Hi all, On Mon, May 28, 2012 at 9:47 AM, Amila Jayasekara <[email protected]> wrote:
> Hi Senaka, > > I didnt get a chance to look into this yet. I am engaged in fixing > some security issue. Can someone else please look into this ? > My suggestion is to disable session persistence. > > +1 thanks, dimuthu > Thanks > AmilaJ > > On Sun, May 27, 2012 at 2:55 PM, Senaka Fernando <[email protected]> wrote: > > Hi AmilaJ, > > > > What's the status of this? There are multiple issues reported due to > this. > > If this is something that is hard to fix, can we preserve the behavior we > > had during the last release? > > > > Thanks, > > Senaka. > > > > > > On Fri, May 18, 2012 at 9:14 PM, Senaka Fernando <[email protected]> > wrote: > >> > >> Hi AmilaJ, > >> > >> When someone logs in, there are certain objects that are created within > >> the authentication framework. Can we ensure that these are regenerated? > We > >> might be able to eliminate most issues in this way. > >> > >> Also, the UI framework overrides the session object IIRC (I might be > >> mistaken, but IIRC it was done this way for some reason). So, if we can > >> print a warning for each non-serializable object that is stored on the > HTTP > >> session for a short period (we will get rid of that before the release > of > >> course), people can easily fix the UI components too. We probably can > make > >> good progress in going ahead with option #1 in that way. > >> > >> WDYT? > >> > >> Thanks, > >> Senaka. > >> > >> > >> On Fri, May 18, 2012 at 3:25 PM, Amila Suriarachchi <[email protected]> > >> wrote: > >>> > >>> > >>> > >>> On Fri, May 18, 2012 at 3:10 PM, Amila Jayasekara <[email protected]> > >>> wrote: > >>>> > >>>> Inorder for this to work we need to make sure all our user interfaces > >>>> are aware about session persistence. Currently we have JSP pages where > >>>> we set certain non-serializable objects to session and access them in > >>>> subsequent pages. So if we are at a page where object is accessed and > >>>> if we try to access the page after a restart we might face issues (as > >>>> expected objects are not found in the sessio > >>>> > >>>> Thilina also reported several similar issues. > >>>> > >>>> We have 2 solutions for this. > >>>> > >>>> 1. Make sure all JSPs are aware about session persistence. i.e. if a > >>>> JSP or UI component doesnt find a necessary object in session it has > >>>> to execute some code to initialize the object and carry on processing > >>>> - This might be tedious as we need to go through all UI/JSP components > >>>> to find such occurrences. > >>>> > >>>> 2. Disable session persistence and make the system re-direct to login > >>>> page during authentication - This is what we had in earlier releases. > >>> > >>> > >>> if there was a reason to change this? if not better to use this since > >>> that worked fine for last builds. > >>> > >>> thanks, > >>> Amila. > >>>> > >>>> > >>>> So what is the best option to solve this issue ? > >>>> > >>>> Thanks > >>>> AmilaJ > >>>> > >>>> On Fri, May 18, 2012 at 2:58 PM, Shammi Jayasinghe <[email protected]> > >>>> wrote: > >>>> > > >>>> > > >>>> > On Fri, May 18, 2012 at 2:27 PM, Shammi Jayasinghe <[email protected] > > > >>>> > wrote: > >>>> >> > >>>> >> This problem went off once i updated and built the complete > platform > >>>> >> and > >>>> >> kernel > >>>> >> > >>>> >> Thanks > >>>> >> Shammi > >>>> >> > >>>> >> > >>>> >> On Fri, May 18, 2012 at 2:08 PM, Isuru Wimalasundera > >>>> >> <[email protected]> > >>>> >> wrote: > >>>> >>> > >>>> >>> Hi > >>>> >>> > >>>> >>> I am facing a similar kind of situation when restarting the Greg > >>>> >>> server. > >>>> >>> After a restart I can not open the service list page because from > >>>> >>> the > >>>> >>> ListMetaDataService it returns a NULL registry. When dig deep the > >>>> >>> reason for > >>>> >>> returning a NULL registry is identified as the following code > >>>> >>> segment of > >>>> >>> AbstractAdmin returns a NULL. > >>>> >>> > >>>> >>> > >>>> >>> > >>>> >>> > CarbonContext.getCurrentContext().getRegistry(RegistryType.USER_GOVERNANCE); > >>>> >>> > >>>> >>> the CarbonContext.getCurrentContext() returns a NULL. How is it > >>>> >>> possible > >>>> >>> to overcome this issue? > >>>> >>> > >>>> > Hi Isuru, > >>>> > Yes it still exists once i restarted the server. Seems some > >>>> > configuration > >>>> > happens at the initial start up and due to that this happens. > >>>> > > >>>> > Thanks > >>>> > Shammi > >>>> > > >>>> >>> > >>>> >>> Thanks > >>>> >>> Isuruw > >>>> >>> > >>>> >>> > >>>> >>> On Fri, May 18, 2012 at 12:38 