Hyland Connect

jbrasil · ‎11-06-2019

Hi,
I installed Alfresco with https.
I generated the certificate
cd / opt / alfresco / scripts
./createssl.sh
However, when logging into the platform the following error message occurs:

Error logging in to Alfresco

Something is wrong with this page ...

We may have encountered an error, or maybe something has been removed or deleted, so check to see if the URL is correct.

It is also possible that you do not have permission to view the page (it may be part of a private site) or that an internal error has occurred. Contact your IT staff.

If you are trying to access the home page and it is no longer available, change it by clicking its name on the toolbar.

See the logs:

root@server-processoverde-seguro:~# tail -f /opt/alfresco/tomcat/logs/catalina.out

2019-11-06 11:20:48,376 ERROR [alfresco.web.site] [http-nio-8080-exec-29] javax.servlet.ServletException: Possible CSRF attack noted when asserting referer header 'https://138.197.2.163/share/page/'. Request: POST /share/page/dologin, FAILED TEST: Assert referer POST /share/page/dologin :: referer: 'https://138.197.2.163/share/page/' vs server & context: http://138.197.2.163/ (string) or (regexp)

root@server-processoverde-seguro:~# tail -f /var/log/nginx/error.log
2019/11/06 10:17:41 [warn] 2162#2162: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/nginx/ssl/alfserver.crt"

Wed Nov 06 11:30:00 BRST 2019 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.

I commented the CSRF anyway, it still didn't work out.

cd /opt/alfresco/tomcat/shared/classes/alfresco/web-extension
vi share-config-custom.xml

What is the solution to this problem?
Thanks a lot!
Zé Brasil

angelborroy · ‎11-07-2019

If you want to disable CSRF, you need to add the following lines:

</config>

Hyland Developer Evangelist

View answer in original post

jljwoznica · ‎11-06-2019

What UI are you using?

jbrasil · ‎11-06-2019

Hi jljwoznica,
I'm logging in with admin user.
Thanks.

angelborroy · ‎11-06-2019

Try disabling CSRF in your share-config-custom.xml

</config>

or adding the https protocol to your CSRF existing confituration.

Also remember to clear the cache of your browser.

Hyland Developer Evangelist

jbrasil · ‎11-06-2019

Hi angelborroy,
I disabled CSRF.
I cleared browser cache.
In alfresco-global.properties is already set https
Look:

#-----------------------
# System paramaters
#-----------------------
alfresco.context=alfresco
alfresco.host=@@ALFRESCO_REPO_SERVER@@
alfresco.port=8080
alfresco.protocol=http
#
share.context=share
share.host=@@ALFRESCO_SHARE_SERVER@@
share.port=443
share.protocol=https

What may be missing?
Thanks a lot.
Zé Brasil

angelborroy · ‎11-07-2019

If you want to disable CSRF, you need to add the following lines:

</config>

Hyland Developer Evangelist

jbrasil · ‎11-08-2019

Hi angelborroy,
It worked.
Thanks a lot for the help.
With best regards,
Zé Brasil