Closed jeffallen closed 7 years ago
Can you mount your customized file to the container as a volume?
-v /<host_path>/jrs.csrfguard.properties:/usr/local/tomcat/webapps/jasperserver/WEB-INF/csrf/jrs.csrfguard.properties
Yes, that would work, I guess. I hadn't thought of -v to replace a single file before. I will give it a try and if I find a neat solution, I will send you a PR with it documented.
Your proposed solution can't work, because the /usr/local/tomcat/webapps/jasperserver directory does not exist until entrypoint.sh runs "ant deploy-webapp-ce". I will propose another solution.
OK, you need to handle that in entrypoint.sh
. Options:
-v -v /<host_path>/jrs.csrfguard.properties:/etc/jasperserver/jrs.csrfguard.properties
), then copy/replace original config file /usr/local/tomcat/webapps/jasperserver/WEB-INF/csrf/jrs.csrfguard.properties
JS_CSR_
) and then transform all env variables with that prefix into config file - example https://github.com/monitoringartist/zabbix-xxl/blob/777f549283d08b16db72ef5ae0ad4654812c5db5/Dockerfile/zabbix-xxl/container-files-zabbix/config/init/bootstrap.sh#L65-L72 - it's processing env variables with prefix ZS_
This is unsupported project now. Please use official project https://github.com/TIBCOSoftware/js-docker. If you want to maintain this repository, please contact me.
Understood! I will switch to using the one from TIBCO too.
Jasper cannot run behind a reverse proxy because the CSRFGuard won't allow it. I have looked for solutions, to fix it, but the only thing I came up with was disabling it entirely. To do that, you need to be able to edit WEB-INF/csrf/jrs.csrfguard.properties to set org.owasp.csrfguard.Enabled to false.
See: http://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v630/configuring-csrf-protection