On Mon, May 28, 2012 at 9:58 AM, Dimuthu Leelarathne <[email protected]>wrote:
> Hi all, > > On Mon, May 28, 2012 at 9:47 AM, Amila Jayasekara <[email protected]> wrote: > >> Hi Senaka, >> >> I didnt get a chance to look into this yet. I am engaged in fixing >> some security issue. Can someone else please look into this ? >> My suggestion is to disable session persistence. >> >> > +1 > +1 Thanks, Senaka. > > thanks, > dimuthu > > > >> Thanks >> AmilaJ >> >> On Sun, May 27, 2012 at 2:55 PM, Senaka Fernando <[email protected]> wrote: >> > Hi AmilaJ, >> > >> > What's the status of this? There are multiple issues reported due to >> this. >> > If this is something that is hard to fix, can we preserve the behavior >> we >> > had during the last release? >> > >> > Thanks, >> > Senaka. >> > >> > >> > On Fri, May 18, 2012 at 9:14 PM, Senaka Fernando <[email protected]> >> wrote: >> >> >> >> Hi AmilaJ, >> >> >> >> When someone logs in, there are certain objects that are created within >> >> the authentication framework. Can we ensure that these are >> regenerated? We >> >> might be able to eliminate most issues in this way. >> >> >> >> Also, the UI framework overrides the session object IIRC (I might be >> >> mistaken, but IIRC it was done this way for some reason). So, if we can >> >> print a warning for each non-serializable object that is stored on the >> HTTP >> >> session for a short period (we will get rid of that before the release >> of >> >> course), people can easily fix the UI components too. We probably can >> make >> >> good progress in going ahead with option #1 in that way. >> >> >> >> WDYT? >> >> >> >> Thanks, >> >> Senaka. >> >> >> >> >> >> On Fri, May 18, 2012 at 3:25 PM, Amila Suriarachchi <[email protected]> >> >> wrote: >> >>> >> >>> >> >>> >> >>> On Fri, May 18, 2012 at 3:10 PM, Amila Jayasekara <[email protected]> >> >>> wrote: >> >>>> >> >>>> Inorder for this to work we need to make sure all our user interfaces >> >>>> are aware about session persistence. Currently we have JSP pages >> where >> >>>> we set certain non-serializable objects to session and access them in >> >>>> subsequent pages. So if we are at a page where object is accessed and >> >>>> if we try to access the page after a restart we might face issues (as >> >>>> expected objects are not found in the sessio >> >>>> >> >>>> Thilina also reported several similar issues. >> >>>> >> >>>> We have 2 solutions for this. >> >>>> >> >>>> 1. Make sure all JSPs are aware about session persistence. i.e. if a >> >>>> JSP or UI component doesnt find a necessary object in session it has >> >>>> to execute some code to initialize the object and carry on processing >> >>>> - This might be tedious as we need to go through all UI/JSP >> components >> >>>> to find such occurrences. >> >>>> >> >>>> 2. Disable session persistence and make the system re-direct to login >> >>>> page during authentication - This is what we had in earlier releases. >> >>> >> >>> >> >>> if there was a reason to change this? if not better to use this since >> >>> that worked fine for last builds. >> >>> >> >>> thanks, >> >>> Amila. >> >>>> >> >>>> >> >>>> So what is the best option to solve this issue ? >> >>>> >> >>>> Thanks >> >>>> AmilaJ >> >>>> >> >>>> On Fri, May 18, 2012 at 2:58 PM, Shammi Jayasinghe <[email protected]> >> >>>> wrote: >> >>>> > >> >>>> > >> >>>> > On Fri, May 18, 2012 at 2:27 PM, Shammi Jayasinghe < >> [email protected]> >> >>>> > wrote: >> >>>> >> >> >>>> >> This problem went off once i updated and built the complete >> platform >> >>>> >> and >> >>>> >> kernel >> >>>> >> >> >>>> >> Thanks >> >>>> >> Shammi >> >>>> >> >> >>>> >> >> >>>> >> On Fri, May 18, 2012 at 2:08 PM, Isuru Wimalasundera >> >>>> >> <[email protected]> >> >>>> >> wrote: >> >>>> >>> >> >>>> >>> Hi >> >>>> >>> >> >>>> >>> I am facing a similar kind of situation when restarting the Greg >> >>>> >>> server. >> >>>> >>> After a restart I can not open the service list page because from >> >>>> >>> the >> >>>> >>> ListMetaDataService it returns a NULL registry. When dig deep the >> >>>> >>> reason for >> >>>> >>> returning a NULL registry is identified as the following code >> >>>> >>> segment of >> >>>> >>> AbstractAdmin returns a NULL. >> >>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> >>> >> CarbonContext.getCurrentContext().getRegistry(RegistryType.USER_GOVERNANCE); >> >>>> >>> >> >>>> >>> the CarbonContext.getCurrentContext() returns a NULL. How is it >> >>>> >>> possible >> >>>> >>> to overcome this issue? >> >>>> >>> >> >>>> > Hi Isuru, >> >>>> > Yes it still exists once i restarted the server. Seems some >> >>>> > configuration >> >>>> > happens at the initial start up and due to that this happens. >> >>>> > >> >>>> > Thanks >> >>>> > Shammi >> >>>> > >> >>>> >>> >> >>>> >>> Thanks >> >>>> >>> Isuruw >> >>>> >>> >> >>>> >>> >> >>>> >>> On Fri, May 18, 2012 at 