[jira.web.action.XsrfErrorAction] The security token is missing for 'anonymous'

Our standalone 6.2.1 Jira instance constantly redirects users back to the login screen particularly when an edit operation has just been undertaken. We've had this issue for 2.5 years, the previous version of Jira we used being 5.1.4.

We have added the jira.xsrf.enabled=false setting to the jira-application.properties file, it does't make any difference.

It's not a browser cookies issue as I have checked the cookies before and after being redirected to the login page and they still exist and are current. In addition if I hit refresh on the login page a number of times (sometimes up to a dozen) it will auto-magically log me back in and take me to my home page.

We are getting messages containting the text below in the jira log file:

[jira.web.action.XsrfErrorAction] The security token is missing for 'anonymous'

This issue is particularly painful as the login page redirect can occasionally happen on every 5 to 10 requests. At other times it might not happen for a week.

Any suggestions on where or what to look at?

1 answer

Hi @Andrey Chekanov , 

Even m facing the same issue with my JIRA 7.1.4. Let me know if you have figured out any workaround/resolution for this..

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,294 views 5 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you