[JBoss Web Services] - Prevent injection from DOCTYPE declarations
by Per Forsh
Per Forsh [http://community.jboss.org/people/pforsh] created the discussion
"Prevent injection from DOCTYPE declarations"
To view the discussion, visit: http://community.jboss.org/message/596146#596146
--------------------------------------------------------------
I have a JBossAS server in version 5.0.1, after security testing we now know that it is possible to use the following code to find/guess open ports.
POST /some/WebService HTTP/1.1
Content-type: text/xml;charset="utf-8"
Soapaction: ""
Accept: text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
User-Agent: JAX-WS RI 2.1.6 in JDK 6
Host: localhost:8443
Connection: close
Content-Length: 265
<?xml version="1.0" ?><!DOCTYPE arg0 [ <!ENTITY x SYSTEM "http://127.0.0.1:50000"> ] ><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><tns:enrollStatus xmlns:tns="http://www.xx.xx/"><arg0>&x;</arg0></tns:enrollStatus></S:Body></S:Envelope>
I have read the discussion: http://community.jboss.org/message/536246#536246 http://community.jboss.org/message/536246#536246 and from that upgraded jbossws to 3.4.0, but the server still accepts an URL to be injected. I also had problems with this kind of code:
POST /some/WebService HTTP/1.1
Content-type: text/xml;charset="utf-8"
Soapaction: ""
Accept: text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
User-Agent: JAX-WS RI 2.1.6 in JDK 6
Host: localhost:8443
Connection: close
Content-Length: 243
<?xml version="1.0" ?><!DOCTYPE arg0 [ <!ENTITY x "aaaa"> ] ><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><tns:enrollStatus xmlns:tns="http://www.xx.xx/"><arg0>&x;</arg0></tns:enrollStatus></S:Body></S:Envelope>
But this injection was not allowed after the upgrade to jbossws 3.4.0, where x now is just "blank". Before the upgrade x was injected as "aaaa"
Best Regards,
Per Forsh
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/596146#596146]
Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&cont...]
15 years
[jBPM] - Re: Storing a long String (>255 Characters) in a Process Variable is not Possible(?)
by Silvio Meier
Silvio Meier [http://community.jboss.org/people/k0k0pelli] created the discussion
"Re: Storing a long String (>255 Characters) in a Process Variable is not Possible(?)"
To view the discussion, visit: http://community.jboss.org/message/596150#596150
--------------------------------------------------------------
To illustrate the problem, I attached a simple dummy test. After deploying it (execute the deploy class) and istantiating (using the class CreateInstance) a process with a test variable (testvar) that should be stored in a long text field is created. the acutal code looks as follows:
ProcessEngine processEngine = new Configuration().setResource("jbpm.cfg.xml").buildProcessEngine();
RepositoryService repositoryService = processEngine.getRepositoryService();
ExecutionService executionService = processEngine.getExecutionService();
Map<String, Object> variables = new HashMap<String, Object>();
variables.put("testvar", "This is a test variable for a text".toCharArray());
executionService.startProcessInstanceByKey("test", variables);
After creating the instance with the long text variable testvar, the following exception occurs:
Caused by: java.lang.ClassCastException: [C cannot be cast to java.lang.String
at org.hibernate.type.TextType.toString(TextType.java:94)
at org.hibernate.type.NullableType.nullSafeToString(NullableType.java:117)
at org.hibernate.type.NullableType.nullSafeSet(NullableType.java:158)
at org.hibernate.type.NullableType.nullSafeSet(NullableType.java:131)
at org.hibernate.persister.entity.AbstractEntityPersister.dehydrate(AbstractEntityPersister.java:2015)
at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:2261)
at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:2678)
at org.hibernate.action.EntityInsertAction.execute(EntityInsertAction.java:79)
at org.hibernate.engine.ActionQueue.execute(ActionQueue.java:279)
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:263)
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:167)
at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:321)
at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:50)
at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1028)
at org.jbpm.pvm.internal.tx.HibernateSessionResource.prepare(HibernateSessionResource.java:56)
at org.jbpm.pvm.internal.tx.StandardTransaction.commit(StandardTransaction.java:107)
at org.jbpm.pvm.internal.tx.StandardTransaction.complete(StandardTransaction.java:64)
at org.jbpm.pvm.internal.tx.StandardTransactionInterceptor.execute(StandardTransactionInterceptor.java:57)
at org.jbpm.pvm.internal.svc.EnvironmentInterceptor.executeInNewEnvironment(EnvironmentInterceptor.java:53)
at org.jbpm.pvm.internal.svc.EnvironmentInterceptor.execute(EnvironmentInterceptor.java:40)
at org.jbpm.pvm.internal.svc.RetryInterceptor.execute(RetryInterceptor.java:56)
at org.jbpm.pvm.internal.svc.SkipInterceptor.execute(SkipInterceptor.java:43)
at org.jbpm.pvm.internal.svc.ExecutionServiceImpl.createVariables(ExecutionServiceImpl.java:174)
I didn't find an open issue in the ticket tracker. Are there any ideas?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/596150#596150]
Start a new discussion in jBPM at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&cont...]
15 years
[JBoss Messaging] - Messages Stuck in 'Delivering State'.
by Gurvinderpal Narula
Gurvinderpal Narula [http://community.jboss.org/people/groovenarula] created the discussion
"Messages Stuck in 'Delivering State'."
To view the discussion, visit: http://community.jboss.org/message/588306#588306
--------------------------------------------------------------
Our system consists of one virtualized VMWare guest server running Red Hat Enterprise
Server 64 bit, Java HotSpot(TM) 64-Bit Server VM
and JBoss 5.1.0.GA. The machine runs a single instance of JBoss with Postgresql (running on a different server).
