https://bz.apache.org/bugzilla/show_bug.cgi?id=66676
Georg F. <magicb...@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW --- Comment #2 from Georg F. <magicb...@gmx.de> --- Hey Mark, thanks for looking into it. I think the problem still exists in the latest 10.1.x branch on GitHub. Let me explain the problem step by step from the code on GitHub: * When the WebSocket is closed the WebSocket tries to send the close message via https://github.com/apache/tomcat/blob/8b1833f75bfce59a05791dede5eb9904b51da3da/java/org/apache/tomcat/websocket/WsSession.java#L718 * This in turn will try to send the message parts via https://github.com/apache/tomcat/blob/b9a8bd4fdaf31b0cc08cc72f95c802d35bb885f2/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java#L311 * Unfortunately this may fail for whatever reason which then ends up in closing the session via https://github.com/apache/tomcat/blob/b9a8bd4fdaf31b0cc08cc72f95c802d35bb885f2/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java#L322 * The problem is now that the session now got to a "CLOSED" state, but when returning from these methods we end up in https://github.com/apache/tomcat/blob/8b1833f75bfce59a05791dede5eb9904b51da3da/java/org/apache/tomcat/websocket/WsSession.java#L734 which tries to get the user principal on the closed session which is forbidden. * And so another exception is thrown which overrules the previous one and shows this confusing message. I hope that helps. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org