After implementing OWASP, application works in IE and Firefox but not Safari

Recently we implemented OWASP security solutions with OWASP.jar. After this, our application was working fine in IE 7 and Firefox 3.5. But the application is not working in Safari 4.0.5 or 5.0.

The console shows this message:

"Possible CSRF Threat detected ! redirecting to login page.."

I am unable to log into the application. Even the request itself is not taking. If you have any ideas, please suggest them to me. Is there anything I need to do with the settings of the Safari 开发者_高级运维browser?

We are using Java for development.

Assuming that you are referring to OWASP CSRFGuard 2.x here (there is no library/framework called OWASP), the message referred to, is displayed when the incoming CSRF token is absent or different from the one expected (which is stored in the HttpSession object). The token itself is managed via a session cookie on the client side, having a default name of OWASP_CSRFTOKEN.

It would be a good thing to check for the following:

1. Are cookies enabled in Safari?
2. Is the browser transmitting the CSRF token cookie on every request (after it has been initially set) to the server?
3. Has the server conveyed the session cookie containing the CSRF token to the client? And, is the server generating a CSRF token (utilizing a SHA1PRNG provider by default) when the first request is submitted by the client to the server? This is less likely to be a problem, given that there are no problems with MSIE and FF.