Advanced Reporting UI stuck with 'Please Wait' message
search cancel

Advanced Reporting UI stuck with 'Please Wait' message

book

Article ID: 4562

calendar_today

Updated On:

Products

Clarity PPM SaaS Clarity PPM On Premise

Issue/Introduction

In Clarity Advance Reporting UI stuck with 'Please Wait Loading...' message when you Navigate to Advanced Reporting page or click on Repository:

Messages in the jasperserver log will be similar to below:

2017-10-25 12:02:49,040 ERROR CsrfGuard,http-bio-24081-exec-13:44 [XXXXX] - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:<IP>, method:POST, uri:/reportservice/flow.html, error:required token is missing from the request)
2017-10-25 12:02:52,446 ERROR CsrfGuard,http-bio-24081-exec-11:44 [XXXXX] - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:<IP>, method:POST, uri:/reportservice/flow.html, error:required token is missing from the request)
2017-10-25 12:03:54,039 ERROR CsrfGuard,http-bio-24081-exec-9:44 [XXXXX] - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:<IP>, method:POST, uri:/reportservice/flow.html, error:required token is missing from the request)

In Some cases the Browser Network Trace will show below information.

JavaScriptServlet:467 Refused to frame 'http://hostname/' because it violates the following Content Security Policy directive

Environment

Any Supported Release with Jaspersoft 

 

Cause

  • CSRF Validation Failed in Jaspersoft, there have been few improvements added for securability purposes
  • Change was implemented on Jaspersoft with patch 5.2.1.4 and higher on 6.2.1 and the same will be valid for all supported releases since.
  • To see if you are facing this issue, you can capture the browser network traffic using Developer tools and see if any redirection to ‘login.html’ is occurring
  • This is happening when load balancer is used or entry URL not set up correctly

Resolution

The Clarity entryURL configured in CSA is different from the URL entered in browser, used to connect. Most usually an IP address or server alias instead of load balancer URL. The HTTP Entry URL in the CSA/properties.xml should always match the URL you are using to connect to Clarity. If you are using a loadbalancer, it is mandatory to enter it as Entry URL.

To resolve the issue:

  1. Set the HTTP/HTTPS Entry URL for the app service(s) in the CSA / properties.xml to the URL used to connect to Clarity i.e. the loadbalancer (LB)
  2. Repeat for all servers in Clarity cluster
  3. Restart the services
  4. Now connect to the Jaspersoft Tomcat folder. Under Tomcat directory, you will have /temp and /work folders.
  5. Empty/delete the contents of these two folders (without deleting the folders themselves)
  6. Restart the Jaspersoft Tomcat service. Repeat for all Jaspersoft servers.

Make sure you don't have trailing ‘/’ in the report server URL configured in CSA if you do, go ahead and remove it, then restart the services.

Note: Do not manually turn off the CSRF properties in Jaspersoft, as this can make your system vulnerable to CSRF attacks

Powered by Wolken Software