[+Dulanjan] Hi All
When trying to add multiple roles to a user using a feature such as *Select all from page 1 to page 3* or clicking on a pagination number the same error comes and throws an error similar to[1] [1] [2016-07-07 11:34:37,139] WARN - JavaLogger potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:127.0.0.1, method:POST, uri:/t/tenant.com/carbon/user/view-roles.jsp, error:required token is missing from the request) Regards, Shavantha Weerasinghe Senior Software Engineer QA WSO2, Inc. lean.enterprise.middleware. http://wso2.com http://wso2.org Tel : 94 11 214 5345 Fax :94 11 2145300 On Wed, Jul 6, 2016 at 4:10 PM, Hasintha Indrajee <[email protected]> wrote: > Hi all, > > When trying to perform operations through admin console, once the session > is expired we are getting a 403 from admin console. Seems like this occurs > due to CSRF filter blocking the request since the session is no longer > available at the server side. > > [2016-07-06 15:34:27,576] WARN {org.owasp.csrfguard.log.JavaLogger} - > potential cross-site request forgery (CSRF) attack thwarted > (user:<anonymous>, ip:127.0.0.1, method:POST, > uri:/carbon/userprofile/set-finish-ajaxprocessor.jsp, error:request token > does not match session token) > -- > Hasintha Indrajee > WSO2, Inc. > Mobile:+94 771892453 > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
