[
http://jira.magnolia-cms.com/browse/MAGNOLIA-3671?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ondřej Chytil updated MAGNOLIA-3671:
------------------------------------
Description:
I updated to Magnolia 4.4.3, my frontend configuration is clustered, two public
instances.
When the load rises, sometimes this exception below happens. This is
particularly problematic because after the problem the instance is completely
locked, and shows the magnolia login.
This seems to be caused by modification done in MAGNOLIA-3557, that stores the
access count. Doing so for the anonymous user seems to cause concurrent
modification. I'll do further investigation, but this is a real blocking
problem for me because my instances are failing often.
ERROR info.magnolia.cms.security.SystemUserManager 28.04.2011 10:35:53 --
Failed to login as anonymous user
javax.security.auth.login.LoginException: java.lang.RuntimeException:
javax.jcr.InvalidItemStateException:
2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
externally
at
info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:96)
at
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.matchPassword(JCRAuthenticationModule.java:140)
was:
I updated to Magnolia 4.4.3, my frontend configuration is clustered, two public
instances.
When the load rises, sometimes this exception below happens. This is
particularly problematic because after the problem the instance is completely
locked, and shows the magnolia login.
This seems to be caused by modification done in MAGNOLIA-3557, that stores the
access count. Doing so for the anonymous user seems to cause concurrent
modification. I'll do further investigation, but this is a real blocking
problem for me because my instances are failing often.
ERROR info.magnolia.cms.security.SystemUserManager 28.04.2011 10:35:53 --
Failed to login as anonymous user
javax.security.auth.login.LoginException: java.lang.RuntimeException:
javax.jcr.InvalidItemStateException:
2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
externally
at
info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:96)
at
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.matchPassword(JCRAuthenticationModule.java:140)
at
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.validateUser(JCRAuthenticationModule.java:104)
at
info.magnolia.jaas.sp.AbstractLoginModule.login(AbstractLoginModule.java:200)
at sun.reflect.GeneratedMethodAccessor224.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
info.magnolia.cms.security.SystemUserManager.getSubject(SystemUserManager.java:177)
at
info.magnolia.cms.security.SystemUserManager.getRequiredSystemUser(SystemUserManager.java:154)
at
info.magnolia.cms.security.SystemUserManager.getAnonymousUser(SystemUserManager.java:125)
at
info.magnolia.cms.security.Security.getAnonymousUser(Security.java:69)
at
info.magnolia.context.UserContextImpl.getUser(UserContextImpl.java:75)
at info.magnolia.context.MgnlContext.getUser(MgnlContext.java:83)
at
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:88)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:82)
at
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:66)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:105)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:216)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.jcr.InvalidItemStateException:
2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
externally
at org.apache.jackrabbit.core.ItemImpl.save(ItemImpl.java:1124)
at info.magnolia.cms.core.DefaultContent.save(DefaultContent.java:528)
at info.magnolia.cms.util.ContentWrapper.save(ContentWrapper.java:390)
at
info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:94)
... 44 more
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
info.magnolia.cms.security.SystemUserManager.getSubject(SystemUserManager.java:177)
at
info.magnolia.cms.security.SystemUserManager.getRequiredSystemUser(SystemUserManager.java:154)
at
info.magnolia.cms.security.SystemUserManager.getAnonymousUser(SystemUserManager.java:125)
at
info.magnolia.cms.security.Security.getAnonymousUser(Security.java:69)
at
info.magnolia.context.UserContextImpl.getUser(UserContextImpl.java:75)
at info.magnolia.context.MgnlContext.getUser(MgnlContext.java:83)
at
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:88)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:82)
at
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:66)
at
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:88)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:105)
at
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:216)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
> Anonymous user locked under heavy load.
> ---------------------------------------
>
> Key: MAGNOLIA-3671
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-3671
> Project: Magnolia
> Issue Type: Bug
> Components: security
> Affects Versions: 4.4.3
> Reporter: Danilo Ghirardelli
> Assignee: Ondřej Chytil
> Priority: Blocker
> Fix For: 4.4.4
>
> Attachments: JCRAuthenticationModule.java, MgnlUser.java,
> stacktrace.txt
>
>
> I updated to Magnolia 4.4.3, my frontend configuration is clustered, two
> public instances.
> When the load rises, sometimes this exception below happens. This is
> particularly problematic because after the problem the instance is completely
> locked, and shows the magnolia login.
> This seems to be caused by modification done in MAGNOLIA-3557, that stores
> the access count. Doing so for the anonymous user seems to cause concurrent
> modification. I'll do further investigation, but this is a real blocking
> problem for me because my instances are failing often.
> ERROR info.magnolia.cms.security.SystemUserManager 28.04.2011 10:35:53 --
> Failed to login as anonymous user
> javax.security.auth.login.LoginException: java.lang.RuntimeException:
> javax.jcr.InvalidItemStateException:
> 2d78094b-8f7e-4c95-8b1d-22e3dc417c34/{}failedAttempts has been modified
> externally
> at
> info.magnolia.cms.security.MgnlUser.setFailedLoginAttempts(MgnlUser.java:96)
> at
> info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.matchPassword(JCRAuthenticationModule.java:140)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
