IBM Support

IV91742: DUE TO CSRF TOKEN MISMATCH THE USER IS LOGGED OUT OF THE DASHBOARD.

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Problem description:
On a cluster setup at FP08 level, without session recording
activated, after clicking on some of the widgets, like Cluster
status refresh link, Server Control refresh link, Middleware
Monitor refresh link etc, the CSRF token in the request in
these cases does not match the one used for authentication.
This causes a CSRF token mismatch and thus the user is logged
out of the dashboard.

Steps to duplicate:
- Sign in https://<pim_host>:9443/login with admin user
- immediately try to stop the server in dashboard
- immediately the error happen and the application redirects
the client to the login page again"

Local fix

  • NA

Problem summary

  • Administrator logged out of the VA console when certain
operations are selected.

Problem conclusion

  • Fixed in ISPIM 2.0.2 IF10 and 2.1 FP3

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IV91742
    • 

  • Reported component name
    SEC PIM VIRTAPP
    • 

  • Reported component ID
    5725H30VA
    • 

  • Reported release
    202
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-12-30
    • 

  • Closed date
    2017-04-28
    • 

  • Last modified date
    2017-04-28
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SEC PIM VIRTAPP
    • 

  • Fixed component ID
    5725H30VA
    • 



Applicable component levels


    

  • R202  PSY
       UP
    • 

  • R210  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSCA3Q5","label":"Privileged Identity Manager Virtual Appliance"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"202","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            28 April 2017
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback