Changing Workflow Scheme Results in XSRF Token Error

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Symptoms

Attempting to change a project's workflow scheme leads to an XSRF token error, as seen below:

The following appears in the atlassian-jira.log:

http-bio-8080-exec-24 INFO jira_admin 677x1631x1 c0fg5v 0:0:0:0:0:0:0:1 /secure/project/SelectProjectWorkflowSchemeStep2.jspa [jira.web.action.XsrfErrorAction] The security token is missing for 'jira_admin'. User-Agent : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:33.0) Gecko/20100101 Firefox/33.0'

Diagnosis

This problem will likely only present itself in large instances of JIRA.

  • The workflow scheme contains a workflow with multiple unmapped statuses

The atlassian-jira.log may contain the following entries on the first occurrence of the problem:

org.apache.tomcat.util.http.Parameters processParameters
INFO: More than the maximum number of request parameters (GET plus POST) for a single request ([10,000]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector.
 Note: further occurrences of this error will be logged at DEBUG level.

Cause

The change in workflow schemes is generating too large an HTML request (GET plus POST requests) for the Apache Tomcat connector to handle with default settings, as defined in the JIRA_INSTALL/conf/server.xml file.

Workaround/Resolution

Adding and modifying the maxParameterCount parameter within the server.xml file will allow a larger HTML request to process. By default, this parameter is set to 10,000 and can be incrementally increased to find an optimal setting for the problematic HTML request:

Sample server.xml with maxParameterCount 
	        <Connector port="8080"
				   maxParameterCount="30000"
				   maxThreads="150"
                   minSpareThreads="25"
                   connectionTimeout="20000"
                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"/>

There are very few cases where JIRA requires so large an HTML request. As such, it may be best to only temporarily increase this parameter to perform the workflow scheme association, then set it back to default.

 

 

Last modified on Mar 30, 2016

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.