Hi, This "Invalid CSRF Token" error is a common installation issue that we describe solutions to in our "Common Installation Issues" guide: https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-%22403Forbidden%22errorwithamessagethatsays%22Accessisdenied.InvalidCSRFToken%22
It is usually the result of a misconfiguration as described in that guide. Based on what you've shared, it might be the fact that your "config.prod.yml" shows the "rest" setting on port 8443, but your "local.cfg" on the backend does NOT have a port (which means it's using port 443). You may want to see if fixing those ports to be the same helps solve the problem. Tim On Wednesday, September 25, 2024 at 11:08:30 AM UTC-5 [email protected] wrote: > Hello, face this problem when try to login or register, or doing anything > on UI. Double checked all configs 10 times, have zero idea, how to solve it. > local.cfg: > dspace.server.url = https://devessuir.sumdu.edu.ua/server > > # Public URL of DSpace frontend (Angular UI). May require a port number if > not using standard ports (80 or 443) > # DO NOT end it with '/'. > # This is used by the backend to provide links in emails, RSS feeds, > Sitemaps, etc. > # NOTE: this URL must be accessible to all DSpace users (should not use > 'localhost' in Production). > # It corresponds to the URL that you would type into your browser to > access the User Interface. > dspace.ui.url = https://devessuir.sumdu.edu.ua > > config.prod.yml: > ui: > ssl: false > host: localhost > port: 4000 > nameSpace: / > > # This example is valid if your Backend is publicly available at > https://api.mydspace.edu/server/ > # The REST settings MUST correspond to the primary/public URL of the > backend. Usually, this means they must be kept in sync > # with the value of "dspace.server.url" in the backend's local.cfg > rest: > ssl: true > host: devessuir.sumdu.edu.ua > port: 8443 > nameSpace: /server > > All runned on HTTPS by LetsEncrypt certificates, backend accesible 24/7 on > https://devessuir.sumdu.edu.ua, frontend shut downed. On backend I can > login via Hal browser, but on frontend this problem 403 -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/abff7cf8-8f85-45e5-8912-ed40a3e3e0fdn%40googlegroups.com.
