wso2esb - wso2 ei server, error 403 forbidden, Does not access the core, error:required token is missing from the request

Question

I am installing WSO2 EI 6.1.1

integrator --run : 
https://localhost:9445/carbon/admin/login.jsp -> OK

wso2serber.bat : EI-Business-Process Server 
https://localhost:9445/carbon/admin/login_action.jsp
Error 403 - Forbidden

[EI-Business-Process]  WARN {org.owasp.csrfguard.log.JavaLogger} -  potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:192.168.1.11, method:POST, uri:/carbon/admin/login_action.jsp, error:required token is missing from the request)

and wso2serber.bat : EI-Analytics
https://localhost:9444/carbon/admin/login_action.jsp
Error 403 - Forbidden

 [EI-Analytics]  WARN {org.owasp.csrfguard.log.JavaLogger} -  potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:192.168.1.11, method:POST, uri:/carbon/admin/login_action.jsp, error:required token is missing from the request)

How do I solve this problem? How do I make the Management Console of wso2 Business Process Server under WSO2 WSO2 EI available?

Answer 1

This is due to a known bug in latest JDK.

https://bugs.openjdk.java.net/browse/JDK-8189789

Use JDK 8u144 instead.

Edit: Another workaround is disabling compression in tomcat.

1. Open the catalina-server.xml file from the <PRODUCT_HOME>/repository/conf/tomcat/ directory.

2. Set the compression parameter (under each of the connector configurations) to off as shown below: compression="off"

3. Restart the server.