Uploaded image for project: 'Alfresco'
  1. Alfresco
  2. ALF-18175

CSRFFilter error: Login to Share fails with reverse proxy (apache2 mod_proxy)

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 4.2.d Community
    • Fix Version/s: 4.2 Enterprise
    • Component/s: Share Application
    • Security Level: external (External user)
    • Labels:
      None
    • Environment:
      CentOS 6 x64, mySQL 5.1.67
    • Resolution Time Custom Field:
      17 hours, 24 minutes, 4 seconds

      Description

      Steps to reproduce:
      1. install latest community 4.2.d nightly (r47080-b4680) with mysql instead of postgresql
      2. configure mod_proxy (see attached config)
      3. try to login into share with admin user results in (catalina.out):

      2013-02-26 12:50:05,267 INFO [site.servlet.CSRFFilter] [ajp-apr-8009-exec-4] Possible CSRF attack noted when asserting referer header 'https://docsdev.mydomain.de/share/page/'. Request: POST /share/page/dologin

      2013-02-26 12:50:05,270 ERROR [alfresco.web.site] [ajp-apr-8009-exec-4] javax.servlet.ServletException: Possible CSRF attack noted when asserting referer header 'https://docsdev.mydomain.de/share/page/'. Request: POST /share/page/dologin

      Works fine without the reverse proxy.

        Attachments

          Issue Links

            Structure

              Activity

                People

                • Assignee:
                  closedissues Closed Issues
                  Reporter:
                  wurstgelee Hans Wurst (Inactive)
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  11 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Date of First Response:

                    Structure Helper Panel