gpt4 book ai didi

coldfusion - "ESAPI.properties could not be loaded by any means. fail."导致 "Could not initialize class coldfusion.security.ESAPIUtils"

转载 作者:行者123 更新时间:2023-12-03 09:33:12 25 4
gpt4 key购买 nike

我有两台服务器——一台生产和一台开发——在 Windows Server 2008 R2 上的 IIS 7.5 上运行 ColdFusion 9.0.1。两者配置相同。我们遇到了一个暂时性问题,经过数周到数月的正常运行时间后,站点的某些部分(特别是 CFIDE 管理员门户和任何带有 cfwindow 标记的页面)将开始在日志。

基于 some recommendations几个月前我卸载并重新安装了所有的修补程序,五次检查我是否以正确的顺序应用它们并遵循正确的说明集。

这并没有解决问题,但是当我梳理日志文件时,我注意到在 jRun 重新启动后,另一个与 ESAPI 相关的错误(“ESAPI.properties 无法以任何方式加载。失败。”)出现在日志中。我尝试添加 following declarationjava.argsjvm.config :

-Dorg.owasp.esapi.resources=E:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib

这似乎解决了几个月的问题。没有错误,一切正常。然后,昨天生产服务器再次开始抛出错误。我尝试重新启动 JRun 并重新启动服务器,但错误仍然存​​在。开发服务器完全没问题。

我尝试创建一个仅实例化和 cfdumps ESAPIUtils 实例的脚本。在 dev 上,它转储有关对象的元数据;在生产中,页面导致错误。

近一年来,我一直在与这个问题作斗争。有时它会在几天后自行解决,有时它会持续数周。我还没有想出一种方法来“诱导”这种情况,所以我们被无法测试的“修复”困住了,这些“修复”似乎可以工作一段时间,然后就没有了。

这似乎完全无关紧要,但我们已经有了内置 IsImageFile() 的实例。对于有效图像,函数返回 false。 IsImageFile() 的怪异似乎在“无法初始化类coldfusion.security.ESAPIUtils”疯狂开始之前就开始了。

以下是服务器版本:
ColdFusion Version: 9,0,1,274733
Operating System: Windows Server 2008 R2 amd64 6.1
Web Server Software: Microsoft-IIS/7.5
Java JVM: 1.8.0_05 Oracle Corporation
JEE Server: JRun/4.0
Security Hotfixes (9.0.1): APSB13-27, APSB13-19, APSB13-13, APSB13-10, ColdFusion 9.0.1 Cumulative Hotfix 4 (APSB13-03, APSB12-26, APSB12-21, APSB12-06, APSB11-29, APSB11-14, APSB11-04, APSB10-18), ColdFusion 9.0.1 Cumulative Hotfix 3, ColdFusion 9.0.1 Cumulative Hotfix 2, ColdFusion 9.0.1 Cumulative Hotfix 1
Connectors: JRun IIS 64 Bit Connector (Build 108858)

以及来自 cfusion-out.log 的堆栈跟踪:
08/27 11:37:52 Error [jrpp-58] - Could not initialize class     08/27 11:37:52 Error [jrpp-58] - Could not initialize class coldfusion.security.ESAPIUtils The specific sequence of files included or processed is: E:\web\cfadmin\webroot\CFIDE\administrator\index.cfm, line: 30
08/27 11:37:52 error ROOT CAUSE:
java.lang.NoClassDefFoundError: Could not initialize class coldfusion.security.ESAPIUtils
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at coldfusion.runtime.java.JavaProxy.invoke(JavaProxy.java:97)
at coldfusion.runtime.CfJspPage._invoke(CfJspPage.java:2360)
at cflogin2ecfm1599616868.runPage(C:\work\ColdFusion\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\login.cfm:30)
at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:231)
at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:416)
at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2722)
at cfApplication2ecfm1920815415._factor5(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:210)
at cfApplication2ecfm1920815415._factor9(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:202)
at cfApplication2ecfm1920815415.runPage(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:1)
at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:231)
at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:416)
at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
at coldfusion.filter.CfincludeFilter.include(CfincludeFilter.java:33)
at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:297)
at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:48)
at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)
at coldfusion.filter.PathFilter.invoke(PathFilter.java:94)
at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70)
at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46)
at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62)
at coldfusion.CfmServlet.service(CfmServlet.java:201)
at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
at jrun.servlet.FilterChain.doFilter(FilterChain.java:86)
at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)
at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)
at jrun.servlet.FilterChain.service(FilterChain.java:101)
at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)
at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)
at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)
at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)
at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)
at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)
javax.servlet.ServletException: ROOT CAUSE:
java.lang.NoClassDefFoundError: Could not initialize class coldfusion.security.ESAPIUtils
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at coldfusion.runtime.java.JavaProxy.invoke(JavaProxy.java:97)
at coldfusion.runtime.CfJspPage._invoke(CfJspPage.java:2360)
at cflogin2ecfm1599616868.runPage(C:\work\ColdFusion\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\login.cfm:30)
at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:231)
at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:416)
at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2722)
at cfApplication2ecfm1920815415._factor5(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:210)
at cfApplication2ecfm1920815415._factor9(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:202)
at cfApplication2ecfm1920815415.runPage(C:\work\cf9_u1_final_hotfix\cfusion\wwwroot\CFIDE\administrator\Application.cfm:1)
at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:231)
at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:416)
at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
at coldfusion.filter.CfincludeFilter.include(CfincludeFilter.java:33)
at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:297)
at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:48)
at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)
at coldfusion.filter.PathFilter.invoke(PathFilter.java:94)
at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70)
at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46)
at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62)
at coldfusion.CfmServlet.service(CfmServlet.java:201)
at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
at jrun.servlet.FilterChain.doFilter(FilterChain.java:86)
at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)
at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)
at jrun.servlet.FilterChain.service(FilterChain.java:101)
at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)
at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)
at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)
at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)
at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)
at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)
at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:70)
at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)
at jrun.servlet.FilterChain.service(FilterChain.java:101)
at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)
at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)
at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)
at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)
at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)
at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)

最佳答案

为每个沙箱的 \lib 目录中的 esapi.properties 文件添加文件读取权限。如果您无法访问 CF 管理控制台,请在 \lib 目录中的 neo-security.xml 中手动添加此权限。

关于coldfusion - "ESAPI.properties could not be loaded by any means. fail."导致 "Could not initialize class coldfusion.security.ESAPIUtils",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25533336/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com