Please forget it. I've figured out that I do have session.invalidate()
somewhere in a called jsp file.
> Hi,
> I'm new to acegi. I basically followed instructions in "Integrating
> Acegi and JSF: Revisited" and used the acegi jsf taglib. Everything
> works except I got an exception below. Please take a look. Any
> suggestions or hints are welcome.
> ==== TOMCAT console output and exception stack trace ====
> 06-02-16 13:41:34 DEBUG
> ...web.PathBasedFilterInvocationDefinitionMap lookupAttr
> ibutes - Converted URL to lowercase, from:
> '/images/title_bg_bl.jpg'; to: '/imag
> es/title_bg_bl.jpg'
> 06-02-16 13:41:34 DEBUG
> ...web.PathBasedFilterInvocationDefinitionMap lookupAttr
> ibutes - Candidate is: '/images/title_bg_bl.jpg'; pattern is /**; matched=true
> 06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter -
> /images/title_bg
> _bl.jpg at position 1 of 3 in additional filter chain; firing Filter:
> 'org.acegi
> [EMAIL PROTECTED]'
> 06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter -
> /images/title_bg
> _bl.jpg at position 2 of 3 in additional filter chain; firing Filter:
> 'org.acegi
> [EMAIL PROTECTED]'
> 06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter -
> /images/title_bg
> _bl.jpg at position 3 of 3 in additional filter chain; firing Filter:
> 'org.acegi
> [EMAIL PROTECTED]'
> 06-02-16 13:41:34 DEBUG ...session.HttpSessionEventPublisher sessionCreated -
> Pu
> blishing event:
> org.acegisecurity.ui.session.HttpSessionCreatedEvent[source=org.
> [EMAIL PROTECTED]
> 06-02-16 13:41:34 DEBUG ...util.FilterChainProxy doFilter -
> /images/title_bg
> _bl.jpg reached end of additional filter chain; proceeding with original chain
> 2006-2-16 13:41:34 org.apache.jasper.runtime.JspFactoryImpl
> internalGetPageConte
> xt
> SEVERE: Exception initializing page context
> java.lang.IllegalStateException: Cannot create a session after the response
> has
> been committed
> at
> org.apache.coyote.tomcat5.CoyoteRequest.doGetSession(CoyoteRequest.ja
> va:2270)
> at
> org.apache.coyote.tomcat5.CoyoteRequest.getSession(CoyoteRequest.java
> :2116)
> at
> org.apache.coyote.tomcat5.CoyoteRequestFacade.getSession(CoyoteReques
> tFacade.java:528)
> at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
> questWrapper.java:215)
> at
> org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
> nHttpRequest.java:518)
> at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
> questWrapper.java:215)
> at
> org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
> nHttpRequest.java:518)
> at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
> questWrapper.java:215)
> at
> org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
> nHttpRequest.java:518)
> at
> org.apache.catalina.core.ApplicationHttpRequest.getSession(Applicatio
> nHttpRequest.java:465)
> at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRe
> questWrapper.java:223)
> at
> org.apache.jasper.runtime.PageContextImpl._initialize(PageContextImpl
> .java:148)
> at
> org.apache.jasper.runtime.PageContextImpl.initialize(PageContextImpl.
> java:123)
> at
> org.apache.jasper.runtime.JspFactoryImpl.internalGetPageContext(JspFa
> ctoryImpl.java:104)
> at
> org.apache.jasper.runtime.JspFactoryImpl.getPageContext(JspFactoryImp
> l.java:61)
> at
> org.apache.jsp.includes.menu_jsp._jspService(menu_jsp.java:33)
> It looks like the session is invalidated or for some reason not
> available. Therefore, request.getSession() creates a new session which
> caused this error.
> The response jsp page snippet: (menu.jsp found in the stacktrace is
> called by the tiles template)
> <acegijsf:authorize ifAnyGranted="ROLE_ADMIN">
> <tiles:insert definition="tiles.default.layout" flush="true">
> <tiles:put name="body" beanName="bodyfile"/>
> </tiles:insert>
> </acegijsf:authorize>
> If I directly put '<%=request.getSession().getAttribute("abc")%>'
> inside acegijsf tag, no error is thrown.
> ==== My environment ====
> Java 1.5.0_06
> Tomcat 5.0.30
> acegi 1.0.0RC2
> spring 1.2.5
> jsf referene implementation
> ==== applicationContext-acegi.xml ====
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE beans PUBLIC "-//SPRING/DTD BEAN/EN"
> "http://www.springframework.org/dtd/spring-beans.dtd";>
> <beans>
> <bean id="filterChainProxy"
> class="org.acegisecurity.util.FilterChainProxy">
> <property name="filterInvocationDefinitionSource">
> <value>
>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
>
> /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter
> </value>
> </property>
> </bean>
> <!-- The first item in the Chain:
> httpSessionContextIntegrationFilter -->
> <bean id="httpSessionContextIntegrationFilter"
>
> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
> </bean>
> <!-- the second item in the chain:
> authenticationProcessingFilter -->
> <bean id="authenticationProcessingFilter"
>
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> <property name="authenticationFailureUrl">
> <value>/loginerror.jsf</value>
> </property>
> <property name="defaultTargetUrl">
>
> <value>/center.jsf?bodyfile=pages/UserTable.jsp</value>
> </property>
> <property name="alwaysUseDefaultTargetUrl">
> <value>true</value>
> </property>
> <property name="filterProcessesUrl">
> <value>/j_acegi_security_check</value>
> </property>
> </bean>
> <bean id="authenticationManager"
> class="org.acegisecurity.providers.ProviderManager">
> <property name="providers">
> <list>
> <ref
> bean="daoAuthenticationProvider"/>
> <ref
> local="anonymousAuthenticationProvider"/>
> </list>
> </property>
> </bean>
> <bean id="daoAuthenticationProvider"
> class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
> <property name="userDetailsService">
> <ref bean="userDao"/>
> </property>
> </bean>
> <bean id="anonymousAuthenticationProvider"
>
> class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
> <property name="key">
> <value>foobar</value>
> </property>
> </bean>
> <!-- the third item in the chain: anonymousProcessingFilter -->
> <bean id="anonymousProcessingFilter"
>
> class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
> <property name="key">
> <value>foobar</value>
> </property>
> <property name="userAttribute">
> <value>anonymousUser,ROLE_ANONYMOUS</value>
> </property>
> </bean>
> <bean id="authenticationProcessingFilterEntryPoint"
>
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
> <property name="loginFormUrl">
> <value>/login.jsf</value>
> </property>
> <property name="forceHttps">
> <value>false</value>
> </property>
> </bean>
> <!-- Done with the chain -->
> <!-- Automatically receives AuthenticationEvent messages -->
> <bean id="loggerListener"
> class="org.acegisecurity.event.authentication.LoggerListener"/>
> </beans>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
> for problems? Stop! Download the new AJAX search engine that makes
> searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
