Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-89390

Misleading exception is thrown for invalid CSRF token

    Details

    • Type: Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: Master
    • Fix Version/s: Master
    • Component/s: Application Security
    • Labels:
      None

      Description

      Steps to reproduce:

      1. Sign in as portal admin
      2. Go to http://localhost:8080/api/jsonws/user/get-current-user

       Expected result: Log contains error message "User 20139 did not provide valid CSRF token for com.liferay.portal.jsonwebservice.JSONWebServiceServiceAction:/user/get-current-user"
       Actual result: Log contains: "User 20139 must be authenticated"

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                33 weeks, 3 days ago

                Packages

                Version Package
                Master