ADF- CSRF Token Error

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Senior Member II

ADF- CSRF Token Error

I am using ADF with APS. In Local environment I am able to login but as a connect my development environment(https),it is giving CSRF Token error.

Login Error.pngWhat is the solution of this?

Here mention that i need to disable csrf token.https://hub.alfresco.com/t5/application-development/http-status-403-invalid-csrf-token/m-p/110927#M1 

Will it create any other problem? 

Thanks & Regards,
Sanjay
6 Replies
Highlighted
Alfresco Employee

Re: ADf- CSRF Token Error

You don't need CSRF with ADF applications (and any other single-page application).

Highlighted
Senior Member II

Re: ADf- CSRF Token Error

Is this problem of APS and ADF Version?

APS: 1.9

ADF:3.9

I am using above version.

You are saying not need of CSRF then what should cause of error?

Thanks & Regards,
Sanjay
Highlighted
Alfresco Employee

Re: ADf- CSRF Token Error

Just switch it off via attributes as Login dialog suggests you

Highlighted
Senior Member II

Re: ADf- CSRF Token Error

I have tried as per your instruction.

It is saying that it is unknown property.

 

<adf-login
  copyrightText="© 2018 Alfresco Software, Inc. All Rights Reserved."
  successRoute="/apps" [disableCsrf]="true">
</adf-login>
 
Screenshot_1.png
 
I have customized page where need to provide login so I am using below code for login.
 
this.authService.login(username,password).subscribe();
 
Thanks & Regards,
Sanjay
Highlighted
Alfresco Employee

Re: ADf- CSRF Token Error

It's in the documentation, just read it. You can also check the Yeoman Generator that gives you a blank pre-configured application with all the stuff to get started. We also have an example content application that has even more functionality there. Here's the simple use of login: https://github.com/Alfresco/alfresco-content-app/blob/develop/src/app/components/login/login.compone...

Highlighted
Senior Member II

Re: ADf- CSRF Token Error

I have generated application with adf-generator for APS.

I have tried with default login page by setting param below way.

<adf-login
  copyrightText="© 2018 Alfresco Software, Inc. All Rights Reserved."
  successRoute="/apps" [disableCsrf]="true">
</adf-login>
 
 

https://github.com/Alfresco/alfresco-ng2-components/blob/develop/lib/core/login/components/login.com...

I checked source code of login component.I am not able to find out @Input  Parameter related to disableCsrf.

Thanks & Regards,
Sanjay