3600966 - How to deactivate XSRF Protection in SICF services

Symptom

XSRF Protection is a essential security mechanism designed to prevent Cross-Site Request Forgery (CSRF) attacks. For enhanced security, an XSRF cookie is generated, but it remains valid for a specific limited time. This time restriction necessitates quick completion of the login process; otherwise, the message "Logon cookie check failed; repeat logon" appears, requiring a page reload. The minute limit acts as a security safeguard, though it can be disabled if necessary by selecting the "Deactivate Login XSRF Protection" option in the application's System Logon settings.

With this in mind, this article shows how to deactivate XSRF Protection in SICF services.

Environment

SAP NetWeaver
SAP NetWeaver Application Server for SAP S/4HANA
ABAP Platform - Application Server ABAP

Product

ABAP platform all versions ; SAP NetWeaver all versions ; SAP S/4HANA all versions ; SAP Web Application Server for SAP S/4HANA all versions

Keywords

ICF, Internet Communication Framework, SICF, Service , Services, ICF service, Logon cookie check failed, repeat logon, logon cookie, disable , KBA , BC-MID-ICF , Internet Communication Framework , BC-MID-ICF-LGN , ICF System Login , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.