0

I am making use of DWR 2.0 and Spring 3.2.5 in my web application. And the application is deployed in wildfly 8.2.0 with HA mode which will make use of standalone-ha.xml. When I run the application in normal configuration I am not getting any king of security error. But in HA(High Availability mode I am getting CSRF Security Error popup. I have gone through different blogs. For example http://blog.2partsmagic.com/2010/11/resolving-dwr-csrf-security-error-popups/

They are saying <Context useHttpOnly=”false”> in tomcat context.xml file. How can I do that in wildfly 8.2.0. and Where? Thanks in advance...!

Buda Gavril
  • 21,409
  • 40
  • 127
  • 196
Kiran
  • 167
  • 2
  • 15

1 Answers1

1

Add the following tag under <servlet-container> tag of standalone-ha.xml 

<session-cookie http-only="false" secure="false"/>

It will resolve your issue.

Kiran
  • 167
  • 2
  • 15