Hi,
I'm new to acegi. I basically followed instructions in "Integrating
Acegi and JSF: Revisited" and used the acegi jsf taglib. Everything
works except I got an exception below. Please take a look. Any
suggestions or hints are welcome.
==== TOMCAT console output and exception stack trace ====
06-02-16 13:41:34 DEBUG ...web.PathBasedFilterInvocationDefinitionMap lookupAttr
ibutes - Converted URL to lowercase, from: '/images/title_bg_bl.jpg'; to: '/imag
es/title_bg_bl.jpg'
06-02-16 13:41:34 DEBUG ...web.PathBasedFilterInvocationDefinitionMap lookupAttr
ibutes - Candidate is: '/images/title_bg_bl.jpg'; pattern is /**; matched=true
06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter - /images/title_bg
_bl.jpg at position 1 of 3 in additional filter chain; firing Filter: 'org.acegi
[EMAIL PROTECTED]'
06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter - /images/title_bg
_bl.jpg at position 2 of 3 in additional filter chain; firing Filter: 'org.acegi
[EMAIL PROTECTED]'
06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter - /images/title_bg
_bl.jpg at position 3 of 3 in additional filter chain; firing Filter: 'org.acegi
[EMAIL PROTECTED]'
06-02-16 13:41:34 DEBUG ...session.HttpSessionEventPublisher sessionCreated - Pu
blishing event: org.acegisecurity.ui.session.HttpSessionCreatedEvent[source=org.
[EMAIL PROTECTED]
06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter - /images/title_bg
_bl.jpg reached end of additional filter chain; proceeding with original chain
2006-2-16 13:41:34 org.apache.jasper.runtime.JspFactoryImpl internalGetPageConte
xt
SEVERE: Exception initializing page context
java.lang.IllegalStateException: Cannot create a session after the response has
been committed
at org.apache.coyote.tomcat5.CoyoteRequest.doGetSession(CoyoteRequest.ja
va:2270)
at org.apache.coyote.tomcat5.CoyoteRequest.getSession(CoyoteRequest.java
:2116)
at org.apache.coyote.tomcat5.CoyoteRequestFacade.getSession(CoyoteReques
tFacade.java:528)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
questWrapper.java:215)
at org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
nHttpRequest.java:518)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
questWrapper.java:215)
at org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
nHttpRequest.java:518)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
questWrapper.java:215)
at org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
nHttpRequest.java:518)
at org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
nHttpRequest.java:465)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
questWrapper.java:223)
at org.apache.jasper.runtime.PageContextImpl._initialize(PageContextImpl
.java:148)
at org.apache.jasper.runtime.PageContextImpl.initialize(PageContextImpl.
java:123)
at org.apache.jasper.runtime.JspFactoryImpl.internalGetPageContext(JspFa
ctoryImpl.java:104)
at org.apache.jasper.runtime.JspFactoryImpl.getPageContext(JspFactoryImp
l.java:61)
at org.apache.jsp.includes.menu_jsp._jspService(menu_jsp.java:33)
It looks like the session is invalidated or for some reason not
available. Therefore, request.getSession() creates a new session which
caused this error.
The response jsp page snippet: (menu.jsp found in the stacktrace is
called by the tiles template)
<acegijsf:authorize ifAnyGranted="ROLE_ADMIN">
<tiles:insert definition="tiles.default.layout" flush="true">
<tiles:put name="body" beanName="bodyfile"/>
</tiles:insert>
</acegijsf:authorize>
If I directly put '<%=request.getSession().getAttribute("abc")%>'
inside acegijsf tag, no error is thrown.
==== My environment ====
Java 1.5.0_06
Tomcat 5.0.30
acegi 1.0.0RC2
spring 1.2.5
jsf referene implementation
==== applicationContext-acegi.xml ====
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING/DTD BEAN/EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<beans>
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter
</value>
</property>
</bean>
<!-- The first item in the Chain: httpSessionContextIntegrationFilter
-->
<bean id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
</bean>
<!-- the second item in the chain: authenticationProcessingFilter -->
<bean id="authenticationProcessingFilter"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/loginerror.jsf</value>
</property>
<property name="defaultTargetUrl">
<value>/center.jsf?bodyfile=pages/UserTable.jsp</value>
</property>
<property name="alwaysUseDefaultTargetUrl">
<value>true</value>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_security_check</value>
</property>
</bean>
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="daoAuthenticationProvider"
class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="userDao"/>
</property>
</bean>
<bean id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key">
<value>foobar</value>
</property>
</bean>
<!-- the third item in the chain: anonymousProcessingFilter -->
<bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key">
<value>foobar</value>
</property>
<property name="userAttribute">
<value>anonymousUser,ROLE_ANONYMOUS</value>
</property>
</bean>
<bean id="authenticationProcessingFilterEntryPoint"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl">
<value>/login.jsf</value>
</property>
<property name="forceHttps">
<value>false</value>
</property>
</bean>
<!-- Done with the chain -->
<!-- Automatically receives AuthenticationEvent messages -->
<bean id="loggerListener"
class="org.acegisecurity.event.authentication.LoggerListener"/>
</beans>
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
