« Previous | Next » 

Revision 0edbd68a


Added by Christopher Hlubek about 10 years ago

[BUGFIX] Fix access denied exception after session timeout with CSRF

This change nests the firewall inspection in the try catch block that
also catches AuthenticationRequired exceptions from requests. The
CsrfProtection pattern will check if any CSRF token is present in the
context and throws an AuthenticationRequired exception otherwise to
proceed to an entry point for re-authentication.

Change-Id: If2c9c6386a2ee26195073a359dcf87db515d1dc0
Resolves: #30436

  • added
  • modified
  • copied
  • renamed
  • deleted