CSRF failure when load balanced OpenShift Console

Solution Verified - Updated -

Issue

  • We have an OpenShift Enterprise 2.1 deployment that has the console behind a load balancer. When doing specific actions, like restarting an application with the WebUI, we see Unauthorized action web pages. The console production.log from the broker that handles the restart action shows the following error:
014-06-20 11:38:38.276 [INFO ] Started PUT "/console/application/53a44ec185ca3055e8000008-app/restart" for 127.0.0.1 at 2014-06-20 11:38:38 -0400 (pid:3253)
2014-06-20 11:38:38.278 [INFO ] Processing by RestartsController#update as HTML (pid:3253)
2014-06-20 11:38:38.278 [INFO ] Parameters: {"utf8"=>"â", "authenticity_token"=>"D165Efx+OCuPteqP2hr0gpAKZgJ8la92p6hhkWqnDDHg=", "application_id"=>"53a44ec185ca3055e8000008-app"} (pid:3253)
2014-06-20 11:38:38.278 [WARN ] WARNING: Can't verify CSRF token authenticity (pid:3253)
2014-06-20 11:38:38.279 [INFO ] Redirected to https://broker.domain.com/console/unauthorized (pid:3253)
2014-06-20 11:38:38.279 [INFO ] Completed 302 Found in 1ms (pid:3253)

Environment

  • OpenShift Enterprise
    • 2.1.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In