Unable to log on to the RSA Access Manager Entitlements Manger (AdminGUI) after upgrade
Originally Published: 2013-04-26
Article Number
Applies To
RSA Access Manager Entitlements Manager (AdminGUI)
Issue
The Entitlements Manger logon page is displayed and the administrator is able to log on, but then is directed to the InvalidSession.jsp page and the browser displays "Session Expired"
The tomcat access log file shows a 302 redirect to InvalidSession.jsp
The tomcat standard output log shows the following:
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
at org.owasp.csrfguard.CsrfGuard.verifyAjaxToken(CsrfGuard.java:596)
at org.owasp.csrfguard.CsrfGuard.isValidRequest(CsrfGuard.java:381)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Unknown Source)
[Tue Nov 06 01:17:37 PST 2012] [Error] potential cross-site request forgery (CSRF) attack thwarted (
user:, ip:10.31.137.93, uri:/axm-admin-gui-6.1.4.02/JavaScriptServlet, error:required tok
en is missing from the request)
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
Cause
Resolution
Stop Apache Tomcat
Delete the axm-asmin-gui.war application
Delete the contents of the directory /Tomcat/work/catalina/Localhost/
Redeploy the axm-admin-gui.war file
Start Apache Tomcat
Workaround
Related Articles
High CPU usage by _aceserver_fe lock manager connect/disconnect messages in system log Number of Views RSA Authentication Manager 8.7 SP1 Bulk Administration Utility (AMBA) Guide Number of Views RSA Authentication Manager 8.7 Bulk Administration Utility (AMBA) Guide Number of Views RSA Authentication Manager 8.6 Bulk Administration Utility (AMBA) Guide Number of Views AMIS AM Prime Unable to create/add user account from HDAP portal Number of Views
Trending Articles
How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide Troubleshooting RSA MFA Agent for Microsoft Windows
Don't see what you're looking for?
