Hi Anupama, On Tue, Jun 7, 2016 at 5:50 PM, Anupama Pathirage <anup...@wso2.com> wrote:
> Hi, > > We got the following issues when testing WSO2 DSS with the Kernel RC2 > Release. > > *1) *Any action on management console gives the following error. It seems > to be related with the tomcat upgrade and appreciate your input on this. > > [2016-06-07 17:21:16,905] ERROR > {org.apache.coyote.AbstractProtocol$AbstractConnectionHandler} - Error > reading request, ignored > java.lang.NoSuchMethodError: org.apache.coyote.Request.getBytesRead()I > at org.apache.coyote.RequestInfo.updateCounters(RequestInfo.java:143) > at org.apache.coyote.Request.updateCounters(Request.java:533) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1140) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:745) > Yes, it is due to the tomcat upgrade in kernel, relevant fixes for carbon-deployment are already there in 4.6.2-SNAPSHOT. We have to do a deployment release once we release 4.4.6-SNAPSHOT. For the moment, for testing purpose, is it possible you try with 4.6.2-SNAPSHOT? > > *2) *DBS file uploads gives the following error which returns Error 403 - > Forbidden > > [2016-06-07 17:21:16,904] WARN {org.owasp.csrfguard.log.JavaLogger} - > potential cross-site request forgery (CSRF) attack thwarted > (user:<anonymous>, ip:10.100.7.118, method:POST, > uri:/carbon/admin/jsp/WSRequestXSSproxy_ajaxprocessor.jsp, error:required > token is missing from the request) > > For this would you please try with adding the following line to repository/conf/security/Owasp.CsrfGuard.Carbon.properties, org.owasp.csrfguard.unprotected.FileUpload=%servletContext%/fileupload/* > Regards, > > On Tue, Jun 7, 2016 at 4:46 PM, KasunG Gajasinghe <kas...@wso2.com> wrote: > >> >> Others, please continue to testing the pack and report all the issues so >> we can check and fix. >> >> On Tue, Jun 7, 2016 at 2:31 PM, Kasun Bandara <kas...@wso2.com> wrote: >> >>> Hi Niranjan, >>> >>> Created [1] to track the equivalent Carbon JIRA. >>> >>> [1] https://wso2.org/jira/browse/CARBON-15938 >>> >>> Thanks, >>> Kasun. >>> >>> On Tue, Jun 7, 2016 at 2:23 PM, Niranjan Karunanandham < >>> niran...@wso2.com> wrote: >>> >>>> Hi KasunB, >>>> >>>> Please create an equivalent JIRA in Kernel in-order to track this. >>>> >>>> Regards, >>>> Nira >>>> >>>> On Tue, Jun 7, 2016 at 2:11 PM, Kasun Bandara <kas...@wso2.com> wrote: >>>> >>>>> Hi all, >>>>> >>>>> We are having L1 reported in [1] and will be a blocker for IS. Please >>>>> hold off the vote proceedings until we find out the root cause of the >>>>> issue. Most probably this issue must be originated from user core. >>>>> >>>>> >>>>> Thanks, >>>>> Kasun. >>>>> >>>>> [1] https://wso2.org/jira/browse/IDENTITY-4656 >>>>> >>>>> >>>>> >>>>> On Tue, Jun 7, 2016 at 11:45 AM, KasunG Gajasinghe <kas...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi Viraj, >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Jun 7, 2016 at 10:12 AM, Viraj Senevirathne <vir...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> Hi Kalpa, >>>>>>> >>>>>>> I tried to build product-esb with kernel RC2 but it failed as >>>>>>> package org.apache.velocity 0.0.0 dependency could not be found. >>>>>>> >>>>>>> *Installation failed.* >>>>>>> *Cannot complete the install because one or more required items >>>>>>> could not be found.* >>>>>>> * Software being installed: WSO2 Carbon - Mediators Feature >>>>>>> 4.6.1.SNAPSHOT (org.wso2.carbon.mediators.feature.group 4.6.1.SNAPSHOT)* >>>>>>> * Missing requirement: bsf-all 3.0.0.wso2v5 (bsf-all 3.0.0.wso2v5) >>>>>>> requires 'package org.apache.velocity 0.0.0' but it could not be found* >>>>>>> * Cannot satisfy dependency:* >>>>>>> * From: WSO2 Carbon - Mediators Feature 4.6.1.SNAPSHOT >>>>>>> (org.wso2.carbon.mediators.feature.group 4.6.1.SNAPSHOT)* >>>>>>> * To: org.wso2.carbon.mediators.server.feature.group >>>>>>> [4.6.1.SNAPSHOT]* >>>>>>> * Cannot satisfy dependency:* >>>>>>> * From: WSO2 Carbon - All Mediators Server Feature 4.6.1.SNAPSHOT >>>>>>> (org.wso2.carbon.mediators.server.feature.group 4.6.1.SNAPSHOT)* >>>>>>> * To: bsf-all [3.0.0.wso2v5,3.1.0)* >>>>>>> *Application failed, log file location: >>>>>>> /home/virajrs/.m2/repository/org/eclipse/tycho/tycho-p2-runtime/0.13.0/eclipse/configuration/1465274241567.log* >>>>>>> >>>>>>> How can we overcome this? >>>>>>> >>>>>> >>>>>> To fix security vulnerabilities, we have upgraded the opensaml orbit >>>>>> bundle to the latest. In that process, IS folks have fixed issues in the >>>>>> old opensaml orbit to conform to the new orbit guidelines. In that >>>>>> process, >>>>>> the org.apache.velocity packages were removed from opensaml. If you need >>>>>> opensaml, then you should include this feature [1]. >>>>>> >>>>>> You shouldn't be using velocity packages directly that is coming from >>>>>> opensaml. If you only need velocity, then your feature need to include >>>>>> velocity orbit. >>>>>> >>>>>> [1] >>>>>> https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/master/features/org.wso2.carbon.identity.sso.saml.server.feature/pom.xml >>>>>> >>>>>> >>>>>> >>>>>>> >>>>>>> Thank You, >>>>>>> >>>>>>> On Tue, Jun 7, 2016 at 8:32 AM, Kalpa Welivitigoda <kal...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Devs, >>>>>>>> >>>>>>>> This is the 2nd release candidate of WSO2 Carbon Kernel 4.4.6. >>>>>>>> >>>>>>>> This release fixes the following issues: >>>>>>>> https://wso2.org/jira/issues/?filter=13090 >>>>>>>> >>>>>>>> Please download and test your products with kernel 4.4.6 RC1 and >>>>>>>> vote. Vote will be open for 72 hours or as longer as needed. >>>>>>>> >>>>>>>> Source and binary distribution files: >>>>>>>> >>>>>>>> http://svn.wso2.org/repos/wso2/people/kalpaw/wso2carbon-4.4.6/wso2carbon-4.4.6-rc2.zip >>>>>>>> >>>>>>>> Maven staging repository: >>>>>>>> http://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1023/ >>>>>>>> >>>>>>>> The tag to be voted upon: >>>>>>>> https://github.com/wso2/carbon-kernel/tree/v4.4.6-rc2 >>>>>>>> >>>>>>>> >>>>>>>> [ ] Broken - do not release (explain why) >>>>>>>> [ ] Stable - go ahead and release >>>>>>>> >>>>>>>> Thank you >>>>>>>> Carbon Team >>>>>>>> >>>>>>>> -- >>>>>>>> Best Regards, >>>>>>>> >>>>>>>> Kalpa Welivitigoda >>>>>>>> Software Engineer, WSO2 Inc. http://wso2.com >>>>>>>> Email: kal...@wso2.com >>>>>>>> Mobile: +94776509215 >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> Dev@wso2.org >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Viraj Senevirathne >>>>>>> Software Engineer; WSO2, Inc. >>>>>>> >>>>>>> Mobile : +94 71 958 0269 >>>>>>> Email : vir...@wso2.com >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> Dev@wso2.org >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc. >>>>>> email: kasung AT spamfree wso2.com >>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe >>>>>> blog: http://kasunbg.org >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Kasun Bandara >>>>> *Software Engineer* >>>>> Mobile : +94 (0) 718 338 360 >>>>> <%2B94%20%280%29%20773%20451194> >>>>> kas...@wso2.com <thili...@wso2.com> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> >>>> *Niranjan Karunanandham* >>>> Associate Technical Lead - WSO2 Inc. >>>> WSO2 Inc.: http://www.wso2.com >>>> >>> >>> >>> >>> -- >>> Kasun Bandara >>> *Software Engineer* >>> Mobile : +94 (0) 718 338 360 >>> <%2B94%20%280%29%20773%20451194> >>> kas...@wso2.com <thili...@wso2.com> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc. >> email: kasung AT spamfree wso2.com >> linked-in: http://lk.linkedin.com/in/gajasinghe >> blog: http://kasunbg.org >> >> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Anupama Pathirage > Associate Technical Lead > WSO2, Inc. http://wso2.com/ > Email: anup...@wso2.com > Mobile:+94 71 8273 979 > Blog:http://mycodeideas.blogspot.com/ > > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Best Regards, Kalpa Welivitigoda Software Engineer, WSO2 Inc. http://wso2.com Email: kal...@wso2.com Mobile: +94776509215
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev