Jasper server behind a secured gateway


We would like to deploy JasperReports server behind a gateway powered by spring-cloud-gateway. To access any routes our gateway controls user authorizations, so with that we wouldn't need to implement a CustomAuthenticationProvider in our JasperReports server code.

However by default our gateway also checks CSRF and if we want JasperReports to be behind that gateway we would like to have all POST/PUT/DELETE calls to jasper send an XSRF token by http header.

Thus what we would need is to find in Jasper where to define the name for an XSRF http header, and the name of the cookie to copy the value of the token.

Does such a feature exist in Jasper or would we need to disable CSRF for jasper routes in our gateway?


gregory.anne's picture
Joined: May 11 2023 - 12:54am
Last seen: 4 months 2 weeks ago

Thank you for posting to the Jaspersoft Community. Our team of experts has read your question and we are working to get you an answer as quickly as we can. If you have a Jaspersoft Professional Subscription plan, please visit https://support.tibco.com/s/ for direct access to our technical support teams offering guaranteed response times.

arai_4 - 4 months 2 weeks ago

Thank you for your patience, we need a little more time with our team of experts to come up with a solution. We will respond back as soon as we have an answer to your question.

arai_4 - 4 months 6 days ago

Linked support case (02183742) has been updated

ddonofr - 3 months 3 weeks ago

0 Answers:

No answers yet