Thursday, 29 June 2017

Liferay 6 : Reject process action for ${url} on ${form}_WAR_${portlet}


Liferay does not allow to submit form on a web page since it rejects the process action , why this is happening and how to resolved it ?




It seems by default CSRF protection is enabled by liferay , which means each of the from would contain a token and when it is submitted lifeway would check if coming request token is the same with what liferay has issued , if it is not the same then liferay would reject the request.


How to Resolve ?


Option 1 :   Change "portlet.xml" for your portlet to disable "check-auth-token" as below:






Option 2 : Add below to ${liferay_installed_dir}/portal-ext.properties

auth.token.ignore.portlets=${form}_WAR_${portlet}




Above solutions tested with liferay-portal-6.2-ce-ga6.




JOB DONE

No comments:

Post a Comment

Flag Counter