Versions Compared

Old Version 24

changes.mady.by.user Former user

Saved on

compared with

New Version 25

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Add the following code snippet within the <Security> element of the <PRODUCT_HOME>/repository/conf/carbon.xml file.

    Code Block
    languagexml
    <CSRFPreventionConfig>
    <CSRFValve>
        <Enabled>true</Enabled>
  <Enabled>true</Enabled>      <!--Enable/Disable CSRF prevention-->
 
              <Rule>allow</Rule>



              <!--URL Pattern to skip the CSRF prevention-->
                <Patterns>
                        <Pattern>commonauth</Pattern>
                        <Pattern>samlsso</Pattern>
                        <Pattern>authenticationendpoint</Pattern>
    
                   <Pattern>wso2</Pattern>

                       <Pattern>oauth2</Pattern>
     
                  <Pattern>openid</Pattern>
      
                 <Pattern>openidserver</Pattern>
  
                     <Pattern>passivests</Pattern>
                        <Pattern>services</Pattern>
   
            </Patterns>

                		
		<!--List of URL to allow as source to access the system-->
     
          <WhiteList>
                        <Url>https://localhost:9443</Url>
           </WhiteList>
    </WhiteList>CSRFValve>
</CSRFPreventionConfig>

  2. Edit the <Whitelist> element of the code snippet above by adding the relevant list of URLs that are approved sources.

  3.  Add the following configuration within the <Hosts> element of the <PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xml file.

    Code Block
    languagexml
    <Valve className="org.wso2.carbon.ui.valve.CSRFValve"/>

  4. Restart the product server.

...