Forums

Home » Liferay Portal » English » 3. Development

Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
alen dumas
session problem
December 27, 2017 12:04 AM
Answer

alen dumas

Rank: Junior Member

Posts: 41

Join Date: March 12, 2012

Recent Posts

I use liferay 5.2.3 on jboss 5.1.

I have a big problem with Liferay Sessions i think. It could also be a caching problem.

The problem is that sometimes I can see the dock of another person ( so able to get this very private information ).

meaning Sometimes, an User A see User B's page.

I use proxy in the network in front of the application server.

I'm afraid that this problem is related to security holes all over the place in this version of liferay

Does anybody know this kind of problem
Tomas Polesovsky
RE: session problem
January 5, 2018 6:04 AM
Answer

Tomas Polesovsky

LIFERAY STAFF

Rank: Liferay Master

Posts: 653

Join Date: February 13, 2009

Recent Posts

Hi,

AFAIK there was no such problem that would relate to 5.2.3 security holes.

There were other holes, more important and more devastating compared to this one ;-)

Best,

-- tom +
Olaf Kock
RE: session problem
January 5, 2018 7:05 AM
Answer

Olaf Kock

LIFERAY STAFF

Rank: Liferay Legend

Posts: 4354

Join Date: September 23, 2008

Recent Posts

The mentioned proxy is rather the culprit here. If it's still reproducible without the proxy, then it's Liferay's problem. But the odds are that it's a proxy that is overeagerly caching.

Participate in the State of Liferay Community 2017. Help the community and even win some prizes!