The JBOSS instance is dedicated to processing JMS Messages for 3 tomcat based web application clients again running on different servers.
We have made no other changes to JBOSS Messaging Postgresql Presistence manager's configuration other then disabling 'ChannelFactoryName'
<!-- <depends optional-attribute-name="ChannelFactoryName">jboss.jgroups:service=ChannelFactory</depends> -->
(referred the following : http://community.jboss.org/message/204473#204473 http://community.jboss.org/message/204473#204473 )
The JMS clients are all Spring based web applications that consumer messages from one of the queues on the jboss server.
We deployed this configuration to production this Monday. So far the server has been very stable. The only issue that we've run into is that there are (now) about 7 messages that are stuck in the 'Delivering' state since the last 3 days. So basically everytime we look at the queue's status using the jmx-console, it shows MessageCount is stuck at 7 and DeliveringCount is also stuck at 7. The tomcat servers have recevied several other messages since we've noticed these stuck messages. We tried to remove these messages using the 'removeAllMessages' operation, but we then saw an error in the jboss logs basically stating that messages that are in a DeliveringState cannot be removed.
I would like to know if someone can please help me find a way to delete these messages. Also we have not been able to reproduce this behavior in our development / test enviroment. So we're wondering if this could have been caused by some intermittent communication failure (network not available etc) between the Jboss Servers and Tomcat Servers. Does anyone know of any such issues with the JBM version (I believe it's 1.4.3 GA) bundled with JBOSS AS 5.1.0.
We do plan to upgrade to HornetQ in the near future (there is a critical bug in the current Final version of HornetQ that we're wait to be resolved in the next version before we migrate over the HornetQ).
So if anyboby can shed some light on what could cause messages to end up in a DeliveryState and what steps I can take to remove these messages from the queue, it will be much appreciated.
Thanks in advance.
Gurvinder
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/588306#588306]
Start a new discussion in JBoss Messaging at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&cont...]
15 years
[JBoss Messaging] - Re: long live consumer stops working
by Joseph S
Joseph S [http://community.jboss.org/people/jselvin] created the discussion
"Re: long live consumer stops working"
To view the discussion, visit: http://community.jboss.org/message/596028#596028
--------------------------------------------------------------
Hi Ron,
I am observing similar issue in my application. We are using Jboss 4.2.0.GA, Jboss Remoting 2.5.3.SP1
We have a firewall between our server and client and we followed the forum,
http://blog.akquinet.de/2009/09/30/using-jboss-messaging-in-a-firewalled-... http://blog.akquinet.de/2009/09/30/using-jboss-messaging-in-a-firewalled-...
to set our parameters like below,
+ <attribute name="marshaller" isParam="true">org.jboss.jms.wireformat.JMSWireFormat</attribute>+
+ <attribute name="unmarshaller" isParam="true">org.jboss.jms.wireformat.JMSWireFormat</attribute>+
+ <attribute name="dataType" isParam="true">jms</attribute>+
+ <attribute name="socket.check_connection" isParam="true">true</attribute> +
+ <attribute name="serverBindAddress">${jboss.bind.address}</attribute>+
+ <attribute name="serverBindPort">4457</attribute>+
+ <attribute name="clientSocketClass" isParam="true">org.jboss.jms.client.remoting.ClientSocketWrapper</attribute>+
+ <attribute name="serverSocketClass">org.jboss.jms.server.remoting.ServerSocketWrapper</attribute>+
+ <attribute name="numberOfCallRetries" isParam="true">5</attribute>+
+ <attribute name="pingFrequency" isParam="true">5000</attribute>+
+ <attribute name="pingWindowFactor" isParam="true">2</attribute>+
+ <attribute name="onewayThreadPool">org.jboss.jms.server.remoting.DirectThreadPool</attribute> +
+ <attribute name="stopLeaseOnFailure" isParam="true">true</attribute>+
+ <attribute name="clientLeasePeriod" isParam="true">10000</attribute>+
+ <attribute name="validatorPingPeriod" isParam="true">10000</attribute>+
+ <attribute name="validatorPingTimeout" isParam="true">5000</attribute>+
+ <attribute name="failureDisconnectTimeout" isParam="true">0</attribute>+
+ <attribute name="callbackErrorsAllowed">1</attribute>+
+ <attribute name="registerCallbackListener">false</attribute>+
+ <attribute name="useClientConnectionIdentity" isParam="true">true</attribute>+
+ <attribute name="timeout" isParam="true">1800000</attribute>+
+ <attribute name="numberOfRetries" isParam="true">10</attribute>+
+ <attribute name="JBM_clientMaxPoolSize" isParam="true">200</attribute>+
+ <attribute name="callbackTimeout">10000</attribute>+
+ <attribute name="secondaryBindPort">4481</attribute>+
With this implementation, we have mulitple Connections in CLOSE_WAIT state most of them getting cleared and some left behind.
After several days, we loose the JMS communication. We need to restart the application again to get rid off.
Also we observed the below exception multiple times when the issue happens,
Exception:
2011-03-28 11:50:10,271 TRACE [org.jboss.remoting.transport.socket.ServerThread(638)](WorkerThread#4[10.255.254.134:42933]) WorkerThread#4[10.255.254.134:42933] EOFException received. This is likely due to client finishing communication.
java.io.EOFException
at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:740)
at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:586)
at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:234)
Kindly share some light to resolve this.
Regards,
Joseph.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/596028#596028]
Start a new discussion in JBoss Messaging at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&cont...]
15 years