Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-11993

CSRF cookie prevents login in Spring Boot

    XMLWordPrintable

    Details

      Description

      Given:

      1. Run a Camunda Tomcat|Wildfly|WAS|WLS distro on localhost:8080 (or any other host:port combination).
      2. Login and use the Camunda Webapps so that a CSRF cookie is stored in your browser.
      3. Shut down the distro.
      4. Run the Camund BPM Run distro or Spring Boot on the same host:port combination.

      When:
      You attempt to login to the Camunda Webapps.

      Then:
      The login attempt fails and a CSRFPreventionFilter exception is thrown. To fix it, you need to manually clear the cookies.

      Expected:
      Switching Camunda distros doesn't impact login attempts and a user can login without the need of manually clearing the cookies.
       

        Attachments

          Activity

            People

            Assignee:
            michael.schoettes Michael Schoettes
            Reporter:
            nikola.koevski Nikola Koevski
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: