Hi All, I downgraded Java to (build 1.8.0_144-b01) and restarted the APIM 2.1.0
But still, I'm getting the same error. Any thoughts about this. *Thanks and Best Regards,* *Isuru Uyanage* *Software Engineer - QA | WSO2* *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ <https://www.linkedin.com/in/isuru-uyanage/>* On Thu, Nov 23, 2017 at 1:22 PM, Isuru Uyanage <[email protected]> wrote: > Hi All, > > I tried updating Owasp.CsrfGuard.Carbon.properties file, which is in > $APIM_HOME/repository/conf/security folder by adding the below entry. > org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont > ext%/carbon/admin/* > > I could log in to the Management console with admin credentials but once > try to creating user/user roles, cannot proceed further and the same issue > is repeating. I think the best option is to downgrade the java. > > Thanks, > > *Thanks and Best Regards,* > > *Isuru Uyanage* > *Software Engineer - QA | WSO2* > *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* > *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ > <https://www.linkedin.com/in/isuru-uyanage/>* > > > > > On Thu, Nov 23, 2017 at 4:54 AM, roshan wijesena <[email protected]> > wrote: > >> Hi Rumy, >> >> is this mail public ?, [Important][Critical] None of WSO2 products are >> working with latest JDK. >> >> I am also facing the same problem, however downgrade java is not a option >> for me :( >> >> On Wed, Nov 22, 2017 at 11:09 PM, Mushthaq Rumy <[email protected]> >> wrote: >> >>> Hi Isuru, >>> >>> Seems like the java version is causing this issue. This issue is there >>> with java JDK 8u151. Please refer [1] for more details. >>> >>> [1] - [Important][Critical] None of WSO2 products are working with >>> latest JDK [Was: GZIP decoding issue in APIM/EI when deployed in MC] >>> >>> Thanks & Regards, >>> Mushthaq >>> >>> On Wed, Nov 22, 2017 at 3:35 PM, Irham Iqbal <[email protected]> wrote: >>> >>>> Hi Isuru, >>>> >>>> The reason might the java version you're using. >>>> >>>> You can update the Owasp.CsrfGuard.Carbon.properties file, which is in >>>> $APIM_HOME/repository/conf/security folder with the bellowing entry to >>>> ignore this error, IMO it's better if you use the proper java version. >>>> org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont >>>> ext%/carbon/admin/* >>>> >>>> Thanks, >>>> Iqbal >>>> >>>> On Wed, Nov 22, 2017 at 3:08 PM, Isuru Uyanage <[email protected]> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> I'm using wum updated pack (wso2am-2.1.0.1511201090302) for API >>>>> Manager. After APIM server is started with the fresh pack, I can navigate >>>>> to Management Console. But once I'm trying to log in with admin >>>>> credentials, I cannot log in. The error is as below. >>>>> >>>>> Error: 403 Forbidden >>>>> JavaLogger potential cross-site request forgery (CSRF) attack thwarted >>>>> (user:<anonymous>, ip:10.100.5.136, method:POST, >>>>> uri:/carbon/admin/login_action.jsp, error:required token is missing >>>>> from the request) >>>>> >>>>> Affected Product Version: >>>>> wum updated pack: wso2am-2.1.0.1511201090302.zip >>>>> >>>>> Environment details and versions: >>>>> >>>>> macOS High Sierra >>>>> Version 10.13.1 >>>>> Google Chrome: Version 62.0.3202.94 (Official Build) (64-bit) >>>>> Firefox: 57.0 >>>>> >>>>> Any thoughts about this are highly appreciated. >>>>> >>>>> >>>>> *Thanks and Best Regards,* >>>>> >>>>> *Isuru Uyanage* >>>>> *Software Engineer - QA | WSO2* >>>>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>>>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>>>> <https://www.linkedin.com/in/isuru-uyanage/>* >>>>> >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Irham Iqbal >>>> Software Engineer >>>> WSO2 >>>> phone: +94 777888452 >>>> <http://wso2.com/signature> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Mushthaq Rumy >>> *Software Engineer* >>> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> >>> Email : [email protected] >>> WSO2, Inc.; http://wso2.com/ >>> lean . enterprise . middleware. >>> >>> <http://wso2.com/signature> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
