Still experiencing the error. I also see the error when accessing /qconsole/help.xqy but with a more verbose stack trace (see below).
The gist is that is seems at some point the CSRF token is not getting to the application code because the error messages all report no value for it. It looks like the CSRF cookie is not being set in the browser. Even if I set the X-CSRF-Token header to the value I can find in the /security/token-storage.xml file. I set the header using Postman REST client (which gives the same error). I can see CSRF tokens getting stored in /security/token-storage.xml. I can delete this file and it gets re-generated. I can see a cookie named csrf-token-[port]-[user] with no value in Chrome Dev tools and Firefox Dev tools. I have cleared my browsing data from both chrome://settings and from Dev Tools. I have also set chrome to discard session data after shutdown and I don't have any restrictions on cookie-creation. At this point I feel like I'm missing something obvious. Thanks, Mark ========== <error:error xsi:schemaLocation="http://marklogic.com/xdmp/error error.xsd" xmlns:error="http://marklogic.com/xdmp/error"; xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance";> 2017-06-26 16:01:25.204 Info: <error:code>SECURITY-BADREQUEST</error:code> 2017-06-26 16:01:25.204 Info: <error:name>err:FOER0000</error:name> 2017-06-26 16:01:25.204 Info: <error:xquery-version>1.0-ml</error:xquery-version> 2017-06-26 16:01:25.204 Info: <error:message>SECURITY-BADREQUEST</error:message> 2017-06-26 16:01:25.204 Info: <error:format-string>SECURITY-BADREQUEST (err:FOER0000): Your session has been terminated by another login. Refresh Query Console to create a new session.</error:format-string> 2017-06-26 16:01:25.204 Info: <error:retryable>false</error:retryable> 2017-06-26 16:01:25.204 Info: <error:expr> </error:expr> 2017-06-26 16:01:25.204 Info: <error:data> 2017-06-26 16:01:25.204 Info: <error:datum>Your session has been terminated by another login. Refresh Query Console to create a new session.</error:datum> 2017-06-26 16:01:25.204 Info: </error:data> 2017-06-26 16:01:25.204 Info: <error:stack> 2017-06-26 16:01:25.204 Info: <error:frame> 2017-06-26 16:01:25.204 Info: <error:uri>/MarkLogic/appservices/qconsole/qconsole-security.xqy</error:uri> 2017-06-26 16:01:25.204 Info: <error:line>254</error:line> 2017-06-26 16:01:25.204 Info: <error:column>14</error:column> 2017-06-26 16:01:25.204 Info: <error:operation>sec:check-matching-csrf-token("")</error:operation> 2017-06-26 16:01:25.204 Info: <error:variables> 2017-06-26 16:01:25.204 Info: <error:variable> 2017-06-26 16:01:25.204 Info: <error:name xmlns=" http://marklogic.com/appservices/qconsole/security";>token</error:name> 2017-06-26 16:01:25.204 Info: <error:value>""</error:value> 2017-06-26 16:01:25.204 Info: </error:variable> 2017-06-26 16:01:25.204 Info: <error:variable> 2017-06-26 16:01:25.204 Info: <error:name xmlns=" http://marklogic.com/appservices/qconsole/security";>tk-uri</error:name> 2017-06-26 16:01:25.204 Info: <error:value>"/security/token-storage.xml"</error:value> 2017-06-26 16:01:25.204 Info: </error:variable> 2017-06-26 16:01:25.204 Info: <error:variable> 2017-06-26 16:01:25.204 Info: <error:name xmlns=" http://marklogic.com/appservices/qconsole/security ">server-token</error:name> 2017-06-26 16:01:25.204 Info: <error:value>[REDACTED]</error:value> 2017-06-26 16:01:25.204 Info: </error:variable> 2017-06-26 16:01:25.204 Info: </error:variables> 2017-06-26 16:01:25.204 Info: <error:xquery-version>1.0-ml</error:xquery-version> 2017-06-26 16:01:25.204 Info: </error:frame> 2017-06-26 16:01:25.204 Info: <error:frame> 2017-06-26 16:01:25.204 Info: <error:uri>/qconsole/help.xqy</error:uri> 2017-06-26 16:01:25.204 Info: <error:line>13</error:line> 2017-06-26 16:01:25.204 Info: <error:column>2</error:column> 2017-06-26 16:01:25.204 Info: <error:variables> 2017-06-26 16:01:25.204 Info: <error:variable> 2017-06-26 16:01:25.204 Info: <error:name xmlns="">_</error:name> 2017-06-26 16:01:25.204 Info: <error:value>()</error:value> 2017-06-26 16:01:25.204 Info: </error:variable> 2017-06-26 16:01:25.204 Info: <error:variable> 2017-06-26 16:01:25.204 Info: <error:name xmlns="">csrf</error:name> 2017-06-26 16:01:25.204 Info: <error:value>()</error:value> 2017-06-26 16:01:25.204 Info: </error:variable> 2017-06-26 16:01:25.204 Info: </error:variables> 2017-06-26 16:01:25.204 Info: <error:xquery-version>1.0-ml</error:xquery-version> 2017-06-26 16:01:25.204 Info: </error:frame> 2017-06-26 16:01:25.204 Info: </error:stack> 2017-06-26 16:01:25.204 Info: </error:error> ========== - -- --- ----- -------- ------------- Mark Donoghue IEEE (732) 562-6045 m.donog...