I have deployed Camunda to Azure Kubernetes Cluster with image camunda/camunda-bpm-platform:latest. I am also using Application Gateway Ingress Controller. When I try to login to application, I can see below message in network tab.
HTTP Status 403 – Forbidden
Type Status Report
Message CSRFPreventionFilter: Invalid HTTP Header Token.
Description The server understood the request but refuses to authorize it.
Can someone help me how to disable this filter with respect to the Camunda image.
1 Like
I have the same issue with Kubernetes cluster deployed in AWS
In addition to this,there is one observation… when there are more than one instance of camunda running in cluster, I am facing the issue. with one instance, I am able to login to app.
Hello,
For the solution, please refer to the documentation topic Session State in a Clustered Environment [1]:
In a clustered setup, if users are going to login to the web applications, an extra step will need to be taken to ensure that users aren’t asked to login multiple times. Two options exist:
- “Sticky sessions” could be configured and enabled within your load balancing solution. This would ensure that all requests from a given user are directed to the same instance over a configurable period of time.
- Session sharing can be enabled in your application server such that the application server instances share session state. This would allow users to connect to multiple instances in the cluster without being asked to login multiple times.
[1] Architecture Overview | docs.camunda.org
Regards,
Emma