[BlueOnyx:26769] Re: CSRF mismatch: The action you have requested is not allowed.

[Michael Stauber]

Hi Colin,

> Just trying to set up a new 5210R CT and when running the wizard I get 
> “CSRF mismatch: The action you have requested is not allowed.” When 
> trying to post.

The server date and time is probably way off. The CSRF cookies are time 
based and valid only for a short period. When the clock of the server is 
way off, then the validity of the cookie might no longer (or not yet) be 
true.

In the wizard itself when you change the timezone of the server? That 
causes the clock to jump, too and could make the CSRF cookies invalid. A 
simple reload of the page in the browser would fix that, though.

If it doesn't? As this is a CT, check if the 6109R node is using an NTP 
time server ("System Settings" / "Time") and what date and time it has 
configured.

Or you could (briefly) disable CSRF until you have the problem sorted.

A non-sticking way would be to edit 
/usr/sausalito/ui/chorizo/ci/application/config/config.php (on 5210R!) 
and find this line:

$config['csrf_protection'] = TRUE;

Change it to:

$config['csrf_protection'] = FALSE;

And save the changes.

To make it sticky you would have to use cceclient if you can't use the GUI:

[root at 5210r ~]# /usr/sausalito/bin/cceclient
100 CSCP/0.99
200 READY
find System
104 OBJECT 17 <-- Your OID could be different!
201 OK

Note down the OID and then use that to disable CSRF:

set <OID> csrf_protection = 0
201 OK

That should do the trick. But like said: It's an issue with the server 
time being out of whack or with the wizard time zone change causing too 
large a drift for the CSRF to be valid. In which case a simple page 
reload might help.

-- 
With best regards

Michael Stauber