Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Aurimas 1 post 21 karma points
    Aug 05, 2015 @ 15:28
    Aurimas
    0

    Umbraco backoffice missing admin panel

    Hello,

    Recently my company released new version of security client which supports cookie based authentication. After this release admin panel in Umbraco backoffice is gone. I have this errors from angular.js:

    GET loc.adform.com/umbraco/backoffice/UmbracoApi/UpdateCheck/GetCheck 417 (Missing token) GET loc.adform.com/umbraco/backoffice/UmbracoApi/Section/GetSections 417 (Missing token) GET loc.adform.com/umbraco/backoffice/UmbracoApi/Content/GetById?id=11953 417 (Missing token)

    After some time (approx 30s) I get other error: GET loc.adform.com/umbraco/backoffice/UmbracoApi/Authentication/GetRemainingTimeoutSeconds 417 (Missing token)

    If I change it to earlier version everything is back to normal.

    Also when I'm trying to get section or some content with getById, GetSections methods while running on new version of security client I'm missing XSRF-TOKEN and XSRF-V cookies.

    I have latest umbraco version and IIS8 under my hood. Any help wolud be appreciated.

  • Matthew Kirschner 322 posts 603 karma points
    Oct 22, 2015 @ 15:47
    Matthew Kirschner
    1

    Hi, Aurimas. Did you ever get to the bottom of this?

    I'm having exactly the same problem in ALL of my installs of the site (localhost/servers).

    I have scoured my logs for errors, and searched the internet for a solution but am coming up empty-handed.

    As far as I can tell, this seems to be an issue with Umbraco failing to set the expected cookies (XSRF, etc...). When the backoffice does work, I notice that I have about 4 cookies compared the 1 (UMB_UCONTEXT) when it's broken.

  • Matthew Kirschner 322 posts 603 karma points
    Oct 22, 2015 @ 21:06
    Matthew Kirschner
    100

    I've found a solution for my problem at least.

    In order to allow a WebApi controller to access Session variables, I had updated the codebehind for Global.asax to set the SessionStateBehavior to Required:

    protected void Application_PostAuthorizeRequest()
    {
        HttpContext.Current.SetSessionStateBehavior(System.Web.SessionState.SessionStateBehavior.Required);
    }
    

    Once I removed the above code, Umbraco was finally able to create the XSRF tokens again.

Please Sign in or register to post replies

Write your reply to:

Draft