If you are using token based authentication and would like to pass a token via HTTP header. Here is sample code in JRS 7.8.0:
visualize({
auth: {
token: token,
preAuth: true,
tokenName: "pp",
loginFn: function(properties, request) {
return request({
url: url,
type: "get",
headers: {
pp: properties.token,
Accept: "application/json"
}
});
}
}
}The method will fail with an error
Access to XMLHttpRequest at 'https://myCustomApp/jasperserver-pro/' from origin 'https://localhost' has been blocked by CORS policy: Request header field pp is not allowed by Access-Control-Allow-Headers in preflight response.
Since jasperserver 7.8.0 all the CORS policy are pre-defined in the WEB-INF/applicationContext-security-pro-web.xml as given below :
<property name="allowedHeaders">
<list>
<value>Cache-Control</value>
<value>X-Suppress-Basic</value>
<value>Origin</value>
<value>Accept</value>
<value>X-Requested-With</value>
<value>Content-Type</value>
<value>Pragma</value>
<value>accept-timezone</value>
<value>withCredentials</value>
<value>X-Remote-Domain</value>
<value>X-Is-Visualize</value>
<value>x-jrs-base-url</value>
<value>Content-Disposition</value>
<value>Content-Description</value>
</list>
</property>
To resolve the error you need to add your principalParameter name in above allowedHeaders list as <value>PP</value>. save the changes and restart the server.
Recommended Comments
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now