You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Denys Buzhor (JIRA)" <ji...@apache.org> on 2013/11/16 22:19:22 UTC

[jira] [Created] (AMBARI-3788) Perform E2E testing of Ambari with api.csrfPrevention.enabled=true

Denys Buzhor created AMBARI-3788:
------------------------------------

             Summary: Perform E2E testing of Ambari with api.csrfPrevention.enabled=true
                 Key: AMBARI-3788
                 URL: https://issues.apache.org/jira/browse/AMBARI-3788
             Project: Ambari
          Issue Type: Task
          Components: client
    Affects Versions: 1.4.2
            Reporter: Denys Buzhor
            Assignee: Denys Buzhor
             Fix For: 1.4.2


Set *api.csrfPrevention.enabled=true* in *ambari.properties*, restart ambari server, and verify that Ambari Web works properly with that option on.
Before testing Ambari Web, make sure that the POST calls to the API does NOT work unless you pass the *X-Requested-By* option (to make sure that the CSRF filter is in effect).



--
This message was sent by Atlassian JIRA
(v6.1#6144)