Issue:
[toc on_off::hide=1]
Since installation of JasperReports Server 4.5 I find the following INFO level messages in my application server logging, how do I remove it:
INFO:
*****************************************************
* Owasp.CsrfGuard Properties
*
* Logger: com.jaspersoft.jasperserver.api.security.JSCsrfLogger
* NewTokenLandingPage: /jasperserver-pro/login.html
* PRNG: SHA1PRNG
* SessionKey: JASPER_CSRF_SESSION_KEY
* TokenLength: 96
* TokenName: JASPER_CSRF_TOKEN
* Ajax: true
* Rotate: true
* TokenPerPage: true
* Action: org.owasp.csrfguard.action.Rotate
* Action: org.owasp.csrfguard.action.Redirect
* Parameter: Page = /jasperserver-pro/login.html
* Action: org.owasp.csrfguard.action.Log
* Parameter: Message = potential cross-site request forgery (CSRF) attack thwarted (user:%user%, ip:%remote_ip%, uri:%request_uri%, error:%exception_message%)
*****************************************************
Resolution:
In jasperserver-proWEB-INFweb.xml file, set the following param-value to false instead of the default value of true:
Owasp.CsrfGuard.Config.Print
true
Restart to load the new change.
See Also
Ref. Case #00023085 -- 15:07, 13 December 2011 (UTC)
Recommended Comments
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now