L3 - Default
Resolution: Won't Fix
Steps to Reproduce
- go to Cockpits dashboard
- manipulate the CSRF token
- refresh the page
--> session expires and the user has to log in again (this works as expected)
When trying to log in again the authentication failed
I need to refresh the page to be able to log in again.
Different behavior when using wildfly 10. The XSRF token will be renewed automatically without session expiration.
With WLS12R2 it works as expected.
Engine: jboss-7.9.6 / apache 7.8.12
This is the controller panel for Smart Panels app
- is related to
CAM-9246 Cannot recover from CSRF error without session timeout