If you are using Mac OS with High Sierra, you may encounter the following warning when logging in to the Management Console due to a compression issue that exists in the High Sierra SDK. Code Block |
---|
WARN {org.owasp.csrfguard.log.JavaLogger} - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:xxx.xxx.xx.xx, method:POST, uri:/carbon/admin/login_action.jsp, error:required token is missing from the request) |
To avoid this issue, open the <BPS_HOME>/ repository/conf/tomcat/catalina-server.xml file and change the compression="on" to compression="off" in the Connector configuration, and restart the BPS. |