Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-5458

o.s.s.w.a.s.ChangeSessionIdAuthenticationStrategy Your servlet container did not change the session ID when a new session was created. You will not be adequately protected against session-fixation attacks

XMLWordPrintable

    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      It's still possible to see error messages such as:

      2014-11-01 10:08:57,402 WARN  [http-nio-9080-exec-1] *17G4IGOx608x756775x2 1ijresm 121.44.5.154,172.24.36.105,172.24.12.146,172.24.12.181 "GET /rest/api/1.0/projects/BUILDENG/repos/buildeng-puppet/pull-requests HTTP/1.1" o.s.s.w.a.s.ChangeSessionIdAuthenticationStrategy Your servlet container did not change the session ID when a new session was created. You will not be adequately protected against session-fixation attacks

              cszmajda Cristan Szmajda (Inactive)
              cszmajda Cristan Szmajda (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: