Project

Profile

Help

Issue #5955

closed

using cert auth throws an error: {"detail":"CSRF Failed: CSRF token missing or incorrect."}

Added by jsherril@redhat.com about 4 years ago. Updated almost 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Katello
Sprint:
Sprint 64
Quarter:

Description

This was working but after updating my pulp installation it stopped working (i suspect its related to some sort of dependency, but i'm not sure).

# curl  https://`hostname`/pulp/api/v3/repositories/file/file/   --cert /etc/pki/katello/certs/pulp-client.crt  --key /etc/pki/katello/private/pulp-client.key   -d '{"name":"foo"}' 
{"detail":"CSRF Failed: CSRF token missing or incorrect."}

Using user/name pass works fine.

I have the following snippet in my webserver:

<Location /pulp/api/v3/>
RequestHeader set REMOTE_USER "%{SSL_CLIENT_S_DN_CN}s" env=SSL_CLIENT_S_DN
</Location>

and the following in my settings.py:

REMOTE_USER_ENVIRON_NAME = "HTTP_REMOTE_USER"


Files

ssl.conf (2.71 KB) ssl.conf jsherril@redhat.com, 01/10/2020 05:09 PM
certs.tar (220 KB) certs.tar jsherril@redhat.com, 01/10/2020 05:15 PM

Also available in: Atom PDF