Tiến Dũng
Reputation: 21
Liferay: [SecurityPortletContainerWrapper:630] Reject process action
I'm trying to upload file in Liferay, and I tired went I upload "large" file size (more than 2MB). With log
[SecurityPortletContainerWrapper:630] Reject process action
<%@ include file="/init.jsp"%>
<portlet:actionURL var="intergrateURL" name="intergrate" />
<aui:form method="post" action="<%=intergrateURL.toString() %>"
enctype="multipart/form-data">
<aui:input name="messagContent1" />
<aui:input name="messagContent2" />
<aui:input name="uploadFileHere" type="file"/>
<aui:button value="submit" type="submit"/>
</aui:form>
Portlet Action:
public class IntergratePortlet extends MVCPortlet {
public void intergrate(ActionRequest actionRequest,
ActionResponse actionResponse) {
UploadPortletRequest uploadPortletRequest = PortalUtil
.getUploadPortletRequest(actionRequest);
String messageContent1 = uploadPortletRequest.getFullFileName("uploadFileHere");
String messageContent2 = ParamUtil.getString(actionRequest,
"messagContent2");
InputStream fileInputStream = null;
byte[] fileByteArray;
MessageContentBean messageContentBean = new MessageContentBean();
messageContentBean.setMessageContent1(messageContent1);
messageContentBean.setMessageContent2(messageContent2);
try {
fileInputStream = uploadPortletRequest.getFileAsStream("uploadFileHere");
fileByteArray = ReceiveMessage.convertInputStreamToByteArray(fileInputStream);
messageContentBean.setFileMessage(fileByteArray);
} catch (IOException e) {
e.printStackTrace();
}
SendJmsMessage sendJmsMessage = new SendJmsMessage();
sendJmsMessage.doSendMessage("103.74.121.22", messageContentBean);
// sendJmsMessage.doSendMessage("127.0.0.1", messageContentBean);
}
}
Upvotes: 0
Views: 3222
Answers (1)
junjun
Reputation: 326
There are 2 options :
Option 1 :
Add below to your portlet.xml to disable the csrf protection by liferay :
<init-param>
<name>check-auth-token</name>
<value>false</value>
</init-param>
Option 2 :
Change ${liferay_installed_dir}/portal-ext.properties to add below :
auth.token.ignore.portlets=${form}_WAR_${portlet}
Would suggest you to use "Option 1" , for details you may refer to this post.
For how to disable CSRF per action please search liferay official document/wiki with key words:
- "portlet.add.default.resource.check.whitelist"
- "portlet.add.default.resource.check.whitelist.action"
Upvotes: 1
Related Questions
- Exception when I try to run a liferay portlet on my tomcat server
- liferay - Not able to call processAction of Portlet Class
- Severe security constraints while tomcat 8 startup with liferay
- Liferay 6.2 first application build failed- at build-common-ivy.xml:81: HTTP Authorization failure
- Liferay 6.2: ClassNotFoundException: javax.faces.webapp.FacesServlet when PACL is enabled
- exception while trying to deploy liferay portlet with spring
- Liferay portlet deployment Java Error
- Liferay Portlet Struts action path hook error
- Not able to call processAction of Portlet
- Liferay generates exceptions: null and javax.servlet.ServletException: java.lang.StackOverflowError