Remove csrfguard register from web.xml

[Zeta201]

Purpose

Describe the problems, issues, or needs driving this feature/fix and include links to related issues in the following format: Resolves issue1, issue2, etc.

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3b9c38a5-f211-4545-812b-dd25e65570e2

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[wso2-engineering]

Log Improvement Suggestion No: 1

Suggested change

	@Override
	public void init(ServletConfig config) throws ServletException {
	// Must call super.init() so GenericServlet stores the config in its instance field.
	// Equinox's HttpServletRequestWrapperImpl resolves the session via
	// getServletConfig().getServletContext() on this (the registered) servlet.
	super.init(config);
	// Also initialise the delegate so it sets its static servletConfig field.
	@Override
	public void init(ServletConfig config) throws ServletException {
	log.info("Initializing CsrfJavaScriptServletProxy");
	// Must call super.init() so GenericServlet stores the config in its instance field.
	// Equinox's HttpServletRequestWrapperImpl resolves the session via
	// getServletConfig().getServletContext() on this (the registered) servlet.
	super.init(config);

[wso2-engineering]

Log Improvement Suggestion No: 2

Suggested change

	@Override
	protected void service(HttpServletRequest request, HttpServletResponse response)
	throws ServletException, IOException {
	delegate.service(request, response);
	@Override
	protected void service(HttpServletRequest request, HttpServletResponse response)
	throws ServletException, IOException {
	if (log.isDebugEnabled()) {
	log.debug("Forwarding CSRF JavaScript request to delegate servlet");
	}
	delegate.service(request, response);

[wso2-engineering]

Log Improvement Suggestion No: 3

Suggested change

	context.registerService(Filter.class, csrfGuardFilter, csrfFilterProps);
	context.registerService(Filter.class, csrfGuardFilter, csrfFilterProps);
	log.info("CSRF Guard filter registered successfully for pattern: /*");

[wso2-engineering]

AI Agent Log Improvement Checklist

⚠️ Warning: AI-Generated Review Comments

• The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
• Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.

✅ Before merging this pull request:

• Review all AI-generated comments for accuracy and relevance.
• Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.

Comment	Accepted (Y/N)	Reason
#### Log Improvement Suggestion No: 1
#### Log Improvement Suggestion No: 2
#### Log Improvement Suggestion No: 3

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/22933838369
Status: cancelled

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/22933858238

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/22933858238
Status: failure

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/22933858238

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/22933858238
Status: failure

[jenkins-is-staging]

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/22937498949

[jenkins-is-staging]

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/22937498949
Status: failure