[
https://issues.apache.org/jira/browse/SLING-7152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16188115#comment-16188115
]
Antonio Sanso commented on SLING-7152:
--------------------------------------
{code}
Index:
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/AbstractWebConsoleSecurityProvider.java
===================================================================
---
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/AbstractWebConsoleSecurityProvider.java
(revision 1810355)
+++
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/AbstractWebConsoleSecurityProvider.java
(working copy)
@@ -23,8 +23,12 @@
import java.util.Dictionary;
import java.util.HashSet;
import java.util.Set;
-
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletRequestEvent;
+import javax.servlet.ServletRequestListener;
import org.apache.felix.webconsole.WebConsoleSecurityProvider;
+import org.apache.sling.api.resource.ResourceResolver;
+import org.apache.sling.auth.core.AuthenticationSupport;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedService;
import org.slf4j.Logger;
@@ -35,7 +39,7 @@
* It handles the configuration of the service.
*/
public abstract class AbstractWebConsoleSecurityProvider
- implements WebConsoleSecurityProvider, ManagedService {
+ implements WebConsoleSecurityProvider, ManagedService,
ServletRequestListener {
// name of the property providing list of authorized users
private static final String PROP_USERS = "users";
@@ -86,4 +90,19 @@
}
return groups;
}
+
+ @Override
+ public void requestDestroyed(ServletRequestEvent sre) {
+ ServletRequest request = sre.getServletRequest();
+ Object resolverAttr =
request.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
+ if (resolverAttr instanceof ResourceResolver) {
+ ((ResourceResolver) resolverAttr).close();
+
request.removeAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
+ }
+ }
+
+ @Override
+ public void requestInitialized(ServletRequestEvent sre) {
+ //nothing to do
+ }
}
Index:
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
===================================================================
---
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
(revision 1810355)
+++
src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
(working copy)
@@ -22,7 +22,7 @@
import java.util.Dictionary;
import java.util.Hashtable;
import java.util.concurrent.atomic.AtomicBoolean;
-
+import javax.servlet.ServletRequestListener;
import org.apache.felix.webconsole.WebConsoleSecurityProvider;
import org.apache.sling.launchpad.api.StartupListener;
import org.apache.sling.launchpad.api.StartupMode;
@@ -171,7 +171,7 @@
props.put(Constants.SERVICE_DESCRIPTION, "Apache Sling Web Console
Security Provider 2");
props.put(Constants.SERVICE_VENDOR, "The Apache Software Foundation");
this.provider2Reg = this.bundleContext.registerService(
- new String[] {ManagedService.class.getName(),
WebConsoleSecurityProvider.class.getName()},
+ new String[] {ManagedService.class.getName(),
WebConsoleSecurityProvider.class.getName(),
ServletRequestListener.class.getName()},
new SlingWebConsoleSecurityProvider2(authSupport,
authenticator), props);
this.registrationState = State.PROVIDER2;
}
@@ -182,7 +182,7 @@
props.put(Constants.SERVICE_DESCRIPTION, "Apache Sling Web Console
Security Provider");
props.put(Constants.SERVICE_VENDOR, "The Apache Software Foundation");
this.providerReg = this.bundleContext.registerService(
- new String[] {ManagedService.class.getName(),
WebConsoleSecurityProvider.class.getName()}, new
SlingWebConsoleSecurityProvider(repository), props);
+ new String[] {ManagedService.class.getName(),
WebConsoleSecurityProvider.class.getName(),
ServletRequestListener.class.getName()}, new
SlingWebConsoleSecurityProvider(repository), props);
this.registrationState = State.PROVIDER;
}
{code}
attaching path. [~cziegeler] WDYT?
> Unclosed ResourceResolver in
> org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2
> -----------------------------------------------------------------------------------------------------------------------------
>
> Key: SLING-7152
> URL: https://issues.apache.org/jira/browse/SLING-7152
> Project: Sling
> Issue Type: Bug
> Components: Extensions
> Reporter: Antonio Sanso
> Assignee: Antonio Sanso
> Priority: Minor
>
> The SlingWebConsoleSecurityProvider it is handling the authentication but it
> is not registering a servlet request listener to close the session at the end
> of the request.
> {noformat}
> 15.09.2017 18:07:59.044 *INFO* [Apache Sling Resource Resolver Finalizer
> Thread]
> org.apache.sling.resourceresolver.impl.CommonResourceResolverFactoryImpl
> Unclosed ResourceResolver was created here:
> java.lang.Exception: Opening Stacktrace
> at
> org.apache.sling.resourceresolver.impl.CommonResourceResolverFactoryImpl$ResolverReference.<init>(CommonResourceResolverFactoryImpl.java:521)
> at
> org.apache.sling.resourceresolver.impl.CommonResourceResolverFactoryImpl.register(CommonResourceResolverFactoryImpl.java:218)
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.<init>(ResourceResolverImpl.java:101)
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.<init>(ResourceResolverImpl.java:94)
> at
> org.apache.sling.resourceresolver.impl.CommonResourceResolverFactoryImpl.getResourceResolverInternal(CommonResourceResolverFactoryImpl.java:263)
> at
> org.apache.sling.resourceresolver.impl.CommonResourceResolverFactoryImpl.getResourceResolver(CommonResourceResolverFactoryImpl.java:173)
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverFactoryImpl.getResourceResolver(ResourceResolverFactoryImpl.java:105)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.getResolver(SlingAuthenticator.java:791)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:506)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:460)
> at
> org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2.authenticate(SlingWebConsoleSecurityProvider2.java:69)
> at
> org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:103)
> at
> org.apache.felix.http.base.internal.service.ServletContextImpl.handleSecurity(ServletContextImpl.java:421)
> at
> org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:57)
> at
> org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:128)
> at
> org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet.java:49)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
> at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
> at org.eclipse.jetty.server.Server.handle(Server.java:499)
> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
> at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
> at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
> at java.lang.Thread.run(Thread.java:745)
> {noformat}
> We should add this.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
