If you are using token based authentication and would like to pass a token via HTTP header. Here is sample code in JRS 7.8.0:
visualize({ auth: { token: token, preAuth: true, tokenName: "pp", loginFn: function(properties, request) { return request({ url: url, type: "get", headers: { pp: properties.token, Accept: "application/json" } }); } } }
The method will fail with an error
Access to XMLHttpRequest at 'https://myCustomApp/jasperserver-pro/' from origin 'https://localhost' has been blocked by CORS policy: Request header field pp is not allowed by Access-Control-Allow-Headers in preflight response.
Since jasperserver 7.8.0 all the CORS policy are pre-defined in the WEB-INF/applicationContext-security-pro-web.xml as given below :
<property name="allowedHeaders"> <list> <value>Cache-Control</value> <value>X-Suppress-Basic</value> <value>Origin</value> <value>Accept</value> <value>X-Requested-With</value> <value>Content-Type</value> <value>Pragma</value> <value>accept-timezone</value> <value>withCredentials</value> <value>X-Remote-Domain</value> <value>X-Is-Visualize</value> <value>x-jrs-base-url</value> <value>Content-Disposition</value> <value>Content-Description</value> </list> </property>
To resolve the error you need to add your principalParameter name in above allowedHeaders list as <value>PP</value>. save the changes and restart the server.
Recommended Comments
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now