Hi all,
When trying to perform operations through admin console, once the session
is expired we are getting a 403 from admin console. Seems like this occurs
due to CSRF filter blocking the request since the session is no longer
available at the server side.
[2016-07-06 15:34:27,576] WARN {org.owasp.csrfguard.log.JavaLogger} -
potential cross-site request forgery (CSRF) attack thwarted
(user:<anonymous>, ip:127.0.0.1, method:POST,
uri:/carbon/userprofile/set-finish-ajaxprocessor.jsp, error:request token
does not match session token)
--
Hasintha Indrajee
WSO2, Inc.
Mobile:+94 771892453
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
