server. I am trying to secure the token authentication by only allowing the token to be used inside the header of the login and header of the visualize.js authentication. I encrypted the token by implementing the CipherI interface to secure it.
Inside applicationContext-externalAuth-preAuth-mt I have changed the 'tokenInRequestParam' to false:
<property name="tokenInRequestParam" value="false"/>
This means the pp token can only be accepted from the headers of my request, not the URL.
The problem arises when I want to authenticate with Visualise.js. Since I only want to allow the token in the headers how do I configure this for my Visualize.js login ? I have tried:
visualize({ server: window.location.origin + '/jasperserver-pro', auth: { headers:{ token: token, preAuth: true, tokenName: "pp" } } },
But it returns an error stating headers is an unrecognised parameter.
How can I implement the visualise js login to accept the token from the header?
This is for jasper server 6.2.1
Thanks.
2 Answers:
There is an answer that might be helpful at https://community.jaspersoft.com/questions/1105341/how-log-visualizejs-when-token-authentication-only-permitted-through-headers
Any input from staff on this please?