PM, Shammi Jayasinghe > >>>> >>> <[email protected]> > >>>> >>> wrote: > >>>> >>>> > >>>> >>>> Hi , > >>>> >>>> I am getting following NPE [1]when trying to subscribe to a > topic. > >>>> >>>> It > >>>> >>>> is due to the null value of "CarbonContext.getCurrentContext()" > >>>> >>>> coming from > >>>> >>>> the following method in event.core module. I built the complete > >>>> >>>> platform > >>>> >>>> yesterday. Is this a known issue ? > >>>> >>>> > >>>> >>>> Thanks > >>>> >>>> Shammi > >>>> >>>> > >>>> >>>> public static String getLoggedInUserName() { > >>>> >>>> String userName = ""; > >>>> >>>> if (CarbonContext.getCurrentContext().getTenantId() != > 0) { > >>>> >>>> userName = > >>>> >>>> CarbonContext.getCurrentContext().getUsername() + > >>>> >>>> "@" > >>>> >>>> + > >>>> >>>> CarbonContext.getCurrentContext().getTenantDomain(); > >>>> >>>> } else { > >>>> >>>> userName = > >>>> >>>> CarbonContext.getCurrentContext().getUsername(); > >>>> >>>> } > >>>> >>>> return userName.trim(); > >>>> >>>> } > >>>> >>>> > >>>> >>>> > >>>> >>>> > >>>> >>>> > >>>> >>>> [1]java.lang.NullPointerException > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.handleSubscribe(CarbonEventingMessageReceiver.java:175) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.processMessage(CarbonEventingMessageReceiver.java:386) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.invokeBusinessLogic(CarbonEventingMessageReceiver.java:81) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) > >>>> >>>> at > org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:205) > >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) > >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) > >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:45) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:143) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:48) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1620) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > >>>> >>>> at > >>>> >>>> > >>>> >>>> > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > >>>> >>>> at java.lang.Thread.run(Thread.java:662) > >>>> >>>> -- > >>>> >>>> Best Regards, > >>>> >>>> > >>>> >>>> Shammi Jayasinghe > >>>> >>>> Senior Software Engineer; WSO2, Inc.; http://wso2.com, > >>>> >>>> mobile: +94 71 4493085 > >>>> >>>> > >>>> >>>> > >>>> >>>> > >>>> >>>> _______________________________________________ > >>>> >>>> Dev mailing list > >>>> >>>> [email protected] > >>>> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev > >>>> >>>> > >>>> >>> > >>>> >>> > >>>> >>> > >>>> >>> -- > >>>> >>> Isuru Wimalasundera > >>>> >>> Software Engineer; WSO2, Inc.; http://wso2.com, > >>>> >>> mobile: +94 77 920 5641 > >>>> >>> > >>>> >> > >>>> >> > >>>> >> > >>>> >> -- > >>>> >> Best Regards, > >>>> >> > >>>> >> Shammi Jayasinghe > >>>> >> Senior Software Engineer; WSO2, Inc.; http://wso2.com, > >>>> >> mobile: +94 71 4493085 > >>>> >> > >>>> >> > >>>> > > >>>> > > >>>> > > >>>> > -- > >>>> > Best Regards, > >>>> > > >>>> > Shammi Jayasinghe > >>>> > Senior Software Engineer; WSO2, Inc.; http://wso2.com, > >>>> > mobile: +94 71 4493085 > >>>> > > >>>> > > >>>> > >>>> > >>>> > >>>> -- > >>>> Mobile : +94773330538 > >>> > >>> > >>> > >>> > >>> -- > >>> Amila Suriarachchi > >>> > >>> Software Architect > >>> WSO2 Inc. ; http://wso2.com > >>> lean . enterprise . middleware > >>> > >>> phone : +94 71 3082805 > >>> > >>> > >>> _______________________________________________ > >>> Dev mailing list > >>> [email protected] > >>> http://wso2.org/cgi-bin/mailman/listinfo/dev > >>> > >> > >> > >> > >> -- > >> Senaka Fernando > >> Product Manager - WSO2 Governance Registry; > >> Associate Technical Lead; WSO2 Inc.; http://wso2.com > >> Member; Apache Software Foundation; http://apache.org > >> > >> E-mail: senaka AT wso2.com > >> P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 > >> Linked-In: http://linkedin.com/in/senakafernando > >> > >> Lean . Enterprise . Middleware > >> > > > > > > > > -- > > Senaka Fernando > > Product Manager - WSO2 Governance Registry; > > Associate Technical Lead; WSO2 Inc.; http://wso2.com > > Member; Apache Software Foundation; http://apache.org > > > > E-mail: senaka AT wso2.com > > P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 > > Linked-In: http://linkedin.com/in/senakafernando > > > > Lean . Enterprise . Middleware > > > > > > -- > Mobile : +94773330538 > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Dimuthu Leelarathne Technical Lead WSO2, Inc. (http://wso2.com) email: [email protected] Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
