Error: "You are not permitted to perform the current action. The requested operation is blocked as a cross site request forgery attack has been detected"

  • Document ID:KM01587208
  • Creation Date:26-May-2015
  • Modified Date:26-May-2015
    • Micro Focus Products:
      loadrunner professional 12.00

Summary

There is a Security Setting in Maximo called “mxe.server.enableCSRFBlocking” which blocks LoadRunner virtual users and it it reported by “BMXAA8354E - cross site request forgery attack” error

Error

Error: "You are not permitted to perform the current action. The requested operation is blocked as a cross site request forgery attack has been detected"

Cause

There is a Security Setting in Maximo called “mxe.server.enableCSRFBlocking” which blocks LoadRunner virtual users from saving new WO’s and new PR’s, causing the “BMXAA8354E - cross site request forgery attack” error to be reported every time a virtual user tries to save a WO or PR. The “mxe.server.enableCSRFBlocking” Global Value setting was set to “1” (enabled) by default.

Fix

The following workaround solves this issue :

  1. Go to Maximo , System Configuration > Platform Configuration > System Properties
  2. Search for : mxe.server.enableCSRFBBlocking
  3. Change the "mxe.server.enableCSRFBBlocking" setting to "0" instead of "1"

image text