Anonymous user locked under heavy load.
---------------------------------------
Key: MAGNOLIA-3671
URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-3671
Project: Magnolia
Issue Type: Bug
Components: security
Affects Versions: 4.4.3
Reporter: Danilo Ghirardelli
Assignee: Philipp Bärfuss
Priority: Blocker
I updated to Magnolia 4.4.3, my frontend configuration is clustered, two public
instances.
When the load rises, sometimes this exception below happens. This is
particularly problematic because after the problem the instance is completely
locked, and shows the magnolia login.
This seems to be caused by modification done in MAGNOLIA-3557, that stores the
access count. Doing so for the anonymous user seems to cause concurrent
modification. I'll do further investigation, but this is a real blocking
problem for me because my instances are failing often.
ERROR info.magnolia.cms.security.SystemUserManager 28.04.2011 10:35:53 --
Failed to login as anonymous user
javax.security.auth.login.LoginException: java.lang.RuntimeException:
javax.jcr.InvalidItemStateException:
2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
externally
at
info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:96)
at
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.matchPassword(JCRAuthenticationModule.java:140)
at
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.validateUser(JCRAuthenticationModule.java:104)
at
info.magnolia.jaas.sp.AbstractLoginModule.login(AbstractLoginModule.java:200)
at sun.reflect.GeneratedMethodAccessor224.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
info.magnolia.cms.security.SystemUserManager.getSubject(SystemUserManager.java:177)
at
info.magnolia.cms.security.SystemUserManager.getRequiredSystemUser(SystemUserManager.java:154)
at
info.magnolia.cms.security.SystemUserManager.getAnonymousUser(SystemUserManager.java:125)
at
info.magnolia.cms.security.Security.getAnonymousUser(Security.java:69)
at
info.magnolia.context.UserContextImpl.getUser(UserContextImpl.java:75)
at info.magnolia.context.MgnlContext.getUser(MgnlContext.java:83)
at
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:88)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:82)
at
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:66)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:105)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:216)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.jcr.InvalidItemStateException:
2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
externally
at org.apache.jackrabbit.core.ItemImpl.save(ItemImpl.java:1124)
at info.magnolia.cms.core.DefaultContent.save(DefaultContent.java:528)
at info.magnolia.cms.util.ContentWrapper.save(ContentWrapper.java:390)
at
info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:94)
... 44 more
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
info.magnolia.cms.security.SystemUserManager.getSubject(SystemUserManager.java:177)
at
info.magnolia.cms.security.SystemUserManager.getRequiredSystemUser(SystemUserManager.java:154)
at
info.magnolia.cms.security.SystemUserManager.getAnonymousUser(SystemUserManager.java:125)
at
info.magnolia.cms.security.Security.getAnonymousUser(Security.java:69)
at
info.magnolia.context.UserContextImpl.getUser(UserContextImpl.java:75)
at info.magnolia.context.MgnlContext.getUser(MgnlContext.java:83)
at
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:88)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:82)
at
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:66)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:105)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:216)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
