Notifications

51 views

Symptoms


Audit and GRC Workbench not loading 

Cause


The system property "glide.security.csrf.strict.validation.mode" was set to true 

Resolution


There is an auth interceptor configured "angular-http-auth-interceptor" because of which following steps happen
1)'/sn_audit_auditWorkbenchAjaxProcessor.do' first fails with 401 status. The response header for this request will have a CSRF token
2)'/sn_audit_auditWorkbenchAjaxProcessor.do' is retried by adding token received in first request in the request header. Now this passes and the workbench is loaded - Retry happens only when 'glide.security.csrf.strict.validation.mode' property is set to false.

 

To fix the issue, please set the property 'glide.security.csrf.strict.validation.mode' to false.

 

Article Information

Last Updated:2019-01-04 07:29:20
Published:2019-01-04