JasperServer blocked by CORS policy: No 'Access-Control-Allow-Origin' - apache

I'm trying to enable CORS policy in the jasperserver.
I'm using angular HTTPClient to call the API coming from the jasperserver.
Things that I have tried so far.
Modifying the apache-tomcat apache-tomcat\conf\web.xml file
and addding the code below.
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern> /* </url-pattern>
</filter-mapping>
which is from the apache-tomcat site.
Also tried to modify the jasperserver\WEB-INF\Web.xml file
and adding the code below
<filter>
<filter-name>CorsFilter2</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
And still no luck and encountering this error.

After struggling for a couple of hours with this, i have it figured out.
You have to disable Jasper's built in CorsFilter altogether, along with adding/mapping your own filter in your tomcat's /webapps/jasperserver/WEB-INF/web.xml. No intervention is needed in the global tomcat web.xml.
<!-- Comment the built-in filter out.
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>com.jaspersoft.jasperserver.api.security.csrf.CorsFilter</filter-class>
</filter>
-->
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<!-- Tomcat 8.5+ doesn't allow '*' any longer in conjuction with 'cors.support.credentials' set to true.
Instead, a specific comma separated list has to be set here. See https://bz.apache.org/bugzilla/show_bug.cgi?id=62343 -->
<param-value>http://localhost:9000</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<!--- If requests contain an authorization header, it has to be added here as well -->
<param-value>
Content-Type,X-Requested-With,Accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,X-Remote-Domain,Authorization
</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
.......
<!-- Ensure your newly introduced mapping is first in line -->
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Also comment out any existing mappings for the built-in filter -->
<!--
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>*.woff</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>*.ttf</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>*.svg</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>*.eot</url-pattern>
</filter-mapping>
-->

Related

Primefaces fileupload uploads only files < 30kb

I'm having problems with my chat project, which i'm building for learning purposes. I'm having a weird little problem with PrimeFaces fileUpload component. It is working fine for a file not larger than 30kb (for larger file it throws HTTP error 400).I'm using PrimeFaces 5.3, Apache commons-io 2.3, Commons-fileupload 1.3. Because this is my learning project, i have uploaded it on public git repository, which is, for better understanding of the problem, accessible here: https://bitbucket.org/salkovich123/testfileupload.git
The fileUpload component is located in file register.xhtml.
I am also sharing my web.xml file here:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.UPLOADER</param-name>
<param-value>auto</param-value>
</context-param>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>
org.primefaces.webapp.filter.FileUploadFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
This are the header details, which throws HTTP error 400 (bad request)
UPDATE #1
This is most definetly some kind of jQuery problem, because error is thrown in browser console, and no other server side methods are called after thrown error

JASIG CAS with JBOSS AS 7 application

Is there any example how to integrate JASIG CAS with my JBOSS AS 7 application?
So what I have
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://localhost:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>https://localhost:8443/JAdaptiv/default.action</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://localhost:8443/cas</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>tolerance</param-name>
<param-value>1000</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
jboss-web.xml:
<jboss-web>
<security-domain>CasSecurityDomain</security-domain>
<valve>
<class-name>org.apache.catalina.authenticator.SingleSignOn</class-name>
</valve>
</jboss-web>
standalone.xml:
<security-domain name="CasSecurityDomain">
<authentication>
<login-module code="org.jasig.cas.client.jaas.CasLoginModule" flag="required">
<module-option name="ticketValidatorClass" value="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"/>
<module-option name="casServerUrlPrefix" value="https://localhost:8443/cas"/>
<module-option name="tolerance" value="20000"/>
<module-option name="defaultRoles" value="user"/>
<module-option name="roleAttributeNames" value="memberOf,eduPersonAffiliation,authorities"/>
<module-option name="principalGroupName" value="CallerPrincipal"/>
<module-option name="roleGroupName" value="Roles"/>
<module-option name="cacheAssertions" value="true"/>
<module-option name="cacheTimeout" value="480"/>
</login-module>
</authentication>
</security-domain>
When i'm trying to get rest
http://localhost:8080/myapp/rest/bpm/processdefinitions
I got error message.
JBWEB000065: HTTP Status 403 - JBWEB000015: Access to the requested resource has been denied
Whats wrong?

How can i remove uploaded image to replace with another image in primefaces <p:fileUpload>?

I am just a beginner in primefaces and I just want to know how I can remove the uploaded file. Another one is that within <p:fileUpload> tag, can I show the uploaded file for update or remove? Is this supported by <p:fileUpload>? My uploaded file is not yet on the disk or in the database but still is an object. My code is as below. Please help me or give me some idea.
This is fileupload.xhtml
<h:outputLabel value="Choose Image:" />
<p:fileUpload fileUploadListener="#{ManageProductCode.handleFileUpload}" mode= "advanced"
sizeLimit="3000000" allowTypes="/(\.|\/)(gif|jpe?g|png)$/" id="MyAttachment" fileLimit="1"
required="true" requiredMessage="Image Is Require."/>
<br/>
This is my backing bean. That is just assigning value to persist into database.
private UploadedFile uploadFile;
public UploadedFile getUploadFile() {
return uploadFile;
}
public void setUploadFile(UploadedFile uploadFile) {
this.uploadFile = uploadFile;
}
public void handleFileUpload(FileUploadEvent event){
uploadFile = event.getFile();
System.out.println("UploadFileName is" + uploadFile.getFileName());
byte[]image = event.getFile().getContents();
productCode.setImage(image);
}
This is my web.xml
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>

Change the URL mapping -Javamelody

I'm using Javamelody in my application. I need only root users to access the statistics. Javamelody by default you can access
http://localhost/webapp/monitoring
I need to change it to
http://localhost/webapp/monitor/monitoring
I have done the following filter mapping
<filter>
<filter-name>monitoring</filter-name>
<filter-class>net.bull.javamelody.MonitoringFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>monitoring</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>net.bull.javamelody.SessionListener</listener-class>
</listener>
<filter>
<filter-name>monitoring</filter-name>
<filter-class>net.bull.javamelody.MonitoringFilter</filter-class>
<init-param>
<param-name>monitoring-path</param-name>
<param-value>/admin/monitoring</param-value>
</init-param>
</filter>

Update items for selectOneMenu

I'm trying to get the items for a selectOneMenu updated after a file has bee uploaded. To do it, I load the select items at the file upload listener and set the id for the selectOneMenu in the update attribute for the fileUpload component, but the file upload listener is not even called.
I've reproduced the error in a small project I uploaded here http://www.filedropper.com/file-upload
I'm working with PrimeFaces 3.5 on a JBoss AS7.1.3
I can't find what I'm missing. Any ideas?
Thanks in advance
This is the resulting web.xml, including the missing faces servlet declaration and mapping that solved my problem.
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<description>File Upload</description>
<!-- This was missing -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<!-- File upload -->
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>glass-x</param-value>
</context-param>
</web-app>