search

denimgroup / threadfix

ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-date information.
340 stars 127 forks source link

waf not work #1142

Open Seguridadmpf opened 9 years ago

Seguridadmpf commented 9 years ago

Good morning I have a problem when generating WAF rules, the ThreadFix does nothing

threadfixwaf

I press the blue button and the application crash I hope you can help me with my problem Regards

macacollins commented 9 years ago

Hello,

If you could look under the cog / View Error Messages and send us the results, we may be able to help you out. Also, what exactly does "the application crash" mean? What do you see in the UI?

Thanks, Mac

Seguridadmpf commented 9 years ago

That same Mac pressed the blue button and the application does nothing, it is blank. I do not have an error message that is the problem!

macacollins commented 9 years ago

image screen shot 2015-05-13 at 10 56 25 am screen shot 2015-05-13 at 10 56 37 am

It's ok that your page doesn't show the error message. We store them and show them on a different page. Please look on the error messages page and send me the results.

Seguridadmpf commented 9 years ago

HTTP Status 500 - Unable to compile class for JSP: An error occurred at line: 1 in the generated java file The type java.util.Map$Entry cannot be resolved. It is indirectly referenced from required .class files Stacktrace:

type Exception report

message Unable to compile class for JSP: An error occurred at line: 1 in the generated java file The type java.util.Map$Entry cannot be resolved. It is indirectly referenced from required .class files Stacktrace:

description The server encountered an internal error (Unable to compile class for JSP: An error occurred at line: 1 in the generated java file The type java.util.Map$Entry cannot be resolved. It is indirectly referenced from required .class files Stacktrace:) that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException: Unable to compile class for JSP:

An error occurred at line: 1 in the generated java file The type java.util.Map$Entry cannot be resolved. It is indirectly referenced from required .class files

Stacktrace: org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:102) org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:331) org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:469) org.apache.jasper.compiler.Compiler.compile(Compiler.java:378) org.apache.jasper.compiler.Compiler.compile(Compiler.java:353) org.apache.jasper.compiler.Compiler.compile(Compiler.java:340) org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:646) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:357) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:168) org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:303) org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1228) org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1011) org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:955) org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:877) org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966) org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:857) javax.servlet.http.HttpServlet.service(HttpServlet.java:621) org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.tuckey.web.filters.urlrewrite.NormalRewrittenUrl.doRewrite(NormalRewrittenUrl.java:213) org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:171) org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389) org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:230) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) com.denimgroup.threadfix.webapp.filter.CsrfPreventionFilter.doFilter(CsrfPreventionFilter.java:241) com.denimgroup.threadfix.webapp.filter.ClickjackHeaderFilter.doFilter(ClickjackHeaderFilter.java:36) com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129) com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118) org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) com.denimgroup.threadfix.webapp.filter.EnterpriseFilter.doFilter(EnterpriseFilter.java:71) com.denimgroup.threadfix.webapp.filter.CacheBustFilter.doFilter(CacheBustFilter.java:68) note The full stack trace of the root cause is available in the Apache Tomcat/7.0.29 logs.

Apache Tomcat/7.0.29

dancornell commented 9 years ago

This may be a Java 1.7 -> Java 1.8 issue

macacollins commented 9 years ago

According to http://stackoverflow.com/questions/19243458/tomcat7-not-compiling-jsp-examples#answer-21322569 this can result from a Java 8 installation used on an outdated Tomcat version.

Can you tell us more about how you're running the code? Did you download the zip build? Are you running ThreadFix from source?