Question

4
Replies
851
Views
Close popover
krishna talasila (krishnat0687)
Express Scripts

Express Scripts
US
View ProfileSend Message
krishnat0687 Member since 2014 2 posts
Express Scripts
Posted: September 27, 2018
Last activity: October 5, 2018
Closed

CSRF Token not generated

Hi

Following https://community.pega.com/knowledgebase/articles/configuring-csrf-protection from Pega, Issue is we dont see token getting generated.

Below are set at DSS:

prconfig/security/csrf/securedActivities/default

Values= included class with activity names"

prconfig/security/csrf/mitigation/default

Value =true

Using Pega7.2

Any one have similar issue?, if not can you share detailed steps how its implemented.

Thank you

Security System Administration
Close popover
Moderation Team has archived post
Posted: 2 years ago
Close popover
krishna talasila (krishnat0687)
Express Scripts

Express Scripts
US
View ProfileSend Message

Tried below Steps which didn't resolve issue. Couldn't see any Token in URL as specified by article.


DSS settings, Restarted Server.


ID
Pega-Engine • prconfig/security/csrf/secureall/default


RS


Value


true


 


ID
Pega-Engine • prconfig/security/csrf/validreferers/default



Value


"Added URL of application"


 


ID
Pega-Engine • prconfig/security/csrf/mitigation/default


RS


Value


true

Posted: 2 years ago
Close popover
Marissa Rogers (MarissaRogers)
MOD
Senior Community Moderator
Pegasystems Inc.
US
View ProfileSend Message

Hey @krishnat0687!


Since you are talking about system settings we'd like to ask that you open a Support Request (please reference this thread) so that we can talk about this with you offline. 


Please let  us know the SR ID once opened.


Thanks!
Share this page Share via LinkedIn Copying...
Copied!