[seam-issues] [JBoss JIRA] (JBSEAM-5124) HTTP Basic Authentication causes a hidden IllegalStateException

Thu, 22 Aug 2013 08:54:14 -0700 

     [ 
https://issues.jboss.org/browse/JBSEAM-5124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Georgi Gyurchev updated JBSEAM-5124:
------------------------------------

    Attachment: AuthenticationFilter.java
                ContextualHttpServletRequest.java


Workaround classes
                
> HTTP Basic Authentication causes a hidden IllegalStateException
> ---------------------------------------------------------------
>
>                 Key: JBSEAM-5124
>                 URL: https://issues.jboss.org/browse/JBSEAM-5124
>             Project: Seam 2
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 2.3.1.CR1, 2.3.1.Final
>         Environment: JBOSS AS 7.0.2
> JSF 2.1
> Richfaces 4.3.2
>            Reporter: Georgi Gyurchev
>         Attachments: AuthenticationFilter.java, 
> ContextualHttpServletRequest.java
>
>
> The built-in Authentication filter causes "javax.servlet.ServletException: 
> java.lang.IllegalStateException: No active event context" on every page that 
> goes through the filter. At least for basic authentication.
> The user is likely to not see this but it shows in the console and can mess 
> with other functionality.
> ------------------------------------------------------
> I have gone through the Seam classes AuthenticationFilter and 
> ContextualHttpServletRequest and figured out where the problem lies:
> chain.doFilter() is called between the start and the end of the request and 
> when ContextualHttpServletRequest tries to end the request, the context is 
> not active anymore, I'm not sure exactly why but it seems logical. I'm also 
> not sure why it worked it Seam 2.2.
> ------------------------------------------------------
> The workaround is to make your own filter. I will attach my fix here. To use 
> a custom filter you must specify it in web.xml:
>       <filter>
>               <filter-name>Basic Authentication Filter</filter-name>
>               
> <filter-class>eu.cleversoft.infonds3.support.AuthenticationFilter</filter-class>
>       </filter>
>       <filter-mapping>
>               <filter-name>Basic Authentication Filter</filter-name>
>               <url-pattern>/*</url-pattern>
>       </filter-mapping>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
seam-issues@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/seam-issues

Reply via email to