Posted: 4 Sep 2019 3:58 EDT Last activity: 24 Jan 2020 6:09 EST
CSRF Enablement Causes HTTP 400 Error on Attempted Login
When enabling CSRF we are recieving a HTTP 400 error while attempting to login with users which do not belong to 2 of 6 user groups.
Error Description: The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).
Alert found in PegaRULES-ALERT.log: Unable to create requestor
Without CRSF Enabled we are able to successfully login, and seems to be no correlation between the Access Group and the error as duplicating working User Groups shows the same error.
Has anyone come across this issue before?
***Moderator Edit-Vidyaranjan: Updated SR details***
If your server is maintained by pega cloud please raise it with them, or need to raise it with your infra team. the thing is it is redirect URL is containing some characters like "[[" which Tomcat doesn't like it., So this has to be corrected by infra team.