Hi Irham, Yes it worked with *carbon/** with java build 1.8.0_144-b01.
Thanks Isuru *Thanks and Best Regards,* *Isuru Uyanage* *Software Engineer - QA | WSO2* *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ <https://www.linkedin.com/in/isuru-uyanage/>* On Fri, Nov 24, 2017 at 7:56 AM, Irham Iqbal <[email protected]> wrote: > Hi Isuru, > > The reason for the issue your facing is the request is not going > for /carbon/admin/* IMO if you making it /carbon/* it should work. > > Thanks, > Iqbal > > On Thu, Nov 23, 2017 at 8:20 PM, Bhathiya Jayasekara <[email protected]> > wrote: > >> Hi Roshan, >> >> No, that's not a public thread. >> >> Here[1] is the original bug. >> >> @Isuru: Make sure you don't have the previous version in your PATH >> variable. >> >> [1] https://bugs.openjdk.java.net/browse/JDK-8189789 >> >> Thanks, >> Bhathiya >> >> On Thu, Nov 23, 2017 at 4:30 PM, Isuru Uyanage <[email protected]> wrote: >> >>> Hi All, >>> I downgraded Java to (build 1.8.0_144-b01) and restarted the APIM 2.1.0 >>> >>> But still, I'm getting the same error. Any thoughts about this. >>> >>> *Thanks and Best Regards,* >>> >>> *Isuru Uyanage* >>> *Software Engineer - QA | WSO2* >>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>> <https://www.linkedin.com/in/isuru-uyanage/>* >>> >>> >>> >>> >>> On Thu, Nov 23, 2017 at 1:22 PM, Isuru Uyanage <[email protected]> wrote: >>> >>>> Hi All, >>>> >>>> I tried updating Owasp.CsrfGuard.Carbon.properties file, which is in >>>> $APIM_HOME/repository/conf/security folder by adding the below entry. >>>> org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont >>>> ext%/carbon/admin/* >>>> >>>> I could log in to the Management console with admin credentials but >>>> once try to creating user/user roles, cannot proceed further and the same >>>> issue is repeating. I think the best option is to downgrade the java. >>>> >>>> Thanks, >>>> >>>> *Thanks and Best Regards,* >>>> >>>> *Isuru Uyanage* >>>> *Software Engineer - QA | WSO2* >>>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>>> <https://www.linkedin.com/in/isuru-uyanage/>* >>>> >>>> >>>> >>>> >>>> On Thu, Nov 23, 2017 at 4:54 AM, roshan wijesena <[email protected] >>>> > wrote: >>>> >>>>> Hi Rumy, >>>>> >>>>> is this mail public ?, [Important][Critical] None of WSO2 products >>>>> are working with latest JDK. >>>>> >>>>> I am also facing the same problem, however downgrade java is not a >>>>> option for me :( >>>>> >>>>> On Wed, Nov 22, 2017 at 11:09 PM, Mushthaq Rumy <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Isuru, >>>>>> >>>>>> Seems like the java version is causing this issue. This issue is >>>>>> there with java JDK 8u151. Please refer [1] for more details. >>>>>> >>>>>> [1] - [Important][Critical] None of WSO2 products are working with >>>>>> latest JDK [Was: GZIP decoding issue in APIM/EI when deployed in MC] >>>>>> >>>>>> Thanks & Regards, >>>>>> Mushthaq >>>>>> >>>>>> On Wed, Nov 22, 2017 at 3:35 PM, Irham Iqbal <[email protected]> wrote: >>>>>> >>>>>>> Hi Isuru, >>>>>>> >>>>>>> The reason might the java version you're using. >>>>>>> >>>>>>> You can update the Owasp.CsrfGuard.Carbon.properties file, which is >>>>>>> in $APIM_HOME/repository/conf/security folder with the bellowing >>>>>>> entry to ignore this error, IMO it's better if you use the proper java >>>>>>> version. >>>>>>> org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont >>>>>>> ext%/carbon/admin/* >>>>>>> >>>>>>> Thanks, >>>>>>> Iqbal >>>>>>> >>>>>>> On Wed, Nov 22, 2017 at 3:08 PM, Isuru Uyanage <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi All, >>>>>>>> >>>>>>>> I'm using wum updated pack (wso2am-2.1.0.1511201090302) for API >>>>>>>> Manager. After APIM server is started with the fresh pack, I can >>>>>>>> navigate >>>>>>>> to Management Console. But once I'm trying to log in with admin >>>>>>>> credentials, I cannot log in. The error is as below. >>>>>>>> >>>>>>>> Error: 403 Forbidden >>>>>>>> JavaLogger potential cross-site request forgery (CSRF) attack >>>>>>>> thwarted (user:<anonymous>, ip:10.100.5.136, method:POST, >>>>>>>> uri:/carbon/admin/login_action.jsp, error:required token is >>>>>>>> missing from the request) >>>>>>>> >>>>>>>> Affected Product Version: >>>>>>>> wum updated pack: wso2am-2.1.0.1511201090302.zip >>>>>>>> >>>>>>>> Environment details and versions: >>>>>>>> >>>>>>>> macOS High Sierra >>>>>>>> Version 10.13.1 >>>>>>>> Google Chrome: Version 62.0.3202.94 (Official Build) (64-bit) >>>>>>>> Firefox: 57.0 >>>>>>>> >>>>>>>> Any thoughts about this are highly appreciated. >>>>>>>> >>>>>>>> >>>>>>>> *Thanks and Best Regards,* >>>>>>>> >>>>>>>> *Isuru Uyanage* >>>>>>>> *Software Engineer - QA | WSO2* >>>>>>>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>>>>>>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>>>>>>> <https://www.linkedin.com/in/isuru-uyanage/>* >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> [email protected] >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Irham Iqbal >>>>>>> Software Engineer >>>>>>> WSO2 >>>>>>> phone: +94 777888452 >>>>>>> <http://wso2.com/signature> >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> [email protected] >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Mushthaq Rumy >>>>>> *Software Engineer* >>>>>> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> >>>>>> Email : [email protected] >>>>>> WSO2, Inc.; http://wso2.com/ >>>>>> lean . enterprise . middleware. >>>>>> >>>>>> <http://wso2.com/signature> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Bhathiya Jayasekara* >> *Associate Technical Lead,* >> *WSO2 inc., http://wso2.com <http://wso2.com>* >> >> *Phone: +94715478185 <071%20547%208185>* >> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >> <http://www.linkedin.com/in/bhathiyaj>* >> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >> *Blog: http://movingaheadblog.blogspot.com >> <http://movingaheadblog.blogspot.com/>* >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Irham Iqbal > Software Engineer > WSO2 > phone: +94 777888452 > <http://wso2.com/signature> > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
