This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:CSRF Guard

From OWASP
Revision as of 19:25, 20 April 2007 by Leiolay (talk | contribs) (Having hard time to get it working with Weblogic 8.1)

Jump to: navigation, search

Should this be in the Countermeasure category and listed on https://www.owasp.org/index.php/Category:Countermeasure?

Absolutely - fixed

Having hard time to get it working with Weblogic 8.1

I tried it out. For some reason, I always get this following statck trace. Could you please help?

java.lang.IllegalStateException: response already committed

       at weblogic.servlet.jsp.JspWriterImpl.clear(JspWriterImpl.java:85)
       at jsp_servlet.__welcome._jspService(__welcome.java:2310)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
       at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run

(ServletStubImpl.java:996)

       at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm

pl.java:419)

       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja

va:27)

       at org.owasp.csrf.CSRFGuard.doChain(CSRFGuard.java:96)
       at org.owasp.csrf.CSRFGuard.doFilter(CSRFGuard.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja

va:27)

       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio

n.run(WebAppServletContext.java:6458)

       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate

dSubject.java:321)

       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:

118)

       at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe

rvletContext.java:3661)

       at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm

pl.java:2630)

       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)