Prerequisites : Jasper Server 6.4.0 Enterprise
Make data easy with Helical Insight.
Helical Insight is the world’s best open source business intelligence tool.
In recent times we are seeing below issue in browser console when loading pages containing embedded content from Jasper Server “Blocked auto-focusing on a form control in a cross-origin sub-frame”
So to fix this issue Jasper has provided 3 options
- Hot fixes : Hot fixes was applicable for only few versions as per blog. Current version which we are using(6.4.0) is not among those versions.
- Don’t access JasperReports Server in a cross site way : Recommends usage of single domain.
- Update application servers to inject cookie flags : Last option of updating application servers i.e. adding the following: ‘SameSite=None’ and ‘Secure’ in jasper server. But for this the server need to HTTPS
Reference of the blog: Chromium 80 Update February 2020 Cross Site Cookie Blocking Jaspersoft
When I was trying to use the above 3 options it was not much helpful in fixing the issue,So I have taken the Hot fix of 6.4.4 version and understand the implementation that they done to fix the issue ,and implemented the same in 6.4.0 version and worked fine
Please follow below steps to over come the issue
Step 1: In applicationContext-security-web.xml file we need to add responseHeadersUpdater beans as follows
<bean id="delegatingPreAuthenticatedFilter"
class="com.jaspersoft.jasperserver.api.security.externalAuth.JSDelegatingFilterProxy">
<property name="targetBeanName" value="proxyPreAuthenticatedProcessingFilter"/>
<property name="defaultFilter">
<bean class="com.jaspersoft.jasperserver.war.NullFilter"/>
</property>
<property name="responseHeadersUpdater" ref="responseHeadersUpdater"/>
</bean>
<bean id="successHandler" class="com.jaspersoft.jasperserver.api.security.JrsAuthenticationSuccessHandler" >
<property name="defaultTargetUrl" value="/loginsuccess.html" />
<property name="sessionRegistry" ref="sessionRegistry"/>
<property name="jsonRedirectUrl" ref="authSuccessJsonRedirectUrl"/>
<property name="responseHeadersUpdater" ref="responseHeadersUpdater"/>
</bean>
<bean id="restLoginAuthenticationFilter"
class="com.jaspersoft.jasperserver.rest.RESTLoginAuthenticationFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="responseHeadersUpdater" ref="responseHeadersUpdater"/>
</bean>
<bean id="responseHeadersUpdater" class="com.jaspersoft.jasperserver.api.security.ResponseHeaderUpdater">
<property name="cookieHeaders">
<util:map value-type="java.util.List">
<entry key="Set-Cookie">
<util:list id="cookie-list">
<value>SameSite=None</value>
<value>Secure</value>
</util:list>
</entry>
</util:map>
</property>
</bean>
After adding/updating above beans , we need to add there respective classes in Jasper server as below.
Step 2: Create a folder structure as <Jasper Dir>\WEB-INF\classes\com\jaspersoft\jasperserver\api\security\externalAuth and add the JSDelegatingFilterProxy.class file
Step 3: Create a folder structure as <Jasper Dir>\WEB-INF\classes\com\jaspersoft\jasperserver\api\security and add JrsAuthenticationSuccessHandler.class ,ResponseHeaderUpdater.class
Step 4: Create a folder structure as <Jasper Dir>\WEB-INF\classes\com\jaspersoft\jasperserver\rest and add RESTLoginAuthenticationFilter.class
Make data easy with Helical Insight.
Helical Insight is the world’s best open source business intelligence tool.
Step 5: Stop the server and delete the Temp and Work folder in Tomcat and start the server
Note: Please download and unzip class files in below attachment
Class Files
Thanks,
SatyaGopi
BI Developer
Helical IT Solutions Pvt Ltd
Best Open Source Business Intelligence Software Helical Insight Here
A Business Intelligence Framework
Best Open Source Business Intelligence Software Helical Insight is Here
Thanks a ton, Satya!
We had this issue and could not have solved it without the solution you have provided above!
Regards,
Sudeep.