Hi Friends,
I have configured proxy with alfresco to my existing system. Now all the application works great but delete a document and modify the permissions is not working. There are no logs reported in share.log or alfresco.log for this but in the application i see following error and in proxy server i see some logs similar to following.
Application errors when deleting a file:
1, Could not delete 'test1.docx'
proxy log for the above error:
AH01797: client denied by server configuration: proxy: https://mysite/share/proxy/alfresco/slingshot/doclib/action/file/node/workspace/SpacesStore/4a136f1f..., referer: https://mysite/share/page/site/test2/documentlibrary
Application error when modifying the permissions:
1, Failed to change role of user balfocse
proxy error for the above error:
AH01797: client denied by server configuration: proxy: https://mysite/share/proxy/alfresco/api/sites/test2/memberships/balfocse, referer: https://mysite/share/
page/site/test2/site-members
This is only happening after configuring proxy server configuration. Any help is greatly appreciated.
Have you configured the Alfresco Share CSRF security mechanism correctly for your specific proxy setup? The CSRF filter can interfere with any modifying actions when Share does not consider the referrer to be "itself" due to proxy name being different than the host name.
Hi Axel,
Thank you for the response. sorry for the delayed response. I Did not set the CSRF security Mechanism at all. The issue was the proxy server has block on delete and put. We fixed it by disabling the this configuration for share. Now I am at a point to set up CSRF security to my application. Can you tell me where should I make this changes in the application.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.