WSO2 EI 6.1.1操作报403错误解决

WSO2 EI 6.1.1安装完毕，所有增加Endpoint、服务注册、删除服务代理报403 forbiden，问题最终解决。

报错日志：

[2017-12-14 11:21:13,481] []  WARN - JavaLogger potential cross-site request for
gery (CSRF) attack thwarted (user:<anonymous>, ip:192.168.3.34, method:POST, uri
:/carbon/service-mgt/delete_service_groups_ajaxprocessor.jsp, error:required tok
en is missing from the request)
[2017-12-14 11:21:13,482] [] DEBUG - CarbonSecuredHttpContext Is authenticated t
rue
[2017-12-14 11:21:13,484] [] DEBUG - CarbonSecuredHttpContext CarbonSecuredHttpC
ontext -> handleSecurity() requestURI:/carbon/errors/error_403.html id:E3C4FF093
98218167CE165E7508F5790 resourceURI:../errors/error_403.html

问题原因：

This issue happens due a bug in JDK 1.8.0_151, and you can proceed with approaches.

问题是jdk 1.8.0_151,152（152是当前最新版）的一个人已知bug。

解决办法：
1、Downgrade from build 1.8.0_151 to 1.8.0_144;
2、But if you cannot proceed with the downgrade of, （降级jdk到144）
so you can disable the compression in Tomcat repository/conf/tomcat/catalina-server.xml, 

switching compression to "off" instead of the default which is "on".

（tomcat的server.xml把compression=“off”，默认是on，共2处）