After applying CF3 on PIM 12.8, the User cannot log in to Enterprise Management WebUI

Document ID : KB000033547
Last Modified Date : 14/02/2018
Show Technical Document Details


During the Privileged Identity manager (PIM) upgrade to CF3 and following the "128_CF3-Deployment-Windows-Manual-Instructions.htm" procedure in "", logging into EntM fails on step 29.


The following message appears on WebUI:
You have successfully logged out.

The following error appears in server.log:
[Error] potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:0:0:0:0:0:0:0:1,method:%request_method%, uri:/iam/ac/ca12/index.jsp, error:required token is missing from the request)


After a manual upgrade, two CSRF related files "csrfguard-3.0.0.jar" and "csrfguard-3.1.0.jar" can be located under

"<JBoss>\server\default\deploy\IdentityMinder.ear\user_console.war\WEB-INF\lib", however only "csrfguard-3.1.0.jar" is only used with 12.8 CF3.



To address this issue, stop JBoss and remove (or move to other directory) "csrfguard-3.0.0.jar" and restart JBoss.