Re: session already invalidate error in Tomact 7.0.22

2014-08-04 Thread saikrishna
Lukasz Lenart apache.org> writes: > > Can you post the whole stacktrace? > > 2014-07-22 13:59 GMT+02:00 saikrishna gmail.com>: > > Hi > > > > I am getting the below error,repeatedly.Kindly adivce me on the soulution. > > > > > > 2

session already invalidate error in Tomact 7.0.22

2014-07-22 Thread saikrishna
at org.apache.catalina.session.StandardSession.getAttribute(StandardSession.java: 1178) Application is deployment in Tomcat.Is the tomcat version a reason for this ? we don't have any login or logout functionality in our application. Appreciate your help!! Thanks Saikr

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
Lukasz Lenart apache.org> writes: > > 2014-07-17 12:30 GMT+02:00 saikrishna gmail.com>: > > production servers are handled by some other team.You want me to recycle the > > servers once ? > > Yes, you should do it as soon as possible - after switching dev

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
Lukasz Lenart apache.org> writes: > > 2014-07-17 12:26 GMT+02:00 saikrishna gmail.com>: > > Even though dev mode is set to false,we are getting errors as above asking us > > to set devmode to false,which is already there. > > > > and both entries are taken

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
Lukasz Lenart apache.org> writes: > > 2014-07-17 12:17 GMT+02:00 saikrishna gmail.com>: > > Sorry,this is an issue from production,where already dev mode is set to false > > in the config files. > > Log entry is from production. > > Which one? Both entri

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
Lukasz Lenart apache.org> writes: > > 2014-07-17 11:31 GMT+02:00 saikrishna gmail.com>: > > 2014-04-18 05:23:12,320 ERROR ParametersInterceptor:34 - Developer > > Notification (set struts.devMode to false to disable this message): > > Unexpected Exception caug

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
Lukasz Lenart apache.org> writes: > > 2014-07-17 11:15 GMT+02:00 saikrishna gmail.com>: > > > > > > > > Lukasz Lenart apache.org> writes: > > > >> > >> This vulnerability was resolved in 2.3.15.1, more details here > >&g

Re: redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-17 Thread saikrishna
mance > > 2014-07-16 17:28 GMT+02:00 saikrishna gmail.com>: > > Hi Getting the below error.Looks like,somebody tried to attack our application > > with a redirect.Below is the log.Please advice. > > > > ParametersInterceptor:34 - Developer Notification (se

redirect vulnerability after upgrading to Struts 2.3.16.2

2014-07-16 Thread saikrishna
Hi Getting the below error.Looks like,somebody tried to attack our application with a redirect.Below is the log.Please advice. ParametersInterceptor:34 - Developer Notification (set struts.devMode to false to disable this message): Unexpected Exception caught setting 'redirect:${#res=#context.g