grouper-users - Re: [grouper-users] RE: Fresh 2.2.1 Installation
Subject: Grouper Users - Open Discussion List
List archive
- From: "Waldbieser, Carl" <>
- To: Bryan Wooten <>
- Cc: Chris Hyzer <>,
- Subject: Re: [grouper-users] RE: Fresh 2.2.1 Installation
- Date: Tue, 3 Feb 2015 15:39:13 -0500 (EST)
Brian,
We had issues with CrsfGuard, but it was because we were running behind an
Nginx proxy. By default, Nginx was stripping out one of the headers with an
underscore that CrsfGuard was using.
The other error you were getting sounds like Grouper isn't getting a user to
identify you, though.
Thanks,
Carl
----- Original Message -----
From: "Bryan Wooten"
<>
To: "Chris Hyzer"
<>,
Sent: Tuesday, February 3, 2015 3:26:33 PM
Subject: [grouper-users] RE: Fresh 2.2.1 Installation
Hmm, grouper_error.log has this clue:
2015-02-03 13:20:19,231: [http-bio-8080-exec-6] ERROR CsrfGuardLogger.log(47)
- - potential cross-site request forgery (CSRF) attack thwarted
(user:GrouperSystem, ip:155.101.205.178, method:GET,
uri:/grouper/;jsessionid=A5FFC803A416F58090D3F3691077A6E5, error:required
token is missing from the request)
I think my CAS web.xml config could be the issue? I didn't see this 2.1.x. I
am pointing at my standard U test CAS server.
-Bryan
From: Chris Hyzer
[mailto:]
Sent: Tuesday, February 03, 2015 12:42 PM
To: Bryan Wooten;
Subject: RE: Fresh 2.2.1 Installation
Anything else in logs or stdout / stderr from tomcat?
From:
<mailto:>
[mailto:]
On Behalf Of Bryan Wooten
Sent: Tuesday, February 03, 2015 2:39 PM
To:
<mailto:>
Subject: [grouper-users] Fresh 2.2.1 Installation
Ok, not sure what is going on here.
We have a fresh 2.2.1 installation, not an upgrade from 2.1.x
We have a CASified Grouper UI. The CAS login is successful.
I have run the following GSH script:
grouperSession = GrouperSession.startRootSession();
addGroup("etc", "sysadmingroup", "SysAdmin Group")
addMember("etc:sysadmingroup", "GrouperSystem")
addMember("etc:sysadmingroup", "u0519980")
After login the UI displays this:
Maybe your session timed out and you need to start again. This should not
happen under normal operation. CSRF error.
I click "start over" and I get this:
You have an anonymous session since you are not logged in, but this section
requires you to be logged in. Maybe No username found. Your identity provider
might not be sending your username to this application. Either you need to
use a different identity provider, or ask your IT department to send your
username to this application.
Ideas?
Bryan Wooten
UIT-Common Infrastructure Systems
Work: 801.585.9323
Cell: 801.414.3593
- [grouper-users] Fresh 2.2.1 Installation, Bryan Wooten, 02/03/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/03/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/03/2015
- Re: [grouper-users] RE: Fresh 2.2.1 Installation, Waldbieser, Carl, 02/03/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/03/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/04/2015
- Re: [grouper-users] RE: Fresh 2.2.1 Installation, Waldbieser, Carl, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/04/2015
- Re: [grouper-users] RE: Fresh 2.2.1 Installation, Robert Bradley, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/04/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Bryan Wooten, 02/03/2015
- Re: [grouper-users] Fresh 2.2.1 Installation, Waldbieser, Carl, 02/03/2015
- RE: [grouper-users] Fresh 2.2.1 Installation, Bryan Wooten, 02/03/2015
- [grouper-users] RE: Fresh 2.2.1 Installation, Chris Hyzer, 02/03/2015
Archive powered by MHonArc 2.6.16.