Hi Anupama,
On Tue, Jun 7, 2016 at 5:50 PM, Anupama Pathirage <anup...@wso2.com> wrote:
> Hi,
>
> We got the following issues when testing WSO2 DSS with the Kernel RC2
> Release.
>
> *1) *Any action on management console gives the following error. It seems
> to be related with the tomcat upgrade and appreciate your input on this.
>
> [2016-06-07 17:21:16,905] ERROR
> {org.apache.coyote.AbstractProtocol$AbstractConnectionHandler} - Error
> reading request, ignored
> java.lang.NoSuchMethodError: org.apache.coyote.Request.getBytesRead()I
> at org.apache.coyote.RequestInfo.updateCounters(RequestInfo.java:143)
> at org.apache.coyote.Request.updateCounters(Request.java:533)
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1140)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
Yes, it is due to the tomcat upgrade in kernel, relevant fixes for
carbon-deployment are already there in 4.6.2-SNAPSHOT. We have to do a
deployment release once we release 4.4.6-SNAPSHOT. For the moment, for
testing purpose, is it possible you try with 4.6.2-SNAPSHOT?
>
> *2) *DBS file uploads gives the following error which returns Error 403 -
> Forbidden
>
> [2016-06-07 17:21:16,904] WARN {org.owasp.csrfguard.log.JavaLogger} -
> potential cross-site request forgery (CSRF) attack thwarted
> (user:<anonymous>, ip:10.100.7.118, method:POST,
> uri:/carbon/admin/jsp/WSRequestXSSproxy_ajaxprocessor.jsp, error:required
> token is missing from the request)
>
>
For this would you please try with adding the following line to
repository/conf/security/Owasp.CsrfGuard.Carbon.properties,
org.owasp.csrfguard.unprotected.FileUpload=%servletContext%/fileupload/*
> Regards,
>
> On Tue, Jun 7, 2016 at 4:46 PM, KasunG Gajasinghe <kas...@wso2.com> wrote:
>
>>
>> Others, please continue to testing the pack and report all the issues so
>> we can check and fix.
>>
>> On Tue, Jun 7, 2016 at 2:31 PM, Kasun Bandara <kas...@wso2.com> wrote:
>>
>>> Hi Niranjan,
>>>
>>> Created [1] to track the equivalent Carbon JIRA.
>>>
>>> [1] https://wso2.org/jira/browse/CARBON-15938
>>>
>>> Thanks,
>>> Kasun.
>>>
>>> On Tue, Jun 7, 2016 at 2:23 PM, Niranjan Karunanandham <
>>> niran...@wso2.com> wrote:
>>>
>>>> Hi KasunB,
>>>>
>>>> Please create an equivalent JIRA in Kernel in-order to track this.
>>>>
>>>> Regards,
>>>> Nira
>>>>
>>>> On Tue, Jun 7, 2016 at 2:11 PM, Kasun Bandara <kas...@wso2.com> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> We are having L1 reported in [1] and will be a blocker for IS. Please
>>>>> hold off the vote proceedings until we find out the root cause of the
>>>>> issue. Most probably this issue must be originated from user core.
>>>>>
>>>>>
>>>>> Thanks,
>>>>> Kasun.
>>>>>
>>>>> [1] https://wso2.org/jira/browse/IDENTITY-4656
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Jun 7, 2016 at 11:45 AM, KasunG Gajasinghe <kas...@wso2.com>
>>>>> wrote:
>>>>>
>>>>>> Hi Viraj,
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Jun 7, 2016 at 10:12 AM, Viraj Senevirathne <vir...@wso2.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi Kalpa,
>>>>>>>
>>>>>>> I tried to build product-esb with kernel RC2 but it failed as
>>>>>>> package org.apache.velocity 0.0.0 dependency could not be found.
>>>>>>>
>>>>>>> *Installation failed.*
>>>>>>> *Cannot complete the install because one or more required items
>>>>>>> could not be found.*
>>>>>>> * Software being installed: WSO2 Carbon - Mediators Feature
>>>>>>> 4.6.1.SNAPSHOT (org.wso2.carbon.mediators.feature.group 4.6.1.SNAPSHOT)*
>>>>>>> * Missing requirement: bsf-all 3.0.0.wso2v5 (bsf-all 3.0.0.wso2v5)
>>>>>>> requires 'package org.apache.velocity 0.0.0' but it could not be found*
>>>>>>> * Cannot satisfy dependency:*
>>>>>>> * From: WSO2 Carbon - Mediators Feature 4.6.1.SNAPSHOT
>>>>>>> (org.wso2.carbon.mediators.feature.group 4.6.1.SNAPSHOT)*
>>>>>>> * To: org.wso2.carbon.mediators.server.feature.group
>>>>>>> [4.6.1.SNAPSHOT]*
>>>>>>> * Cannot satisfy dependency:*
>>>>>>> * From: WSO2 Carbon - All Mediators Server Feature 4.6.1.SNAPSHOT
>>>>>>> (org.wso2.carbon.mediators.server.feature.group 4.6.1.SNAPSHOT)*
>>>>>>> * To: bsf-all [3.0.0.wso2v5,3.1.0)*
>>>>>>> *Application failed, log file location:
>>>>>>> /home/virajrs/.m2/repository/org/eclipse/tycho/tycho-p2-runtime/0.13.0/eclipse/configuration/1465274241567.log*
>>>>>>>
>>>>>>> How can we overcome this?
