Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Bamboo 6.10.3 XSRF protection with Apache proxy and HttpOnly and Secure flag in a cookie error

I have a Bamboo 6.10.3 server installed with XSRF protection enabled, sitting behind Apache proxy. Everything works fine untill I add the header  below to  vhost config file 

Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure

It would not allow me do add users to groups and when I choose to log our I am getting this error

XSRF token validation failed

Unable to access this resource due to a failed XSRF check. Please ensure that a valid XSRF token is provided in the request.



My connector looks like this 

<Connector port="8085"
proxyPort="443" />


And this is my apache  proxy configuration 

ProxyPreserveHost On
ProxyRequests Off
SSLProxyEngine On
ProxyPass / http://localhost:8085/ connectiontimeout=5 timeout=300
ProxyPassReverse / http://localhost:8085/

been following this howto

Similar apache config files work with Bitbucket, Jira, Confluence without a problem 


0 answers

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bamboo

Bamboo Data Center is here!

G’day Bamboo customers, The wait is over! Bamboo Data Center edition you have been asking for is finally here! This self-managed enterprise offering of Bamboo has the resilience, reliability, and s...

543 views 1 17
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you