12:38 PM, Shammi Jayasinghe >> >>>> >>> <[email protected]> >> >>>> >>> wrote: >> >>>> >>>> >> >>>> >>>> Hi , >> >>>> >>>> I am getting following NPE [1]when trying to subscribe to a >> topic. >> >>>> >>>> It >> >>>> >>>> is due to the null value of "CarbonContext.getCurrentContext()" >> >>>> >>>> coming from >> >>>> >>>> the following method in event.core module. I built the complete >> >>>> >>>> platform >> >>>> >>>> yesterday. Is this a known issue ? >> >>>> >>>> >> >>>> >>>> Thanks >> >>>> >>>> Shammi >> >>>> >>>> >> >>>> >>>> public static String getLoggedInUserName() { >> >>>> >>>> String userName = ""; >> >>>> >>>> if (CarbonContext.getCurrentContext().getTenantId() != >> 0) { >> >>>> >>>> userName = >> >>>> >>>> CarbonContext.getCurrentContext().getUsername() + >> >>>> >>>> "@" >> >>>> >>>> + >> >>>> >>>> CarbonContext.getCurrentContext().getTenantDomain(); >> >>>> >>>> } else { >> >>>> >>>> userName = >> >>>> >>>> CarbonContext.getCurrentContext().getUsername(); >> >>>> >>>> } >> >>>> >>>> return userName.trim(); >> >>>> >>>> } >> >>>> >>>> >> >>>> >>>> >> >>>> >>>> >> >>>> >>>> >> >>>> >>>> [1]java.lang.NullPointerException >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.handleSubscribe(CarbonEventingMessageReceiver.java:175) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.processMessage(CarbonEventingMessageReceiver.java:386) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.event.ws.internal.receivers.CarbonEventingMessageReceiver.invokeBusinessLogic(CarbonEventingMessageReceiver.java:81) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) >> >>>> >>>> at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:205) >> >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) >> >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) >> >>>> >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:45) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:143) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:48) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1620) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >> >>>> >>>> at >> >>>> >>>> >> >>>> >>>> >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >> >>>> >>>> at java.lang.Thread.run(Thread.java:662) >> >>>> >>>> -- >> >>>> >>>> Best Regards, >> >>>> >>>> >> >>>> >>>> Shammi Jayasinghe >> >>>> >>>> Senior Software Engineer; WSO2, Inc.; http://wso2.com, >> >>>> >>>> mobile: +94 71 4493085 >> >>>> >>>> >> >>>> >>>> >> >>>> >>>> >> >>>> >>>> _______________________________________________ >> >>>> >>>> Dev mailing list >> >>>> >>>> [email protected] >> >>>> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >>>> >>>> >> >>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> >>> -- >> >>>> >>> Isuru Wimalasundera >> >>>> >>> Software Engineer; WSO2, Inc.; http://wso2.com, >> >>>> >>> mobile: +94 77 920 5641 >> >>>> >>> >> >>>> >> >> >>>> >> >> >>>> >> >> >>>> >> -- >> >>>> >> Best Regards, >> >>>> >> >> >>>> >> Shammi Jayasinghe >> >>>> >> Senior Software Engineer; WSO2, Inc.; http://wso2.com, >> >>>> >> mobile: +94 71 4493085 >> >>>> >> >> >>>> >> >> >>>> > >> >>>> > >> >>>> > >> >>>> > -- >> >>>> > Best Regards, >> >>>> > >> >>>> > Shammi Jayasinghe >> >>>> > Senior Software Engineer; WSO2, Inc.; http://wso2.com, >> >>>> > mobile: +94 71 4493085 >> >>>> > >> >>>> > >> >>>> >> >>>> >> >>>> >> >>>> -- >> >>>> Mobile : +94773330538 >> >>> >> >>> >> >>> >> >>> >> >>> -- >> >>> Amila Suriarachchi >> >>> >> >>> Software Architect >> >>> WSO2 Inc. ; http://wso2.com >> >>> lean . enterprise . middleware >> >>> >> >>> phone : +94 71 3082805 >> >>> >> >>> >> >>> _______________________________________________ >> >>> Dev mailing list >> >>> [email protected] >> >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >>> >> >> >> >> >> >> >> >> -- >> >> Senaka Fernando >> >> Product Manager - WSO2 Governance Registry; >> >> Associate Technical Lead; WSO2 Inc.; http://wso2.com >> >> Member; Apache Software Foundation; http://apache.org >> >> >> >> E-mail: senaka AT wso2.com >> >> P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 >> >> Linked-In: http://linkedin.com/in/senakafernando >> >> >> >> Lean . Enterprise . Middleware >> >> >> > >> > >> > >> > -- >> > Senaka Fernando >> > Product Manager - WSO2 Governance Registry; >> > Associate Technical Lead; WSO2 Inc.; http://wso2.com >> > Member; Apache Software Foundation; http://apache.org >> > >> > E-mail: senaka AT wso2.com >> > P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 >> > Linked-In: http://linkedin.com/in/senakafernando >> > >> > Lean . Enterprise . Middleware >> > >> >> >> >> -- >> Mobile : +94773330538 >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > > -- > Dimuthu Leelarathne > Technical Lead > > WSO2, Inc. (http://wso2.com) > email: [email protected] > > > Lean . Enterprise . Middleware > > -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
