We would like to deploy JasperReports server behind a gateway powered by spring-cloud-gateway. To access any routes our gateway controls user authorizations, so with that we wouldn't need to implement a CustomAuthenticationProvider in our JasperReports server code.
However by default our gateway also checks CSRF and if we want JasperReports to be behind that gateway we would like to have all POST/PUT/DELETE calls to jasper send an XSRF token by http header.
Thus what we would need is to find in Jasper where to define the name for an XSRF http header, and the name of the cookie to copy the value of the token.
Does such a feature exist in Jasper or would we need to disable CSRF for jasper routes in our gateway?