Unable to log on to the RSA Access Manager Entitlements Manger (AdminGUI) after upgrade
Originally Published: 2013-04-26
Article Number
Applies To
RSA Access Manager Entitlements Manager (AdminGUI)
Issue
The Entitlements Manger logon page is displayed and the administrator is able to log on, but then is directed to the InvalidSession.jsp page and the browser displays "Session Expired"
The tomcat access log file shows a 302 redirect to InvalidSession.jsp
The tomcat standard output log shows the following:
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
at org.owasp.csrfguard.CsrfGuard.verifyAjaxToken(CsrfGuard.java:596)
at org.owasp.csrfguard.CsrfGuard.isValidRequest(CsrfGuard.java:381)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Unknown Source)
[Tue Nov 06 01:17:37 PST 2012] [Error] potential cross-site request forgery (CSRF) attack thwarted (
user:, ip:10.31.137.93, uri:/axm-admin-gui-6.1.4.02/JavaScriptServlet, error:required tok
en is missing from the request)
org.owasp.csrfguard.CsrfGuardException: required token is missing from the request
Cause
Resolution
Stop Apache Tomcat
Delete the axm-asmin-gui.war application
Delete the contents of the directory /Tomcat/work/catalina/Localhost/
Redeploy the axm-admin-gui.war file
Start Apache Tomcat
Workaround
Related Articles
High CPU usage by _aceserver_fe lock manager connect/disconnect messages in system log Number of Views RSA Authentication Manager 8.7 SP1 Bulk Administration Utility (AMBA) Guide Number of Views RSA Authentication Manager 8.7 Bulk Administration Utility (AMBA) Guide Number of Views RSA SecurID Software Token 5.0 for Windows Quick Start Number of Views RSA Authentication Manager 8.6 Bulk Administration Utility (AMBA) Guide Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
