"Error: CSRF_VALIDATION_FAILED" message appears on the EEM login screen.
search cancel

"Error: CSRF_VALIDATION_FAILED" message appears on the EEM login screen.

book

Article ID: 21217

calendar_today

Updated On:

Products

CA IT Asset Manager ASSET PORTFOLIO MGMT- SERVER CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

"Error: CSRF_VALIDATION_FAILED" message appears on the EEM login screen. Does it indicate a serious problem?

Environment

Release: 12.6 or higher
Component:  CA Service Desk Manager

Release: 12.0 or higher
Component:  EEM

Resolution

The Security settings in EEM r12.0 will warn when launching multiple instance of EEM UI on the same browser.

For example, when you check the 'Change Password at next login' option with a specific user on the EEM UI and login the SDM by the user, the password expired message will appear. On the browser, when you input the EEM UI url and open the EEM login screen, this warning message appears.

The UI session is created by EEM login page. At the time of session creation the CSRF code is generated by EEM UI. So, when SDM is trying to redirect using a URL there is no way SDM can generate a CSRF code. Hence the current behavior will be as per design.

This is just a warning message, the user can still logon to EEM. So you can ignore this message.

Also, when Service Desk Manager redirects to the EEM change password screen for the 'Change Password at next login', you will go to the EEM login screen on GA version.

However, later versions of EEM will force Service Desk Manager to redirect to the EEM Change password screen directly without showing the EEM login screen.

Hence, you will not see the warning message "Error: CSRF_VALIDATION_FAILED" because EEM login page will not appear at that timing.

Powered by Wolken Software