CB Response: Login redirect through SSO fails after upgrade to 6.5.0
search cancel

CB Response: Login redirect through SSO fails after upgrade to 6.5.0

book

Article ID: 284941

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • After server upgrade to CB Response 6.5.0, an SSO login redirects back to the Response login page after authentication rather than to the Response HUD page.
  • Error message in /var/log/cb/coreservices/debug.log :
2020-01-13 14:29:44 [7156] <err>  cb.flask.blueprint_helpers - Unhandled exception from API request: '_xsrf_token'
Traceback (most recent call last):
  File "/usr/share/cb/virtualenv/lib/python2.7/site-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/share/cb/virtualenv/lib/python2.7/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/share/cb/virtualenv/lib/python2.7/site-packages/cb/auth/authn_service.py", line 341, in wrapped_f
  File "/usr/share/cb/virtualenv/lib/python2.7/site-packages/werkzeug/local.py", line 378, in <lambda>
    __getitem__ = lambda x, i: x._get_current_object()[i]
  File "/usr/share/cb/virtualenv/lib/python2.7/site-packages/flask/sessions.py", line 83, in __getitem__
    return super(SecureCookieSession, self).__getitem__(key)
KeyError: '_xsrf_token'

 

Environment

  • CB Response Server: On Premise Versions 6.5.0-6.5.1

Cause

  • The _xsrf_token cookie is not set at the time the user logs in.

Resolution

  • Workaround :
    • Login via SSO Login
    • Once the page redirects back to the login.  Click login (leaving username and password blank)
    • Redirection to the Response HUD should occur
  • This item is fixed in the CB Response 7.0.1 release.