Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Re: CSRF Error (Grouper 2.3.0 login w/ Cas)

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Re: CSRF Error (Grouper 2.3.0 login w/ Cas)


Chronological Thread 
  • From: Akki Kumar <>
  • To: "Hyzer, Chris" <>
  • Cc: "" <>
  • Subject: [grouper-users] Re: CSRF Error (Grouper 2.3.0 login w/ Cas)
  • Date: Wed, 3 May 2017 13:06:12 -0400
  • Ironport-phdr: 9a23:BPRwkxKTWG/pHJgWndmcpTZWNBhigK39O0sv0rFitYgfK/nxwZ3uMQTl6Ol3ixeRBMOAuqwC1rud6vi9EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQtFiT68bL9oLBi7qQrdutQKjYZiN6081gbHrnxUdupM2GhmP0iTnxHy5sex+J5s7SFdsO8/+sBDTKv3Yb02QaRXAzo6PW814tbrtQTYQguU+nQcSGQWnQFWDAXD8Rr3Q43+sir+tup6xSmaIcj7Rq06VDi+86tmTgLjhSEaPDA77W7XkNR9g6BVoByhqRJxwJPabp+JO/dlZKzRYckXSHBdUspNVSFMBJ63YYsVD+oGOOZVt5Xwp1gNrRu/GAKiAf7vyjpSiX/swKY31P4uEQTc0w0hHtIOtnvUrMzoNKgMSuC10KjIzTLFb/NNxTvx9IrFfwsuofGJR71wcM7RxVMzGAPCi1WdsIroNC6b2OQKtmiU9etgVeS3hm4orAFxpTevxsMyhYXTmo0VzVXE+T14wIYzOd23VlR7Ydi6H5tMqS2WLZV5Td4/Q21wvCY6zbIGuZGlcygQ0pgo2QPQa+GBfoOV4RzjTP6cLSl5iX55er+yghiy/Eu7xeHgU8S530pGojZYndTJqn8Byxje582CR/dj4Euh1zCC3B3J5O5eO0A7j6/bJoYhwrEukpoTtlzOHirsl0X3iK+ab1wk+uu05+j+bbTquIGQN4FuhgHxNaQuncO/AeAmPQQUQ2eb/uG82KXi/U3/XrpKkuU7nrfYvZzGJ8kWo6C5DgxO3Yo/7huyACuq3MgFknQCMF1JZBaKgo3sNl3QPvz4A++zg1G2nzdqw/DGMKfhApLILnXbirjheKxy6k9dyAo1wtBf/o9UBa8aIPLvW0/xs9rYDgQlPwCowevqE9p91oYEVmKOBq+VKr/dsViN5u43OemDeJcVuCrhK/gi//PugmU5mVgAfamxw5QXcmm0Hul9I0qHe3rsmcwMEWMLvgolUOzqk0OOXSRSZ3a0Q6Iz+Cs7CIS4AoffWIyhmqKO0zqmHs4eWmcTQHCdA3ryM82vW+0Nc2jadspqki0WWKKJSpQqkwy2uQn8jbdrM7yH1DcfsMfK19t0r87OkBgovWh9Cs2P0meCVnx5hX8JQDkthPggiUN4w1aHl6N/hqoLRpRo+/pVX1JiZtbnxOtgBoWqVw==

Hi Chris,

I found properties file under two locations (/grouper.apiBinary-2.3.0/ & /grouper-ws/WEB-INF) and both files has no details regarding grouper_v2_3_0_ui_patch_7. For you reference, I have added properties files to the driver.

Thank you,
Akki

On Wed, May 3, 2017 at 12:49 PM, Hyzer, Chris <> wrote:

Look at WEB-INF/grouperPatchStatus.properties

 

You should have success for each patch here:

 

https://spaces.internet2.edu/display/Grouper/v2.3+Release+Notes

 

Especially the UI patch 7, which fixes this problem:

 

https://bugs.internet2.edu/jira/browse/GRP-1405

 

So… do they say success or do you need to run the installer again to apply the patches?  J

 

If its hard to tell please sent that file along J

 

Thanks

Chris

 

 

 

From: Akki Kumar [mailto:]
Sent: Wednesday, May 03, 2017 12:46 PM
To: Hyzer, Chris <>
Cc:

Subject: Re: CSRF Error (Grouper 2.3.0 login w/ Cas)

 

Hi Chris,

 

Added Owasp.CsrfGuard.overlay.properties file to below link:

 

 

Thank you,

Akki

 

 

On Wed, May 3, 2017 at 12:01 PM, Hyzer, Chris <> wrote:

Please send me the file:

 

/tmp/grouperInstaller_v2_2_3/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/Owasp.CsrfGuard.overlay.properties

 

Thanks

Chris

 

From: Akki Kumar [mailto:]
Sent: Wednesday, May 03, 2017 10:08 AM
To: Hyzer, Chris <>
Cc:
Subject: Re: CSRF Error (Grouper 2.3.0 login w/ Cas)

 

Hi Chris,

 

Thank you for the prompt reply. Below link contains grouper logs from today (after starting tomcat). Also, during Grouper 2.3.0 installation, the installer ran and added all patches without any errors.

 

 

Note: The logs files, grouper_bench.log & grouper_debug.log are empty.

 

Thank you,

Akki

 

On Wed, May 3, 2017 at 8:56 AM, Hyzer, Chris <> wrote:

Are you fully patched?  Stop tomcat, delete all logs, put this in log4j.properties:

 

log4j.logger.edu.internet2.middleware.grouper.ui.GrouperUiFilter = DEBUG

 

start tomcat, and send all logs.

 

Thanks

Chris

 

From: Akki Kumar [mailto:]
Sent: Tuesday, May 02, 2017 3:06 PM
To: Hyzer, Chris <>
Cc:
Subject: CSRF Error (Grouper 2.3.0 login w/ Cas)

 

Hi Chris,

 

I installed Grouper 2.3.0 (Fresh Installation) and Tomcat 8.5.12. After login to the Grouper, UI displays below error:

 

Maybe your session timed out and you need to start again. This should not happen under normal operation. CSRF error.


I clicked on the "start over" link and I get below error:

You have an anonymous session since you are not logged in, but this section requires you to be logged in. Maybe No username found. Your identity provider might not be sending your username to this application. Either you need to use a different identity provider, or ask your IT department to send your username to this application.

 

As per below ticket (GRP-996), CSRF bug is fixed in 2.2.0, but the error is still showing up for the Grouper 2.3.0. What configuration are needed to fix this issue?

 

 

Thank you,

Akki

 

 





Archive powered by MHonArc 2.6.19.

Top of Page