Thank you Florian. That's where I'm stuck at the moment. We've bundled the jars
and tried adding prefer-application-packages=true, but there appears to be an
issue with 2.1.7 yet in WebLogic. If anyone has any tips, please let me know,
otherwise we will keep trying.
Peter
-Original Mess
Hi Peter,
It should be possible to configure WebLogic 12 to use the JAX-WS stack
that is bundled with an application instead of it's own. Maybe someone
on this list can help.
The next release of OpenCMIS will use Apache CXF 3.0.x. So, you have to
do something like this anyway.
There is no fi
Following the OpenCMIS development guide, we have been able to create a server
that works with Web Services on Tomcat. It appears that OpenCMIS requires the
JAX-WS lib 2.1.7. However, on WebLogic 12, a later version is used for JAX-WS
and the web services fail.
Can the OpenCMIS server work
[
https://issues.apache.org/jira/browse/CMIS-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709126#comment-14709126
]
Florian Müller commented on CMIS-938:
-
The whole InMemory repository is for testing and
[
https://issues.apache.org/jira/browse/CMIS-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709116#comment-14709116
]
Donald Kwakkel commented on CMIS-938:
-
./chemistry-opencmis-server/chemistry-opencmis-se
[
https://issues.apache.org/jira/browse/CMIS-944?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709101#comment-14709101
]
Donald Kwakkel commented on CMIS-944:
-
Great, thanks!
> XML External Entity Injection p
[
https://issues.apache.org/jira/browse/CMIS-942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709100#comment-14709100
]
Donald Kwakkel commented on CMIS-942:
-
Thanks, we will add this to our security guidelin
[
https://issues.apache.org/jira/browse/CMIS-942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709100#comment-14709100
]
Donald Kwakkel edited comment on CMIS-942 at 8/24/15 11:07 AM:
---
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709097#comment-14709097
]
Donald Kwakkel commented on CMIS-941:
-
Thanks for pointing out it is default disabled (a
[
https://issues.apache.org/jira/browse/CMIS-944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Müller resolved CMIS-944.
-
Resolution: Won't Fix
This class doesn't exist anymore in the next release.
> XML External Entity I
[
https://issues.apache.org/jira/browse/CMIS-943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709093#comment-14709093
]
Donald Kwakkel commented on CMIS-943:
-
Sorry. I removed all *ample* and *est* directorie
[
https://issues.apache.org/jira/browse/CMIS-943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709092#comment-14709092
]
Florian Müller commented on CMIS-943:
-
repository.jsp is sample code and never used in a
[
https://issues.apache.org/jira/browse/CMIS-943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Müller resolved CMIS-943.
-
Resolution: Won't Fix
> Hardcoded Domain in HTML in repository.jsp
> ---
Donald Kwakkel created CMIS-944:
---
Summary: XML External Entity Injection possible in
WebSphereAuthHandler
Key: CMIS-944
URL: https://issues.apache.org/jira/browse/CMIS-944
Project: Chemistry
I
Donald Kwakkel created CMIS-943:
---
Summary: Hardcoded Domain in HTML in repository.jsp
Key: CMIS-943
URL: https://issues.apache.org/jira/browse/CMIS-943
Project: Chemistry
Issue Type: Bug
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709080#comment-14709080
]
Florian Müller commented on CMIS-941:
-
We do security audits, too. ;-)
> XML External E
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709062#comment-14709062
]
Florent Guillaume commented on CMIS-941:
Ah excellent, I was reading the code for 0.
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709010#comment-14709010
]
Florent Guillaume edited comment on CMIS-941 at 8/24/15 10:11 AM:
[
https://issues.apache.org/jira/browse/CMIS-942?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Müller resolved CMIS-942.
-
Resolution: Won't Fix
This is a feature, not a bug. In a productive system it should be turned off.
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709032#comment-14709032
]
Florian Müller commented on CMIS-941:
-
That's already there. The LoggingFilter call the
Donald Kwakkel created CMIS-942:
---
Summary: System Information Leak
Key: CMIS-942
URL: https://issues.apache.org/jira/browse/CMIS-942
Project: Chemistry
Issue Type: Bug
Components: ope
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709010#comment-14709010
]
Florent Guillaume commented on CMIS-941:
Nevertheless, if only to appease code audit
[
https://issues.apache.org/jira/browse/CMIS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Müller resolved CMIS-941.
-
Resolution: Won't Fix
LoggingFilter is a debug tool and should never be used in a productive system.
Donald Kwakkel created CMIS-941:
---
Summary: XML External Entity Injection possible in LoggingFilter
Key: CMIS-941
URL: https://issues.apache.org/jira/browse/CMIS-941
Project: Chemistry
Issue Typ
[
https://issues.apache.org/jira/browse/CMIS-940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14708982#comment-14708982
]
Florian Müller commented on CMIS-940:
-
Yes, they are for basic authentication. But all h
[
https://issues.apache.org/jira/browse/CMIS-940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14708978#comment-14708978
]
Donald Kwakkel commented on CMIS-940:
-
Is this because they are used for basic authentic
[
https://issues.apache.org/jira/browse/CMIS-940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florian Müller resolved CMIS-940.
-
Resolution: Won't Fix
Not fixable. Java APIs such as HttpURLConnection.addRequestProperty() force us
Donald Kwakkel created CMIS-940:
---
Summary: Heap Inspection could reveal passwords
Key: CMIS-940
URL: https://issues.apache.org/jira/browse/CMIS-940
Project: Chemistry
Issue Type: Bug
[
https://issues.apache.org/jira/browse/CMIS-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Donald Kwakkel resolved CMIS-939.
-
Resolution: Invalid
> Cookie Security: Persistent Cookie is used
> -
[
https://issues.apache.org/jira/browse/CMIS-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14708954#comment-14708954
]
Donald Kwakkel commented on CMIS-939:
-
Just found out it is a transaction and not authen
Donald Kwakkel created CMIS-939:
---
Summary: Cookie Security: Persistent Cookie is used
Key: CMIS-939
URL: https://issues.apache.org/jira/browse/CMIS-939
Project: Chemistry
Issue Type: Bug
[
https://issues.apache.org/jira/browse/CMIS-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14708946#comment-14708946
]
Florian Müller commented on CMIS-938:
-
Which index.jsp? There is no JSP file in OpenCMIS
Donald Kwakkel created CMIS-938:
---
Summary: Cross-Site Scripting: Reflected Vulnerability in index.jsp
Key: CMIS-938
URL: https://issues.apache.org/jira/browse/CMIS-938
Project: Chemistry
Issue
33 matches
Mail list logo
