Skip to Content
Former Member
Jan 23, 2012 at 07:47 PM

Application Error during log off when XSRF Protection is enabled



If I enable the XSRF protection in my B2B application, I can do all the things but when I try to logff I get an application error without any error messages and a back button. I don't see any error messages in the log but I see bunch of debug messages that should not be XSRF protected

org.apache.struts.actions.SwitchAction should not be XSRF protected should not be XSRF protected

If I remove the parameter="noXsrf" in config_user.xml and config.xml for these actions, I still get the same error screen (no message but only Back button). If I completely disable the XSRF protection, then it works fine. We are using 7.01 compatible SCAs (example: SP05 for SAP SHARED JAVA APPLIC. 7.01)

Do any of you guys know what I need to do to resolve the issue without disabling XSRF protection?