>>>>>>>
>>>>>>
>>>>>> To fix security vulnerabilities, we have upgraded the opensaml orbit
>>>>>> bundle to the latest. In that process, IS folks have fixed issues in the
>>>>>> old opensaml orbit to conform to the new orbit guidelines. In that
>>>>>> process,
>>>>>> the org.apache.velocity packages were removed from opensaml. If you need
>>>>>> opensaml, then you should include this feature [1].
>>>>>>
>>>>>> You shouldn't be using velocity packages directly that is coming from
>>>>>> opensaml. If you only need velocity, then your feature need to include
>>>>>> velocity orbit.
>>>>>>
>>>>>> [1]
>>>>>> https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/master/features/org.wso2.carbon.identity.sso.saml.server.feature/pom.xml
>>>>>>
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Thank You,
>>>>>>>
>>>>>>> On Tue, Jun 7, 2016 at 8:32 AM, Kalpa Welivitigoda <kal...@wso2.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi Devs,
>>>>>>>>
>>>>>>>> This is the 2nd release candidate of WSO2 Carbon Kernel 4.4.6.
>>>>>>>>
>>>>>>>> This release fixes the following issues:
>>>>>>>> https://wso2.org/jira/issues/?filter=13090
>>>>>>>>
>>>>>>>> Please download and test your products with kernel 4.4.6 RC1 and
>>>>>>>> vote. Vote will be open for 72 hours or as longer as needed.
>>>>>>>>
>>>>>>>> Source and binary distribution files:
>>>>>>>>
>>>>>>>> http://svn.wso2.org/repos/wso2/people/kalpaw/wso2carbon-4.4.6/wso2carbon-4.4.6-rc2.zip
>>>>>>>>
>>>>>>>> Maven staging repository:
>>>>>>>> http://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1023/
>>>>>>>>
>>>>>>>> The tag to be voted upon:
>>>>>>>> https://github.com/wso2/carbon-kernel/tree/v4.4.6-rc2
>>>>>>>>
>>>>>>>>
>>>>>>>> [ ] Broken - do not release (explain why)
>>>>>>>> [ ] Stable - go ahead and release
>>>>>>>>
>>>>>>>> Thank you
>>>>>>>> Carbon Team
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best Regards,
>>>>>>>>
>>>>>>>> Kalpa Welivitigoda
>>>>>>>> Software Engineer, WSO2 Inc. http://wso2.com
>>>>>>>> Email: kal...@wso2.com
>>>>>>>> Mobile: +94776509215
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Dev mailing list
>>>>>>>> Dev@wso2.org
>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Viraj Senevirathne
>>>>>>> Software Engineer; WSO2, Inc.
>>>>>>>
>>>>>>> Mobile : +94 71 958 0269
>>>>>>> Email : vir...@wso2.com
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Dev mailing list
>>>>>>> Dev@wso2.org
>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
>>>>>> email: kasung AT spamfree wso2.com
>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe
>>>>>> blog: http://kasunbg.org
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> Dev@wso2.org
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Kasun Bandara
>>>>> *Software Engineer*
>>>>> Mobile : +94 (0) 718 338 360
>>>>> <%2B94%20%280%29%20773%20451194>
>>>>> kas...@wso2.com <thili...@wso2.com>
>>>>>
>>>>> _______________________________________________
>>>>> Dev mailing list
>>>>> Dev@wso2.org
>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>>
>>>> *Niranjan Karunanandham*
>>>> Associate Technical Lead - WSO2 Inc.
>>>> WSO2 Inc.: http://www.wso2.com
>>>>
>>>
>>>
>>>
>>> --
>>> Kasun Bandara
>>> *Software Engineer*
>>> Mobile : +94 (0) 718 338 360
>>> <%2B94%20%280%29%20773%20451194>
>>> kas...@wso2.com <thili...@wso2.com>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>>
>> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
>> email: kasung AT spamfree wso2.com
>> linked-in: http://lk.linkedin.com/in/gajasinghe
>> blog: http://kasunbg.org
>>
>>
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Anupama Pathirage
> Associate Technical Lead
> WSO2, Inc. http://wso2.com/
> Email: anup...@wso2.com
> Mobile:+94 71 8273 979
> Blog:http://mycodeideas.blogspot.com/
>
>
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Best Regards,
Kalpa Welivitigoda
Software Engineer, WSO2 Inc. http://wso2.com
Email: kal...@wso2.com
Mobile: +94776509215
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
