JIRA: HTTP Proxy Acess: Invalid anti-XSRF token provided

Bruno Antunes July 5, 2012

We have configured a Apache HTTP Web Server in front of JIRA 5.0.6 hosted under Apache Tomcat 6.0.28; basically using documentation found under

Integrating JIRA with Apache
https://confluence.atlassian.com/display/JIRA050/Integrating+JIRA+with+Apache

We have however some problems in certain functionality such as performing plugin updates

  • When we try to perform a plugin update using the front end Apache HTTP Web Server; we get in the browser an error with:
    "Invalid anti-XSRF token provided. The valid token should be retrieved transparently, but you may want to perform a hard refresh in your browser and try again before creating a support issue"

If we perform the same operation directly on JIRA instance; it works as expected.

  • We have also other strange behaviors. The dialog for issue resolution does not close. We have to select cancel button or manually refresh the page. This time however the error with "Invalid anti-XSRF token provided" does not happen or is not visible.

We observe only the following different requests in access logs when we do update:

Request using Proxy: That Fails
"POST /jira/rest/plugins/1.0/updates/all?token= HTTP/1.1" 403 68

Request not using Proxy: That sucessed
"POST /jira/rest/plugins/1.0/updates/all?token=-8820719892638001786 HTTP/1.1" 202 201

Version Used:

  • Apache HTTP Server Version: 2.2.3
  • Apache Tomcat 6.0.35
  • Atlassian JIRA 5.0.6 (Installed as WAR Archive)

Note: The Tomcat Instance is dedicated only to serve JIRA

regards,

Bruno Antunes

3 answers

1 accepted

0 votes
Answer accepted
Bruno Antunes March 10, 2014

Sorry for my delay updating this.

The problem i was facing was caused also by the use of the module pagespeed (https://developers.google.com/speed/pagespeed/) ; that we have installed in this specific environment; It was not supposed to be used when accessing JIRA

Removing or disabling this module for JIRA; it works as expected.

The reported behavior happens always when using pagespeed, at least with its default configurations

0 votes
Dave C
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 10, 2014

This could be due to a proxy config error, those docs have been updated in later versions - can you please try going through the docs in https://confluence.atlassian.com/display/JIRA/Integrating+JIRA+with+Apache- I suspect it may be that you may need the proxyName and proxyPort elements in the Tomcat connector.

Also are you using an outbound proxy to connect to the marketplace as per https://confluence.atlassian.com/display/JIRAKB/How+to+Configure+an+Outbound+HTTP+and+HTTPS+Proxy+for+JIRA- please ensure that it's set up as we recommend.

If you can show us your httpd.conf and the server.xml it will help to see what the reverse-proxy config is.

0 votes
F K March 3, 2014

got this error also today, disabling mod_pagespeed in apache helped to solve the problem when using mod_proxy also...

Suggest an answer

Log in or Sign up to answer