Unable to log on to the RSA Access Manager Entitlements Manger (AdminGUI) after upgrade
Originally Published: 2013-04-26
Article Number
Applies To
RSA Access Manager Entitlements Manager (AdminGUI)
Issue
The Entitlements Manger logon page is displayed and the administrator is able to log on, but then is directed to the InvalidSession.jsp page and the browser displays "Session Expired"
The tomcat access log file shows a 302 redirect to InvalidSession.jsp
The tomcat standard output log shows the following:
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
at org.owasp.csrfguard.CsrfGuard.verifyAjaxToken(CsrfGuard.java:596)
at org.owasp.csrfguard.CsrfGuard.isValidRequest(CsrfGuard.java:381)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Unknown Source)
[Tue Nov 06 01:17:37 PST 2012] [Error] potential cross-site request forgery (CSRF) attack thwarted (
user:, ip:10.31.137.93, uri:/axm-admin-gui-6.1.4.02/JavaScriptServlet, error:required tok
en is missing from the request)
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
Cause
Resolution
Stop Apache Tomcat
Delete the axm-asmin-gui.war application
Delete the contents of the directory /Tomcat/work/catalina/Localhost/
Redeploy the axm-admin-gui.war file
Start Apache Tomcat
Workaround
Related Articles
High CPU usage by _aceserver_fe lock manager connect/disconnect messages in system log Number of Views RSA Authentication Manager 8.7 SP1 Bulk Administration Utility (AMBA) Guide Number of Views RSA Authentication Manager 8.7 Bulk Administration Utility (AMBA) Guide Number of Views RSA Authentication Manager 8.6 Bulk Administration Utility (AMBA) Guide Number of Views RSA SecurID Software Token 5.0 for Windows Quick Start Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU
Don't see what you're looking for?
