Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

After Bamboo v6.10.2 upgrade, XSRF errors when trying to view all deployment projects Edited

Upgraded Bamboo from 6.4.1 to 6.10.2 

Carried over parms from previous server.xml file.  No changes were made to proxy/apache server.  Nothing really changed in the config files from the previous version.  Not sure why only the view all deployment projects page is affected, everything else seems to be ok.

Everything looks ok except when trying to access Deploy > All Deployment Projects ... we get two pop-ups. 
First -  An unexpected error has occurred, Please try reloading page

Second - Background page refresh cannot contact server. Please ensure Bamboo server is available.

In the logs we see the following:

2019-12-09 15:31:36,740 INFO [https-jsse-nio-8085-exec-22] [AccessLogFilter] xaxg066 POST https://bamboo.grainger.com:5443/rest/api/latest/deploy/dashboard/status 7589620kb

2019-12-09 15:31:36,742 WARN [https-jsse-nio-8085-exec-22] [XsrfResourceFilter] Additional XSRF checks failed for request: https://bamboo.grainger.com:5443/rest/api/latest/deploy/dashboard/status , origin: https://bamboo.grainger.com , referrer: https://bamboo.grainger.com/deploy/viewAllDeploymentProjects.action , credentials in request: true , allowed via CORS: false

 

We have a work-around by adding the proxy port (5443) to the url - example

What doesn’t work anymore:  https://bamboo.grainger.com/deploy/viewAllDeploymentProjects.action

 

Work-around:  https://bamboo.grainger.com:5443/deploy/viewAllDeploymentProjects.action

 

server.xml

 <!-- Reverse proxy listening port -->
<Connector port="8085"
maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="5443"
acceptCount="100"
disableUploadTimeout="true"
compression="on"
compressableMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript"
SSLEnabled="true"
secure="true"
scheme="https"
proxyName="bamboo.grainger.com"
proxyPort="5443"
sslProtocol="TLSv1.2"
sslEnabledProtocols="TLSv1.1,TLSv1.2"
keystoreType="PKCS12"
keystoreFile="########.p12"
keystorePass="#########"
ciphers="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
/>

 

1 answer

Shouldn't 

proxyPort="5443"

be 443 in your server.xml? 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Calling any interview participants for Bitbucket Data Center

Hi everyone,  We are looking to learn more about development teams’ workflows and pain points, especially around DevOps, integrations, administration, scale, security, and the related challeng...

456 views 4 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you