Hi Isuru, Seems like the java version is causing this issue. This issue is there with java JDK 8u151. Please refer [1] for more details.
[1] - [Important][Critical] None of WSO2 products are working with latest JDK [Was: GZIP decoding issue in APIM/EI when deployed in MC] Thanks & Regards, Mushthaq On Wed, Nov 22, 2017 at 3:35 PM, Irham Iqbal <[email protected]> wrote: > Hi Isuru, > > The reason might the java version you're using. > > You can update the Owasp.CsrfGuard.Carbon.properties file, which is in > $APIM_HOME/repository/conf/security folder with the bellowing entry to > ignore this error, IMO it's better if you use the proper java version. > org.owasp.csrfguard.unprotected.mgtconsolelogin=% > servletContext%/carbon/admin/* > > Thanks, > Iqbal > > On Wed, Nov 22, 2017 at 3:08 PM, Isuru Uyanage <[email protected]> wrote: > >> Hi All, >> >> I'm using wum updated pack (wso2am-2.1.0.1511201090302) for API Manager. >> After APIM server is started with the fresh pack, I can navigate to >> Management Console. But once I'm trying to log in with admin credentials, I >> cannot log in. The error is as below. >> >> Error: 403 Forbidden >> JavaLogger potential cross-site request forgery (CSRF) attack thwarted >> (user:<anonymous>, ip:10.100.5.136, method:POST, >> uri:/carbon/admin/login_action.jsp, error:required token is missing from >> the request) >> >> Affected Product Version: >> wum updated pack: wso2am-2.1.0.1511201090302.zip >> >> Environment details and versions: >> >> macOS High Sierra >> Version 10.13.1 >> Google Chrome: Version 62.0.3202.94 (Official Build) (64-bit) >> Firefox: 57.0 >> >> Any thoughts about this are highly appreciated. >> >> >> *Thanks and Best Regards,* >> >> *Isuru Uyanage* >> *Software Engineer - QA | WSO2* >> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >> <https://www.linkedin.com/in/isuru-uyanage/>* >> >> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Irham Iqbal > Software Engineer > WSO2 > phone: +94 777888452 > <http://wso2.com/signature> > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Mushthaq Rumy *Software Engineer* Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> Email : [email protected] WSO2, Inc.; http://wso2.com/ lean . enterprise . middleware. <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
