You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@syncope.apache.org by Francesco Chicchiriccò <il...@apache.org> on 2020/09/02 16:35:28 UTC

Re: CSFR Issue

On 02/09/20 12:40, caius75 wrote:
> Hi Guys,
> i've installed Apache Syncope 2.1.6 with maven using tomcat 9.0.34 as JAVA
> EE container and MySQL as internal Storage.
> I can access to syncope-console pointing to tomcat 9080 port and everything
> seems to work fine, but whe i try to access to syncope-console pointing to
> an Apache Web Server acting as reverse-proxy i got following error:
>
> 12:04:14.508 DEBUG
> org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener - Source
> URI conflicts with request origin, aborted
> 12:04:14.509 INFO
> org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener -
> Possible CSRF attack, request URL: http://www.cds.org/syncope-console/login,
> Origin: https://www.cds.org, action: aborted with error 400 Origin does not
> correspond to request
>
> even if  csrf is set to false in console.properties.
>
> Any ideas?
Hi,
setting

csrf=false

for console.properties is definitely the way to solve the problem reported above.

The only possibility I can figure out to explain the persisting issue is that the actual console.properties being loaded is not the one where you placed the setting.
What deployment directory [1] did you set for config files (normally /opt/syncope/conf) during build?

Regards.

[1] http://syncope.apache.org/docs/2.1/reference-guide.html#deployment-directories

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/

Re: CSFR Issue

Posted by Francesco Chicchiriccò <il...@apache.org>.

On 03/09/20 15:15, caius75 wrote:
> Forget it!
>
> I hadn't re-initialize syncope database before re-deploy and it was looking
> for previuously already configured connectors.
>
> Now it work's.
>
> Thank You.

Glad to hear this!

FYI, the main reason of the last failure you had was the incorrect location, stored in the db, of the connector bundles, e.g. /opt/syncope/bundles now.

Regards.

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/

Re: CSFR Issue

Posted by caius75 <an...@par-tec.it>.

Forget it!

I hadn't re-initialize syncope database before re-deploy and it was looking
for previuously already configured connectors.

Now it work's.

Thank You.

--
Sent from: http://syncope-user.1051894.n5.nabble.com/

Re: CSFR Issue

Posted by caius75 <an...@par-tec.it>.

Hi,
previously I've deployed without creating conf,bundles,log directory under
/opt/syncope, just with mvn  clean install, and csrf=false setting under
/opt/apache-tomcat-9.0.37/webapps/syncope-console/WEB-INF/classes/console.properties
was ignored, I was able to login just without reverse proxy but everything
else worked fine.
 
I've redeployed after creating suggested directory and with:

 mvn clean verify    -Dconf.directory=/opt/syncope/conf   
-Dbundles.directory=/opt/syncope/bundles    -Dlog.directory=/opt/syncope/log

I'm able to login behind reverse proxy right now and view main dashboard,
but when I click on topology i got following errors in core.log:

Password property is being used. This must be changed to avoid a security
breach!
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.rest#1.0.5' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.db.table#2.2.6' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.soap#1.4.3' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.csvdir#0.8.8' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.ldap#1.5.4' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.soap#1.4.3' not found
12:51:01.391 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.db.table#2.2.6' not found
12:51:01.392 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.db.scriptedsql#2.2.6' not found
12:51:01.392 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.db.table#2.2.6' not found
12:51:01.392 ERROR org.apache.syncope.core.logic.AbstractLogic - Connector
'net.tirasa.connid.bundles.soap#1.4.3' not found


 and following in console.log

nsole.wicket.markup.html.form.preview.BinaryPDFPreviewer$ThumbnailImageResource,
ignoring
12:39:37.831 ERROR
org.apache.syncope.client.console.SyncopeConsoleRequestCycleListener -
Exception found
org.apache.wicket.WicketRuntimeException: Can't instantiate page using
constructor 'public org.apache.syncope.client.console.topology.Topology()'.
An exception has been thrown during construction!
        at
org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:194)
~[wicket-core-8.8.0.jar:8.8.0]
        at
org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:67)
~[wicket-core-8.8.0.jar:8.8.0]

even if i have now:

[root@iam-im log]# ls -lrt /opt/syncope/bundles/
total 44792
-rw-r--r--. 1 root root  9191484 Sep  1 12:08
net.tirasa.connid.bundles.soap-1.4.3.jar
-rw-r--r--. 1 root root  7154187 Sep  1 12:08
net.tirasa.connid.bundles.rest-1.0.5.jar
-rw-r--r--. 1 root root  1558693 Sep  1 12:08
net.tirasa.connid.bundles.csvdir-0.8.8.jar
-rw-r--r--. 1 root root   144730 Sep  1 12:08
net.tirasa.connid.bundles.db.table-2.2.6.jar
-rw-r--r--. 1 root root   100074 Sep  1 12:08
net.tirasa.connid.bundles.db.scriptedsql-2.2.6.jar
-rw-r--r--. 1 root root   265305 Sep  1 12:08
net.tirasa.connid.bundles.ldap-1.5.4.jar
-rw-r--r--. 1 root root   401016 Sep  1 12:08
net.tirasa.connid.bundles.ad-1.3.6.jar
-rw-r--r--. 1 root root  5084741 Sep  1 12:08
net.tirasa.connid.bundles.googleapps-1.4.2.jar
-rw-r--r--. 1 root root 10111011 Sep  1 12:08
net.tirasa.connid.bundles.azure-1.0.1.jar
-rw-r--r--. 1 root root  5988834 Sep  1 12:08
net.tirasa.connid.bundles.scimv11-1.0.1.jar
-rw-r--r--. 1 root root  5841730 Sep  1 12:08
net.tirasa.connid.bundles.servicenow-1.0.0.jar

Any suggestion?
 

--
Sent from: http://syncope-user.1051894.n5.nabble.com/