Skip to Content

CSRF token validation failed error after triggering Push Notification

Hello Team,

We are working on SAP UI5 application which is working in Offline and Online.

We are using Odata Gateway service for communication between Mobile application and SMP.

SMP Version=SMP 3.0.10.0 SP10

We implemented Push Notification functionality using SMP and Google firebase.

But when any new Notification pushed from application then all our Post services gets failed and it shows “CSRF token validation failed” message.

SMP logs:-

#2.0#2017-10-16 04:19:56 PM#ERROR#ApplicationSettings#401##Other#1508150996616002#df02b142-73ca-4710-ad85-402c9648ecc3#com.sap.breakdown#com.sap.mobile.platform.server.online.filter.application.AbstractSMPApplicationSettingsHandler:doInternalFilter########569#####401:Unauthorized#

#2.0#2017-10-16 04:19:56 PM#WARNING#ApplicationSettings###Security#1508150996616001#df02b142-73ca-4710-ad85-402c9648ecc3#com.sap.breakdown#com.sybase.security.http.HttpAuthenticationLoginModule:login########569#####Anonymous authentication is not supported. #

If we restart the SMP then it works fine but if again any Push Notification fired then we get same error again.

Below are the changes we implemented in SMP for Push Notification:-

We already using one security profile SAP_SSO3 with application authentication HTTP/HTTPS and for Push notification we implemented notification security profile with System Login as shown below

issue1.png (95.3 kB)
issue2.png (35.9 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Nov 06, 2017 at 12:58 PM

    This CSRF message can occur for a lot of reasons, but the main issue is that the used controller CSRF token is not right (mismatched or empty). There was a bug in SP10 that is fixed in SP10 PL07. But there are other cases as well and a lot of them is documented. As you know your environment better I think you should search for the error message in SAP's knowledge base. There are some points:

    https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=469631432

    https://launchpad.support.sap.com/#/notes/2506871

    https://launchpad.support.sap.com/#/notes/2292046

    Ákos

    Add comment
    10|10000 characters needed characters exceeded