@ieee.org IEEE - Advancing Technology for Humanity On Thu, Jun 22, 2017 at 12:20 PM, Mark Donoghue <m.donog...@ieee.org> wrote: > I don't know if this is relevant, but my App-Services is running off port > 8008 (not 8000). I tried changing it to another port and I still get the > error. > > - -- --- ----- -------- ------------- > Mark Donoghue > IEEE > (732) 562-6045 > m.donog...@ieee.org > > IEEE - Advancing Technology for Humanity > > On Thu, Jun 22, 2017 at 11:08 AM, Dave Cassel <david.cas...@marklogic.com> > wrote: > >> There's an article in the Support team's Knowledge Base about this ( >> https://help.marklogic.com/Knowledgebase/Article/View/478/ >> 0/query-console-security-badrequest-invalid-csrf-token-error), but it >> sounds like you've already followed their recommendations. >> >> Anyone else have ideas? >> >> -- >> Dave Cassel, @dmcassel <https://twitter.com/dmcassel> >> Technical Community Manager >> MarkLogic Corporation <http://www.marklogic.com/> >> http://developer.marklogic.com/ >> >> From: <general-boun...@developer.marklogic.com> on behalf of Mark >> Donoghue <m.donog...@ieee.org> >> Reply-To: MarkLogic Developer Discussion <general@developer.marklogic.com >> > >> Date: Thursday, June 22, 2017 at 10:45 AM >> To: "general@developer.marklogic.com" <general@developer.marklogic.com> >> Subject: [MarkLogic Dev General] Query Console error post upgrade 8 > 9 >> >> Hi, >> >> I just upgraded my local (laptop) install of Marklogic 8 to 9.0-1.1. >> >> Now, when I attempt to access the query console I get the following error: >> >> ====== >> SECURITY-BADREQUEST (err:FOER0000): Your session has been terminated by >> another login. Refresh Query Console to create a new session. >> ====== >> >> Admin interface and Configuration Manager work fine. >> >> I have attempted the following: >> >> - Refreshed the browser (Chrome ver. 59.0.3071.109), and deleted >> browsing data. >> - Restarted my laptop several times. >> - Using Firefox (45.5.1) and get the same error message. >> - Created a new user with query-console permission (same error). >> - Changed the auth scheme from digest to basic, and back to digest. >> >> Chrome developer tools reports errors from the following resources: >> ====== >> jquery-1.7.min.js:4 >> >> GET http://localhost:8008/qconsole/endpoints/workspaces.xqy? >> cache=1498142153868 >> >> 500 (SECURITY-BADREQUEST (err:FOER0000): Your session has been terminated >> by another login. Refresh Query Console to create a new session.) >> send @ jquery-1.7.min.js:4 >> ====== >> >> and >> >> ====== >> jquery-1.7.min.js:4 >> >> GET http://localhost:8008/qconsole/endpoints/sources.xqy?type= >> databases&cache=1498142153871 >> >> 500 (SECURITY-BADREQUEST (err:FOER0000): Your session has been terminated >> by another login. Refresh Query Console to create a new session.) >> ====== >> >> The only evidence of a similar error that I could find on the web refers >> to a tool named Roxy, which I'm not familiar with. It is also for version 8 >> of Marklogic. See: https://github.com/marklogic-community/roxy/issues/679 >> >> I am out of ideas. Has anyone else had this experience? >> >> Thanks, >> Mark >> - -- --- ----- -------- ------------- >> Mark Donoghue >> IEEE >> (732) 562-6045 >> m.donog...@ieee.org >> >> IEEE - Advancing Technology for Humanity >> >> _______________________________________________ >> General mailing list >> General@developer.marklogic.com >> Manage your subscription at: >> http://developer.marklogic.com/mailman/listinfo/general >> >> >
_______________________________________________ General mailing list General@developer.marklogic.com Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
