Encountered error "CSRF protection is turned on" while deleting HAWQ services from Ambari
Article ID: 294907
Updated On:
Products
Issue/Introduction
This article discusses:
1. What is CSRF protection?
2 . Why CSRF protection does not allow deleting HAWQ services from Ambari?
3. How to disable CSRF protection in Ambari?
Environment
Cause
Cross-Site Request Forgery (CSRF) is a class of attack that forces an end user to execute unwanted actions on Ambari. Wikipedia describes it as a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.
CSRF attack attempts to force a user to execute functionality without their knowledge. These types of attacks are possible in Ambari through as it exposes REST endpoint. To avoid CSRF attacks, Ambari has enabled API CSRF protection by default.
CSRF hinders when an administrator tries to delete HAWQ service from Ambari.
Resolution
Remove HAWQ service
To remove HAWQ services, use the following command:
curl -s -u admin:admin -H “X-Requested-By: Ambari” -X DELETE http://<ambari-server>:<port>/api/v1/clusters/<your_cluster_name>/services/HAWQ
Error snippet
curl -s -u admin:admin -H “X-Requested-By: Ambari” -X DELETE http://<ambari-server>:<port>/api/v1/clusters/<your_cluster_name>/services/HAWQ
{
"status" : 400,
"message" : "CSRF protection is turned on. X-Requested-By HTTP header is required."
}
To solve this problem, we have to disable CSRF protection in Ambari.
WARNING: Please make sure disabling CSRF meets your security requirements. If not, after deleting the HAWQ service, please revert the changes to disable CSRF.
This is the process to be followed:
2. Add config property api.csrfPrevention.enabled=false at the end of the file, if not already present.
3. Restart Ambari server using ambari-server restart.
4. You should now be able to delete the HAWQ service now.
Feedback
