Your achievements

0% to

Tip / to gain points, level up, and earn exciting badges like the new

Adobe Experience Manager Sites & More

SOLVED

CSRF token not available for the login AJAX POST request

We are upgrading from CQ 5.6 to 6.1, Our login POST AJAX request is failing due to invalid CSRF token. On Debugging we noticed that /libs/granite/csrf/token.json is returning a valid token only after successful CRX login otherwise it is returning an null value. So at the time of login, CSRF-Token is undefined and it is causing login post request to fail. Is there anyway to exempt the login post request alone from CSRF filter? or how can we fix this

1.8K

3

1 Accepted Solution

Correct answer by

Thanks,

The "j_validate" field was missing in our login form, once we added it, it resolved the issue.

View solution in original post

1.3K

0

Jump to reply

3 Replies

See this Ask the AEM Community Experts - Justin - our AEM Evangelist cover this :

https://helpx.adobe.com/experience-manager/using/secure_sites.html

See the link the webinar at the start of the article - in the table at the start of the article.

1.2K

0

Hi

Please see the similar question asked in forums:

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

Link:- http://stackoverflow.com/questions/7203304/warning-cant-verify-csrf-token-authenticity-rails

I hope this will solve your problem.

Thanks and Regards

Kautuk Sahni

Kautuk Sahni

1.2K

0

Correct answer by

Thanks,

The "j_validate" field was missing in our login form, once we added it, it resolved the issue.

1.3K

0

Jump to reply

Related Conversations

Want to get the content of YAML files instead of downloading them (AEM 6.5)

115

0

4

Some metadata not extracted by DAM update asset workflow

70

2

0

Disable dispatcher caching for specific requests

157

1

5

Fix CACHE-CONTROL maxAge for client libraries - to ensure immediate deployment of new code

315

1

12

Can we extend spa react xfpage model so that we can access the custom page properties added in the page component

85

1

0