Summary
There is a Security Setting in Maximo called “mxe.server.enableCSRFBlocking” which blocks LoadRunner virtual users and it it reported by “BMXAA8354E - cross site request forgery attack” error
Error
Error: "You are not permitted to perform the current action. The requested operation is blocked as a cross site request forgery attack has been detected"
Cause
There is a Security Setting in Maximo called “mxe.server.enableCSRFBlocking” which blocks LoadRunner virtual users from saving new WO’s and new PR’s, causing the “BMXAA8354E - cross site request forgery attack” error to be reported every time a virtual user tries to save a WO or PR. The “mxe.server.enableCSRFBlocking” Global Value setting was set to “1” (enabled) by default.
Fix
The following workaround solves this issue :
- Go to Maximo , System Configuration > Platform Configuration > System Properties
- Search for : mxe.server.enableCSRFBBlocking
- Change the "mxe.server.enableCSRFBBlocking" setting to "0" instead of "1"