« Previous | Next » 

Revision 0edbd68a

ID0edbd68a074a248a8ddd4b023002a7a51e98ca48

Added by Christopher Hlubek over 9 years ago

[BUGFIX] Fix access denied exception after session timeout with CSRF

This change nests the firewall inspection in the try catch block that
also catches AuthenticationRequired exceptions from requests. The
CsrfProtection pattern will check if any CSRF token is present in the
context and throws an AuthenticationRequired exception otherwise to
proceed to an entry point for re-authentication.

Change-Id: If2c9c6386a2ee26195073a359dcf87db515d1dc0
Resolves: #30436

  • added
  • modified
  • copied
  • renamed
  • deleted