Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

Access to path "/libs/granite/csrf/token.json" is returning 404.

Avatar

Level 2

csrf token are successfully generated at AEM stage environment both author and publishers.

The problem is coming probably at dispatcher or CDN level. I am not sure where to look further to resolve this issue.

At dispatcher level , I can see following logs:

[Wed May 08 02:32:00 2024] [D] [pid 11304 (tid 11668)] checking [/libs/granite/csrf/token.json]
[Wed May 08 02:32:00 2024] [D] [pid 11304 (tid 11668)] request URL not in cache rules: /libs/granite/csrf/token.json
[Wed May 08 02:32:00 2024] [D] [pid 11304 (tid 11668)] cache-action for [/libs/granite/csrf/token.json]: NONE

Above logs conclude that the token is not cached at dispatcher<OK>

And also in logs I can see following which is where I am looking for help :

[Wed May 08 02:32:00 2024] [D] [pid 11304 (tid 11668)] Name not in ignored URL parameters ACL: 404;http://secure-stage.abc.info:80/libs/granite/csrf/token.json
[Wed May 08 02:32:00 2024] [D] [pid 11304 (tid 11668)] request contains a query string: 404;http://secure-stage.abc.info:80/libs/granite/csrf/token.json

 

Strangely I have checked at PROD environment, with similar configuration at CDN and dispatcher level, the csrf token is generated properly.

 

I am suspecting the issue might be there at IIS server (used for hosting application), dispatcher or CDN.

Can anyone help here?

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @MaheshKPati 

404 errors are usually returned from dispatcher when the specific URL is blocked or not allowed to pass to publishers.

 

Can you please take a look at you dispatcher filter configuration to see if the below is there . Under dispatcher.d filter file you can check . 

 

/00xx { /type "allow" /method "GET" /url '/libs/granite/csrf/token.json' /extension 'json' }

View solution in original post

3 Replies

Avatar

Correct answer by
Community Advisor

Hi @MaheshKPati 

404 errors are usually returned from dispatcher when the specific URL is blocked or not allowed to pass to publishers.

 

Can you please take a look at you dispatcher filter configuration to see if the below is there . Under dispatcher.d filter file you can check . 

 

/00xx { /type "allow" /method "GET" /url '/libs/granite/csrf/token.json' /extension 'json' }

Avatar

Level 2

Hi @sherinregi , 

This line is already present. Even if i bypass dispatcher, this issue exists. 

Let me look into the CDN or IIS rules.

Avatar

Community Advisor

Hi @MaheshKPati ,

The issue you're encountering, where access to the CSRF token path /libs/granite/csrf/token.json returns a 404 error, seems to be related to the configuration or behavior of your dispatcher or CDN setup. Here are some steps you can take to diagnose and resolve the issue:

  1. Verify Dispatcher Configuration:

    • Double-check the configuration of your Apache Dispatcher module to ensure that requests to /libs/granite/csrf/token.json are not being blocked or redirected incorrectly.
    • Ensure that the Dispatcher configuration is consistent between your AEM stage and production environments.
  2. Check Dispatcher Rules:

    • Review the Dispatcher configuration rules (typically in the dispatcher.any file) to ensure that requests to /libs/granite/csrf/token.json are not being accidentally blocked or bypassed.
    • Verify that the rules for caching and caching invalidation are correctly configured for this path.
  3. Examine CDN Configuration:

    • If you are using a CDN, review its configuration to ensure that it is correctly handling requests for the CSRF token path.
    • Check any cache rules or settings in your CDN configuration to ensure they are not interfering with requests to /libs/granite/csrf/token.json.
  4. Inspect IIS Server Configuration:

    • Since you suspect the issue may be related to the IIS server hosting your application, verify its configuration to ensure that requests to /libs/granite/csrf/token.json are being properly handled and not blocked.
    • Look for any rules or settings in IIS that could be affecting requests to this path.
  5. Compare Environments:

    • Compare the configurations of your stage and production environments, including Dispatcher, CDN, and server configurations, to identify any differences that could be causing the issue.
    • Check if any recent changes or updates were made to the stage environment that could have caused this behavior.
  6. Test Direct Access:

    • Try accessing the CSRF token path directly from the stage environment without going through the CDN or Dispatcher. This can help isolate whether the issue is occurring at the origin server level or as a result of the CDN or Dispatcher configuration.
  7. Logging and Monitoring:

    • Enable detailed logging on the Dispatcher, CDN, and server (IIS) to capture more information about the requests and responses for /libs/granite/csrf/token.json.
    • Monitor the logs for any errors or warnings that may provide clues about the cause of the 404 error.

By systematically reviewing and troubleshooting each component of your setup, you should be able to identify and resolve the issue with accessing the CSRF token path. If you're still unable to resolve the issue, consider reaching out to your CDN or Dispatcher provider for further assistance.