Hi Senaka, I didnt get a chance to look into this yet. I am engaged in fixing some security issue. Can someone else please look into this ? My suggestion is to disable session persistence.
Thanks AmilaJ On Sun, May 27, 2012 at 2:55 PM, Senaka Fernando <[email protected]> wrote: > Hi AmilaJ, > > What's the status of this? There are multiple issues reported due to this. > If this is something that is hard to fix, can we preserve the behavior we > had during the last release? > > Thanks, > Senaka. > > > On Fri, May 18, 2012 at 9:14 PM, Senaka Fernando <[email protected]> wrote: >> >> Hi AmilaJ, >> >> When someone logs in, there are certain objects that are created within >> the authentication framework. Can we ensure that these are regenerated? We >> might be able to eliminate most issues in this way. >> >> Also, the UI framework overrides the session object IIRC (I might be >> mistaken, but IIRC it was done this way for some reason). So, if we can >> print a warning for each non-serializable object that is stored on the HTTP >> session for a short period (we will get rid of that before the release of >> course), people can easily fix the UI components too. We probably can make >> good progress in going ahead with option #1 in that way. >> >> WDYT? >> >> Thanks, >> Senaka. >> >> >> On Fri, May 18, 2012 at 3:25 PM, Amila Suriarachchi <[email protected]> >> wrote: >>> >>> >>> >>> On Fri, May 18, 2012 at 3:10 PM, Amila Jayasekara <[email protected]> >>> wrote: >>>> >>>> Inorder for this to work we need to make sure all our user interfaces >>>> are aware about session persistence. Currently we have JSP pages where >>>> we set certain non-serializable objects to session and access them in >>>> subsequent pages. So if we are at a page where object is accessed and >>>> if we try to access the page after a restart we might face issues (as >>>> expected objects are not found in the sessio >>>> >>>> Thilina also reported several similar issues. >>>> >>>> We have 2 solutions for this. >>>> >>>> 1. Make sure all JSPs are aware about session persistence. i.e. if a >>>> JSP or UI component doesnt find a necessary object in session it has >>>> to execute some code to initialize the object and carry on processing >>>> - This might be tedious as we need to go through all UI/JSP components >>>> to find such occurrences. >>>> >>>> 2. Disable session persistence and make the system re-direct to login >>>> page during authentication - This is what we had in earlier releases. >>> >>> >>> if there was a reason to change this? if not better to use this since >>> that worked fine for last builds. >>> >>> thanks, >>> Amila. >>>> >>>> >>>> So what is the best option to solve this issue ? >>>> >>>> Thanks >>>> AmilaJ >>>> >>>> On Fri, May 18, 2012 at 2:58 PM, Shammi Jayasinghe <[email protected]> >>>> wrote: >>>> > >>>> > >>>> > On Fri, May 18, 2012 at 2:27 PM, Shammi Jayasinghe <[email protected]> >>>> > wrote: >>>> >> >>>> >> This problem went off once i updated and built the complete platform >>>> >> and >>>> >> kernel >>>> >> >>>> >> Thanks >>>> >> Shammi >>>> >> >>>> >> >>>> >> On Fri, May 18, 2012 at 2:08 PM, Isuru Wimalasundera >>>> >> <[email protected]> >>>> >> wrote: >>>> >>> >>>> >>> Hi >>>> >>> >>>> >>> I am facing a similar kind of situation when restarting the Greg >>>> >>> server. >>>> >>> After a restart I can not open the service list page because from >>>> >>> the >>>> >>> ListMetaDataService it returns a NULL registry. When dig deep the >>>> >>> reason for >>>> >>> returning a NULL registry is identified as the following code >>>> >>> segment of >>>> >>> AbstractAdmin returns a NULL. >>>> >>> >>>> >>> >>>> >>> >>>> >>> CarbonContext.getCurrentContext().getRegistry(RegistryType.USER_GOVERNANCE); >>>> >>> >>>> >>> the CarbonContext.getCurrentContext() returns a NULL. How is it >>>> >>> possible >>>> >>> to overcome this issue? >>>> >>> >>>> > Hi Isuru, >>>> > Yes it still exists once i restarted the server. Seems some >>>> > configuration >>>> > happens at the initial start up and due to that this happens. >>>> > >>>> > Thanks >>>> > Shammi >>>> > >>>> >>> >>>> >>> Thanks >>>> >>> Isuruw >>>> >>> >>>> >>> >>>> >>> On Fri, May 18, 2012 at 12:38 PM, Shammi Jayasinghe >>>> >>> <[email protected]> >>>> >>> wrote: >>>> >>>> >>>> >>>> Hi , >>>> >>>> I am getting following NPE [1]when trying to subscribe to a topic. >>>> >>>> It >>>> >>>> is due to the null value of "CarbonContext.getCurrentContext()" >>>> >>>> coming from >>>> >>>> the following method in event.core module. I built the complete >>>> >>>> platform >>>> >>>> yesterday. Is this a known issue ? >>>> >>>> >>>> >>>> Thanks >>>> >>>> Shammi >>>> >>>> >>>> >>>> public static String getLoggedInUserName() { >>>> >>>> String userName = ""; >>>> >>>> if (CarbonContext.getCurrentContext().getTenantId() != 0) { >>>> >>>> userName = >>>> >>>> CarbonContext.getCurrentContext().getUsername() + >>>> >>>> "@" >>>> >>>> + >>>> >>>> CarbonContext.getCurrentContext().getTenantDomain(); >>>> >>>> } else { >>>> >>>> userName = >>>> >>>> CarbonContext.getCurrentContext().getUsername(); >>>> >>>> } >>>> >>>> return userName.trim(); >>>> >>>> } >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> [1]java.lang.NullPointerException >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.handleSubscribe(CarbonEventingMessageReceiver.java:175) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.processMessage(CarbonEventingMessageReceiver.java:386) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.invokeBusinessLogic(CarbonEventingMessageReceiver.java:81) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) >>>> >>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:205) >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >>>> >>>> at >>>> >>>> >>>> >>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) >>>> >>>> at >>>> >>>> >>>> >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) >>>> >>>> at >>>> >>>> >>>> >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:45) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:143) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) >>>> >>>> at >>>> >>>> >>>> >>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:48) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565) >>>> >>>> at >>>> >>>> >>>> >>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1620) >>>> >>>> at >>>> >>>> >>>> >>>> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >>>> >>>> at >>>> >>>> >>>> >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >>>> >>>> at java.lang.Thread.run(Thread.java:662) >>>> >>>> -- >>>> >>>> Best Regards, >>>> >>>> >>>> >>>> Shammi Jayasinghe >>>> >>>> Senior Software Engineer; WSO2, Inc.; http://wso2.com, >>>> >>>> mobile: +94 71 4493085 >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> >>>> Dev mailing list >>>> >>>> [email protected] >>>> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>>> >>> >>>> >>> >>>> >>> >>>> >>> -- >>>> >>> Isuru Wimalasundera >>>> >>> Software Engineer; WSO2, Inc.; http://wso2.com, >>>> >>> mobile: +94 77 920 5641 >>>> >>> >>>> >> >>>> >> >>>> >> >>>> >> -- >>>> >> Best Regards, >>>> >> >>>> >> Shammi Jayasinghe >>>> >> Senior Software Engineer; WSO2, Inc.; http://wso2.com, >>>> >> mobile: +94 71 4493085 >>>> >> >>>> >> >>>> > >>>> > >>>> > >>>> > -- >>>> > Best Regards, >>>> > >>>> > Shammi Jayasinghe >>>> > Senior Software Engineer; WSO2, Inc.; http://wso2.com, >>>> > mobile: +94 71 4493085 >>>> > >>>> > >>>> >>>> >>>> >>>> -- >>>> Mobile : +94773330538 >>> >>> >>> >>> >>> -- >>> Amila Suriarachchi >>> >>> Software Architect >>> WSO2 Inc. ; http://wso2.com >>> lean . enterprise . middleware >>> >>> phone : +94 71 3082805 >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> >> -- >> Senaka Fernando >> Product Manager - WSO2 Governance Registry; >> Associate Technical Lead; WSO2 Inc.; http://wso2.com >> Member; Apache Software Foundation; http://apache.org >> >> E-mail: senaka AT wso2.com >> P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 >> Linked-In: http://linkedin.com/in/senakafernando >> >> Lean . Enterprise . Middleware >> > > > > -- > Senaka Fernando > Product Manager - WSO2 Governance Registry; > Associate Technical Lead; WSO2 Inc.; http://wso2.com > Member; Apache Software Foundation; http://apache.org > > E-mail: senaka AT wso2.com > P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 > Linked-In: http://linkedin.com/in/senakafernando > > Lean . Enterprise . Middleware > -- Mobile : +94773330538 _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
