I have no clue if a failed password is more likely to cause a problem. My understanding is that the issue below is a bug in the JVM and it only appears when there is heavy contention.
I just checked our logs and in the past 3 months (possibly longer) we've only had it show up once. We generally have a decent number of failed password attempts. We also run under Tomcat though. Cheers, Scott On Wed, May 27, 2009 at 9:16 AM, Andrew Tillinghast <[email protected]>wrote: > > We just went fully live with CAS on JBoss yesterday, clients logging in are > seeing occasional 500 errors, and I saw it once on a start up. Looking > through old list messages it's something that's known but shouldn't come up > under normal loads. I don't believe we're unusually high load, however we > issued a number of new accounts yesterday (freshmen class) and we often have > problems with people not entering their initial passwords correctly. One of > our techs did some testing he was able to get this 500 error but only when > he intentionally mis-entered his password. Is it possible that password fail > is more likely able fail this class? > > > 08:40:18,658 ERROR [[cas]] Servlet.service() for servlet cas threw > exception > java.lang.IllegalAccessException: Class ognl.OgnlRuntime can not access a > member of class > org.springframework.webflow.engine.impl.RequestControlContextImpl with > modifiers "public" > at sun.reflect.Reflection.ensureMemberAccess(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:532) > at ognl.OgnlRuntime.getMethodValue(OgnlRuntime.java:945) > at > ognl.ObjectPropertyAccessor.getPossibleProperty(ObjectPropertyAccessor.java:53) > at > ognl.ObjectPropertyAccessor.getProperty(ObjectPropertyAccessor.java:121) > at ognl.OgnlRuntime.getProperty(OgnlRuntime.java:1657) > at ognl.ASTProperty.getValueBody(ASTProperty.java:92) > at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:170) > at ognl.SimpleNode.getValue(SimpleNode.java:210) > at ognl.ASTChain.getValueBody(ASTChain.java:109) > at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:170) > at ognl.SimpleNode.getValue(SimpleNode.java:210) > at ognl.ASTNotEq.getValueBody(ASTNotEq.java:49) > at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:170) > at ognl.SimpleNode.getValue(SimpleNode.java:210) > at ognl.Ognl.getValue(Ognl.java:333) > at ognl.Ognl.getValue(Ognl.java:310) > at > org.springframework.binding.expression.support.OgnlExpression.evaluate(OgnlExpression.java:72) > at > org.springframework.webflow.engine.support.BooleanExpressionTransitionCriteria.test(BooleanExpressionTransitionCriteria.java:58) > at > org.springframework.webflow.engine.Transition.matches(Transition.java:172) > at > org.springframework.webflow.engine.TransitionSet.getTransition(TransitionSet.java:119) > at > org.springframework.webflow.engine.TransitionableState.getRequiredTransition(TransitionableState.java:78) > at > org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:54) > at org.springframework.webflow.engine.State.enter(State.java:191) > at > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > at > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > at > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > at > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:161) > at org.springframework.webflow.engine.State.enter(State.java:191) > at org.springframework.webflow.engine.Flow.start(Flow.java:521) > at > org.springframework.webflow.engine.impl.RequestControlContextImpl.start(RequestControlContextImpl.java:193) > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:177) > at > org.springframework.webflow.executor.FlowExecutorImpl.launch(FlowExecutorImpl.java:187) > at > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:125) > at > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) > at org.springframework.web.servlet.mvc.AbstractController.handleRequest > (AbstractController.java:153) > at org.springframework. > web.servlet.mvc.SimpleControllerHandlerAdapter.handle > (SimpleControllerHandlerAdapter.java:48) > at org.springframework.web.servlet.DispatcherServlet.doDispatch > (DispatcherServlet.java:875) > at org.springframework.web.servlet.DispatcherServlet.doService > (DispatcherServlet.java:807) > at org.springframework.web.servlet.FrameworkServlet.processRequest > (FrameworkServlet.java:571) > at org.springframework.web.servlet.FrameworkServlet.doGet > (FrameworkServlet.java:501) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.jasig.cas.web.init.SafeDispatcherServlet.service > (SafeDispatcherServlet.java:115) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal > (ClientInfoThreadLocalFilter.java:48) > at org.springframework.web.filter.OncePerRequestFilter.doFilter > (OncePerRequestFilter.java:76) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter > (ReplyHeaderFilter.java:96) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke > (SecurityAssociationValve.java:190) > at org.jboss.web.tomcat.security.JaccContextValve.invoke > (JaccContextValve.java:92) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process > (SecurityContextEstablishmentValve.java:126) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke > (SecurityContextEstablishmentValve.java:70) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke > (CachedConnectionValve.java:158) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436) > at > org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:384) > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Unknown Source) > > > > Andrew Tillinghast > Sr. Web Developer > [email protected] > 270 Mohegan Avenue > New London, CT 06320-4196 > Ph:860 439-5265 Fax: 860 439-2871 > P *Think before you print > ** > *CONFIDENTIALITY: This email (including any attachments) may contain > confidential, > proprietary and privileged information, and unauthorized disclosure or use > is > prohibited. If you received this email in error, please notify the sender > and delete > this email from your system. > > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
<<image.gif>>
