As of Release 13.2, CA Clarity PPM supports a configurable set of CSRF strategies. The allowed configurations are:
This configuration does not generate CSRF tokens or validate requests. This configuration is the default setting for on-premise installations. This configuration is recommended if CA Clarity PPM is behind your corporate firewall. Customers that upgrade receive this setting automatically.
This configuration implements the same strategy that is used in Release 13.1. This strategy generates a new token for each request and validates against a limited size cache in the user session. Due to the possibility of cache exhaustion, this strategy can lead to false-positive validation errors. These errors are especially true for users who work with multiple tabs open in CA Clarity PPM.
This configuration generates a single token for the user session and uses the token for validation. This configuration is the recommended strategy for on-demand SaaS and hosted installations. The configuration is also recommended for on-premise customer installations where CA Clarity PPM is outside the corporate firewall.
To change the shipped setting, see the following Technical Bulletin: TEC567263
|
Copyright © 2013 CA.
All rights reserved.
|
|