Grouper Users - Open Discussion List

[Dennis Roberts <>]

I ran into something like this when I was creating the Docker image that we’re currently using for our Grouper deployment. Tomcat 7.0.66 includes a change to Tomcat’s CSRF detection feature that seems to conflict with Grouper’s. I didn’t try to identify the reason for the conflict, but I did confirm that we got the CSRF errors when we used Tomcat 7.0.66 but not when we used Tomcat 7.0.65.

For the time being, we modified the docker file to use Tomcat 7.0.65 explicitly. You can find the docker file and related configuration files here if you’re curious: https://github.com/cyverse/DE/tree/master/docker/grouper.

Thanks, Dennis

On August 1, 2016 at 12:15:31 PM, Hyzer, Chris () wrote:

Those simple GETs shold not give errors, can you give the log entries for those errors? The csrf config should be able to whitelist them...

-----Original Message-----
From: [mailto:] On Behalf Of Imholz, John J.
Sent: Wednesday, July 27, 2016 1:55 PM
To:
Subject: [grouper-users] csrf error

I'm trying to get 2.3 to run under Tomcat7 (rather than the Tomcat that comes with the grouper installer.)

I've added: mapperContextRootRedirectEnabled="true" mapperDirectoryRedirectEnabled="true" to the Context element in server.xml (from https://spaces.internet2.edu/display/Grouper/Grouper+UI+Installation )

But I still get a CSRF error when I goto https://server/grouper/ or https://server/grouper/index.jsp but no error when I goto server/grouper/grouperUI/

Any suggestions?

jji