Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CP Guest Reset Password CSRF error

This thread has been viewed 0 times

  • 1.  CP Guest Reset Password CSRF error

    Posted Jul 26, 2013 02:22 AM

    Hi,

     

    I am using CP Guest, everthing is working fine but I stil have a problem with the Reset Password form. If I try to reset my password thru the Self Service Reset Password, I have this error message on the browser : This webpage has a redirect loop and the URL is : mycpserver/guest/auth_login.php.

     

    Here is what I get in CP Guest log : 

     

    Client:    46.xxx.xx.254:58617
Script:    /guest/guest_service_reset.php
Function:  NwaValidateCsrfToken
Details:   array (
  'username' => NULL,
  'SERVER_ADDR' => '10.1.0.3',
  'SERVER_PORT' => '80',
  'SERVER_NAME' => 'mycpserver',
  'SERVER_PROTOCOL' => 'HTTP/1.0',
  'REQUEST_METHOD' => 'POST',
  'SCRIPT_URI' => 'http://mycpserver/guest/guest_service_reset.php',
  'HTTP_HOST' => 'mycpserver',
  'HTTP_REFERER' => NULL,
  'HTTP_USER_AGENT' => 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36',
  'REMOTE_ADDR' => '46.xxx.xx.254',
  'REMOTE_PORT' => '58617',
)

     

    Any idea about this issue ?

     

    Thanks

     

    Dimitri