CAPTCHA renderer throws exception when session is missing
---------------------------------------------------------
Key: TOMAHAWK-1469
URL: https://issues.apache.org/jira/browse/TOMAHAWK-1469
Project: MyFaces Tomahawk
Issue Type: Bug
Components: Captcha
Affects Versions: 1.1.9
Environment: Not relevant
Reporter: Igor Spac
CAPTCHARenderer.renderCAPTCHA throws exception in case session is missing. This
happens because session attribute is set after the image being rendered. The
fix would involve setting the attribute before rendering the image.
Full stack trace:
java.lang.IllegalStateException: Cannot create a session after the response has
been committed
at org.apache.catalina.connector.Request.doGetSession(Request.java:2221)
at org.apache.catalina.connector.Request.getSession(Request.java:2031)
at
org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction.run(RequestFacade.java:196)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:830)
at
org.apache.myfaces.context.servlet.SessionMap.setAttribute(SessionMap.java:56)
at
org.apache.myfaces.util.AbstractAttributeMap.put(AbstractAttributeMap.java:105)
at
org.apache.myfaces.util.AbstractAttributeMap.put(AbstractAttributeMap.java:38)
at
org.apache.myfaces.custom.captcha.CAPTCHARenderer.renderCAPTCHA(CAPTCHARenderer.java:207)
at
org.apache.myfaces.custom.captcha.CAPTCHARenderer.serveResource(CAPTCHARenderer.java:159)
at
org.apache.myfaces.renderkit.html.util.NonBufferingAddResource.serveResource(NonBufferingAddResource.java:544)
at
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:268)
at sun.reflect.GeneratedMethodAccessor244.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilterChain.java:192)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:595)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
