Marvin,
I guess I'm confused because I thought the response would not start until
all filters in the chain were processed. What am I missing here?
In my web.xml this is the last filter I have defined which may explain the
issue if others can cause the filter chain to end early.
> edu.denison.cas.web.filter.**PurgeModAuthCasCookiesFilter.**doFilter(**
> PurgeModAuthCasCookiesFilter.**java:96)
I based the filter to purge MOD_AUTH_CAS cookies on the
VT GetSessionCookieFilter and I have mapped /login to both filters:
>
> edu.vt.middleware.cas.web.filter.GetSessionCookieFilter.doFilter(GetSessionCookieFilter.java:112)
Is this simply an ordering problem or do I have some something fundamental
wrong? Let me know if you need anything else from me to help get to the
bottom of this issue.
Here is the filter code:
/**
* Examines the request for mod_auth_cas session cookies.
*
* @param servletRequest Servlet request.
* @param servletResponse Servlet response.
* @param filterChain Filter chain.
*
* @throws IOException On IO errors.
* @throws ServletException On servlet errors.
*/
public void doFilter(
final ServletRequest servletRequest,
final ServletResponse servletResponse,
final FilterChain filterChain)
throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse)
servletResponse;
/** Look through all the cookies comparing by supplied prefix */
final Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie c : cookies) {
/** delete any mod_auth_cas cookies */
if ((c.getName()).startsWith(modAuthCasCookiePrefix)) {
c.setMaxAge(0);
c.setPath("/");
c.setDomain(".denison.edu");
c.setSecure(true);
response.addCookie(c);
}
}
}
filterChain.doFilter(servletRequest, servletResponse);
}
And here is the web.xml invocation:
<filter>
<filter-name>PurgeModAuthCasCookiesFilter</filter-name>
<filter-class>edu.denison.cas.web.filter.PurgeModAuthCasCookiesFilter</filter-class>
<init-param>
<param-name>modAuthCasCookiePrefix</param-name>
<param-value>MOD_AUTH_CAS</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>PurgeModAuthCasCookiesFilter</filter-name>
<url-pattern>/login</url-pattern>
</filter-mapping>
Thanks for your help,
-Michael
On Fri, Oct 4, 2013 at 9:18 AM, Marvin S. Addison
<[email protected]>wrote:
> I'm seeing this error sporadically as well. I don't see anything
>> relevant in catalina.out but these seem to correlate to failed POSTs to
>> /cas/login with SAML requests.
>>
>
> I believe this error is something related to your application or
> environment specifically.
>
>
> Sep 23, 2013 6:32:13 PM org.apache.catalina.core.**StandardWrapperValve
>> invoke
>> SEVERE: Servlet.service() for servlet cas threw exception
>> java.lang.**IllegalStateException: Cannot create a session after the
>> response has been committed
>>
>
> The fundamental limitation here is that you can't set headers (i.e.
> Set-Cookie) after the container begins writing the HTTP response stream to
> the client.
>
> edu.denison.cas.web.filter.**PurgeModAuthCasCookiesFilter.**doFilter(**
>> PurgeModAuthCasCookiesFilter.**java:96)
>>
>
> Ah, what's this? Bet that's the culprit.
>
>
> M
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user>
>
--
Michael Herring
Information Technology Services
Web Developer
Denison University
740-587-6360
[email protected]
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
