CSRF token not available for the login AJAX POST request | Community

gowrishankarp21

Level 2

Solved

CSRF token not available for the login AJAX POST request

Forum|Forum|9 years ago
March 16, 2016
3 replies
2042 views

We are upgrading from CQ 5.6 to 6.1, Our login POST AJAX request is failing due to invalid CSRF token. On Debugging we noticed that /libs/granite/csrf/token.json is returning a valid token only after successful CRX login otherwise it is returning an null value. So at the time of login, CSRF-Token is undefined and it is causing login post request to fail. Is there anyway to exempt the login post request alone from CSRF filter? or how can we fix this

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by gowrishankarp21

Thanks,

The "j_validate" field was missing in our login form, once we added it, it resolved the issue.

Level 10

See this Ask the AEM Community Experts - Justin - our AEM Evangelist cover this :

https://helpx.adobe.com/experience-manager/using/secure_sites.html

See the link the webinar at the start of the article - in the table at the start of the article.

Community Manager

Community Manager

Hi

Please see the similar question asked in forums:

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.html/forum__rgha-problem_overview.html

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.html/forum__knwl-hi_we_have_onese.html

Link:- http://stackoverflow.com/questions/7203304/warning-cant-verify-csrf-token-authenticity-rails

I hope this will solve your problem.

Thanks and Regards

Kautuk Sahni

Kautuk Sahni

gowrishankarp21AuthorAccepted solution

Level 2

Thanks,

The "j_validate" field was missing in our login form, once we added it, it resolved the issue.