search

denimgroup / threadfix

ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-date information.
340 stars 127 forks source link

ThreadFix_2.3RC3-Community War.zip Warning Logfile MySQL Configuration #1748

Open cristiano-corrado opened 8 years ago

cristiano-corrado commented 8 years ago

Hello,

I am trying to deploy the ThreadFix_2.3RC3 community the 2.2.7.2 and 2.2.3 work fine with same tomcat7 & mysql configuration, with this release I receive the warning attached from the ChannelVulnerabilityUpdater

threadfix.log.zip

and from the catalina logs INFO: Initializing ProtocolHandler ["http-bio-8080"] but never starts the handler.

Thanks a lot for any suggestions.

Regards,

d-maldonado commented 8 years ago

The included warnings should only result in some unmapped findings. They shouldn't stop ThreadFix from starting.

I would double check your permissions and possibly increase your logging to debug for more information. It is also worth noting that if you are coming from ThreadFix 2.2.x the update process can take a few minutes.

Daniel Maldonado

cristiano-corrado commented 8 years ago

Hello Daniel,

Thanks for the help, set to DEBUG.

the strange thing is that the following is my jdbc.properties :

database settings, this can be the central location for different DB

settings

that are referenced in

/src/main/resources/applicationContext-hibernate.xml.

HSQLDB

jdbc.driverClassName=org.hsqldb.jdbcDriver

jdbc.url=jdbc:hsqldb:/var/lib/tomcat6/database/threadfix

jdbc.username=sa

jdbc.password=

hibernate.dialect=org.hibernate.dialect.HSQLDialect

hibernate.hbm2ddl.auto=update

MYSQL

jdbc.driverClassName=com.mysql.jdbc.Driver jdbc.url=jdbc:mysql://localhost:3306/threadfix?autoReconnect=true&createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=UTF-8&jdbcCompliantTruncation=false jdbc.username= jdbc.password= hibernate.dialect=org.hibernate.dialect.MySQL5Dialect hibernate.hbm2ddl.auto=create

hibernate.show_sql=false hibernate.format_sql=true

Setting the info to DEBUG now in the threadfix log file I see 2016-02-12 16:12:23,714 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB' 2016-02-12 16:12:33,716 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB' 2016-02-12 16:12:43,718 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB' 2016-02-12 16:12:45,845 [DefaultQuartzScheduler_QuartzSchedulerThread] DEBUG org.quartz.core.QuartzSchedulerThread (QuartzSchedulerThread.java:276) - batch acquisition of 0 triggers 2016-02-12 16:12:53,719 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB' 2016-02-12 16:13:03,721 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB' 2016-02-12 16:13:12,832 [DefaultQuartzScheduler_QuartzSchedulerThread] DEBUG org.quartz.core.QuartzSchedulerThread (QuartzSchedulerThread.java:276) - batch acquisition of 0 triggers 2016-02-12 16:13:13,722 [localhost-startStop-1] INFO org.apache.activemq.store.SharedFileLocker (SharedFileLocker.java:58) - Database activemq-data/localhost/KahaDB/lock is locked... waiting 10 seconds for the database to be unlocked. Reason: java.io.IOException: Failed to create directory 'activemq-data/localhost/KahaDB'

Why is still trying for the HSQLDB database?

Thanks a lot for your precious help!

On 9 February 2016 at 23:43, Daniel Maldonado notifications@github.com wrote:

The included warnings should only result in some unmapped findings. They shouldn't stop ThreadFix from starting.

I would double check your permissions and possibly increase https://github.com/denimgroup/threadfix/wiki/Debugging-ThreadFix-Issues#increasing-the-amount-of-logging your logging to debug for more information. It is also worth noting that if you are coming from ThreadFix 2.2.x the update process can take a few minutes.

Daniel Maldonado

— Reply to this email directly or view it on GitHub https://github.com/denimgroup/threadfix/issues/1748#issuecomment-182135413 .

Cristiano Corrado Mobile: +447412608426 Hangout : cristiano.corrado@gmail.com cristiano.corrado@gmail.com Email : cristiano.corrado@gmail.com cristiano.corrado@gmail.com

d-maldonado commented 8 years ago

This is actually related to ActiveMQ, not the database that ThreadFix will use to store data.

You should be able to stop Tomcat/ThreadFix, kill all your java processes, and then restart Tomcat. If you have already done this, let me know.

Daniel M