Re: GWT 2.3 XSRF Invalid RPC token (Session cookie is not set or empty! Unable to generate XSRF cookie)

Hi,

I see this error sometimes (not always), so for solving this problem, I first send a Rpc and fixing JSESSIOID cookie on server-side by setting it to getThreadLocalRequest().getRequestedSessionId(). So I'm sure that JSESSIONID cookie exists. Then calling XSRF to generate XSRF token and it works.

Note that JSESSIONID should not be changed (Session on server-side should not be invalidated). If JSESSIONID being changed (by calling httpSession.invalidate() method) you should generate new XSRF token and set it to all XSRF-protected service async objects.

On Tue, Aug 16, 2011 at 5:37 AM, Алексей Заряев <azaryaev@gmail.com> wrote:

Thanks for advice Chak,
I have added setCookie, but I have other error now:

 [WARN] gorodServlet: An RpcTokenException was thrown while processing this call.
com.google.gwt.user.client.rpc.RpcTokenException: Invalid RPC token (XSRF token missing)
at com.google.gwt.user.server.rpc.XsrfProtectedServiceServlet.validateXsrfToken(XsrfProtectedServiceServlet.java:104)

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.

To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/UnSgtxxZ8FkJ.

To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.