This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Add the following code snippet within the <Security> element of the <PRODUCT_HOME>/repository/conf/carbon.xml file.

    Code Block
    languagexml
    <CSRFPreventionConfig>
        <CSRFValve>
            <Enabled>true</Enabled>
            <!-Enable/Disable CSRF prevention->
            <Rule>allow</Rule>
    
            <!--URL Pattern to skip the CSRF prevention-->
            <Patterns>
                <Pattern>commonauth</Pattern>
                <Pattern>samlsso</Pattern>
                <Pattern>authenticationendpoint</Pattern>
                <Pattern>wso2</Pattern>
                <Pattern>oauth2</Pattern>
                <Pattern>openid</Pattern>
                <Pattern>openidserver</Pattern>
                <Pattern>passivests</Pattern>
                <Pattern>services</Pattern>
            </Patterns>
    		
    		<!--List of URL to allow as source to access the system-->
            <WhiteList>
                <Url>https://localhost:9443</Url>
            </WhiteList>
        </CSRFValve>
    </CSRFPreventionConfig>
  2. Edit the <Whitelist> element of the code snippet above by adding the relevant list of URLs that are approved sources.

  3.  Add the following configuration within the <Hosts><Host> element of the <PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xml file.

    Code Block
    languagexml
    <Valve className="org.wso2.carbon.ui.valve.CSRFValve"/>
  4. Restart the product server.

...