on 03-13-2015 1:28 PM
Dear experts,
our customer is facing the issue, that they can't do imports from NWDS to PI anymore after PI has been updated.
NWDS: 7.31 SP 05 Patch 003
PI Java only: 7.31 SP14 (updated from SP Stack 6)
Everytime they want to import content into their productive system they receive a http 403 returncode saying "XSRF violation" and nothing more.
And that's all the Java logs are telling us, too. Default trace says nothing - application log just notices the XSRF violation.
I know there have been some security changes in the implemented SPs that most probably cause this message.
Of course I've already googled and searched through OSS and SCN - but we're not sure how to handle this situation.
Could it be necessary to update the NWDS, too?
Or is it possible to turn off the XSRF mechanism?
I've found note 1894606 (not really applying to our situation but) describing the parameter xsrf.protection.enabled to be set to false.
Unfortunately I can't find such a parameter anywhere in NWA and I'm really not sure if disabling XSRF makes sense.
Does anybody know, how to handle this?
Many thanks in advance!
Regards
Marie
Hi marie,
Hope you are doing good.
Updating NWDS will not be helpful here as you are already on 7.3 NWDS. You can set the xsrf.protection.enabled to false in configtool; please let me know if you are not able to find this. In case an ABAP client is not yet updated to the latest level, it cannot work properly with XSRF protected /dir/CacheRefresh servlet. In this case the /dir/CacheRefresh servlet returns HTTP 403 error due to a missing XSRFToken parameter.
Hope this helps.
_ _ _ _ _ _ _ _ _
Kind Regards,
Hemanth
SAP AGS
_ _ _ _ _ _ _ _ _
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Well, if you know, where to look for it, it's quite simple - you're right
I've deactivated XSRF protection and restarted the system.
I'm now waiting for a response if it helped with the NWDS problem because I can't check this myself.
As soon as there are any news, I'll let you know
Many many thanks for your quick responses!!
Regards
Marie
Hi Hemanth,
thank you very much - deactivating this parameter solved the issue.
I couldn't find any official note to that - is it recommended or maybe even necessary to deactivate this parameter for using NWDS?
I mean - there somehow has to be a reason, that this parameter is active by default... I guess
Thanks & regards
Marie
It is recommended to maintain the same SP and patch level's b/w NWDS and PI.
So i would suggest you to install the suitable version and see if that helps..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.