During the Privileged Identity manager (PIM) upgrade to CF3 and following the "128_CF3-Deployment-Windows-Manual-Instructions.htm" procedure in "ManualStepsWithoutPatcher.zip", logging into EntM fails on step 29.
The following message appears on WebUI:
You have successfully logged out.
The following error appears in server.log:
[Error] potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:0:0:0:0:0:0:0:1,method:%request_method%, uri:/iam/ac/ca12/index.jsp, error:required token is missing from the request)
After a manual upgrade, two CSRF related files "csrfguard-3.0.0.jar" and "csrfguard-3.1.0.jar" can be located under
"<JBoss>\server\default\deploy\IdentityMinder.ear\user_console.war\WEB-INF\lib", however only "csrfguard-3.1.0.jar" is only used with 12.8 CF3.
To address this issue, stop JBoss and remove (or move to other directory) "csrfguard-3.0.0.jar" and restart JBoss.