On 25/04/07, Murthy Avvari <[EMAIL PROTECTED]> wrote: > Hi, > > I have been trying to fix this specific problem for my client who is using > acegisecurity 1.0.3 for their web aplication running under Tomcat 5.5.x > version. > Here is the problem reproducing sequence. > > 1. Set the session time out to just 1 Minute in Tomcat web xml > configuration. > 2. Go to Login page. Enter Username and password but dont hit the submit > button. > 3. Wait for little over 1 Minute. > 4. Hit the Submit button. > > Now I get the following exception. I am not sure is this the problem in > > 1. Acegisecurity package? > 2. If yes, because The AbstractProcessingFilter is not configured as the > First Filter? > > I really appreciate any help on this please. >
As Ray said, this is unlikely to be an Acegi issue, but I since have a filter sitting around to trace those errors, here it is. Not appropriate for production use, YMMV, etc. It might help track the problem down though. All this does is track down stray writes within your application, and it should be the first filter applied to '/*'. There's other kinds of illegal state, like grabbing the outputstream then the writer for the response, which I'm not tracking here but are easy to find in a similar way. Hope this helps, Baz import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.FilterConfig; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.Filter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; import java.io.ByteArrayOutputStream; import java.io.CharArrayWriter; import java.io.IOException; import java.io.PrintWriter; /** * This class buffers output to a servlet response and attempts to * prevent dodgy write-before-redirect errors. Any attempt to perform something that * would reach an illegal state causes the buffer to be reset and the position of both * the first write and the subsequent illegal operation to be logged. The one exception * is if you do a 'flush()', required for some of the screens that dump logging output. * Those cause the response to be committed early whatever happens. */ public class EarlyWarningFilter implements Filter { private static final Log log = LogFactory.getLog(EarlyWarningFilter.class); public void destroy() {} public void init(FilterConfig filterConfig) {} public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) { InstrumentedResponse instrumentedResponse = new InstrumentedResponse((HttpServletResponse) response); chain.doFilter(request, instrumentedResponse); instrumentedResponse.flush(); } else { chain.doFilter(request, response); } } private static class InstrumentedResponse extends HttpServletResponseWrapper { private InstrumentedPrintWriter writer; private InstrumentedServletOutputStream stream; private boolean committed = false; private IllegalStateException thrown = null; public InstrumentedResponse(HttpServletResponse httpServletResponse) { super(httpServletResponse); } public void sendError(int i, String name) throws IOException { commit(); resetWithWarning("tried to sendError() after write()"); super.sendError(i, name); } private void commit() { if (!committed) { committed = true; thrown = new IllegalStateException("A second call to a commit method occurred, this was first:"); } else { thrown.printStackTrace(); } } public void sendError(int i) throws IOException { commit(); resetWithWarning("tried to sendError() after write()"); super.sendError(i); } public void sendRedirect(String name) throws IOException { commit(); resetWithWarning("tried to sendRedirect() after write()"); super.sendRedirect(name); } public ServletOutputStream getOutputStream() throws IOException { if (stream == null) { stream = new InstrumentedServletOutputStream(super.getOutputStream()); } return stream; } public void reset() { resetWithWarning("Tried to reset() response after write"); super.reset(); } public void resetBuffer() { resetWithWarning("Tried to resetBuffer() response after write (this might be ok!)"); super.resetBuffer(); } public void flushBuffer() throws IOException { commit(); super.flushBuffer(); } public PrintWriter getWriter() throws IOException { if (writer == null) { writer = new InstrumentedPrintWriter(super.getWriter()); } return writer; } private void resetWithWarning(String warning) { if (stream != null) { if (stream.isWritten()) { stream.getThrown().printStackTrace(); new IllegalStateException(warning).printStackTrace(); stream.reset(); stream = null; } } if (writer != null) { if (writer.isWritten()) { writer.getThrown().printStackTrace(); new IllegalStateException(warning).printStackTrace(); writer.reset(); writer = null; } } } public void flush() throws IOException { if (writer != null && writer.written) { commit(); writer.flush(); } if (stream != null && stream.written) { commit(); stream.flush(); } } } private static class InstrumentedPrintWriter extends PrintWriter { private PrintWriter original; private CharArrayWriter buffer; private boolean written = false; private IllegalStateException thrown; protected InstrumentedPrintWriter(PrintWriter original) { super(original); this.original = original; this.buffer = new CharArrayWriter(); } public void close() { original.write(buffer.toCharArray()); buffer.reset(); super.close(); } public void flush() { original.write(buffer.toCharArray()); buffer.reset(); super.flush(); } public boolean isWritten() { return written; } public IllegalStateException getThrown() { return thrown; } public void write(int b) { if (!written) { written = true; thrown = new IllegalStateException("This write may have been too early"); } buffer.write(b); } public void write(char buf[], int off, int len) { if (!written) { written = true; thrown = new IllegalStateException("This write may have been too early"); } buffer.write(buf, off, len); } public void write(String s, int off, int len) { if (!written) { written = true; thrown = new IllegalStateException("This write may have been too early"); } buffer.write(s, off, len); } public void println() { if (!written) { written = true; thrown = new IllegalStateException("This write may have been too early"); } buffer.write('\n'); } public void reset() { buffer.reset(); } } private static class InstrumentedServletOutputStream extends ServletOutputStream { private ServletOutputStream original; private ByteArrayOutputStream buffer; private boolean written = false; private IllegalStateException thrown; protected InstrumentedServletOutputStream(ServletOutputStream original) { this.original = original; this.buffer = new ByteArrayOutputStream(); } public void close() throws IOException { original.write(buffer.toByteArray()); buffer.reset(); super.close(); } public void flush() throws IOException { original.write(buffer.toByteArray()); buffer.reset(); super.flush(); } public boolean isWritten() { return written; } public IllegalStateException getThrown() { return thrown; } public void write(int b) throws IOException { if (!written) { written = true; thrown = new IllegalStateException("This write happened before a redirect"); } buffer.write(b); } public void reset() { buffer.reset(); } } } ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer