[seam-issues] [JBoss JIRA] (JBSEAM-5124) HTTP Basic Authentication causes a hidden IllegalStateException

Fri, 23 Aug 2013 02:46:58 -0700 

    [ 
https://issues.jboss.org/browse/JBSEAM-5124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12798552#comment-12798552
 ] 

Georgi Gyurchev edited comment on JBSEAM-5124 at 8/23/13 5:45 AM:
------------------------------------------------------------------

Added workaround classes
                
      was (Author: gesh92):
    Workaround classes
                  
> HTTP Basic Authentication causes a hidden IllegalStateException
> ---------------------------------------------------------------
>
>                 Key: JBSEAM-5124
>                 URL: https://issues.jboss.org/browse/JBSEAM-5124
>             Project: Seam 2
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 2.3.1.CR1, 2.3.1.Final
>         Environment: JBOSS AS 7.0.2
> JSF 2.1
> Richfaces 4.3.2
>            Reporter: Georgi Gyurchev
>         Attachments: AuthenticationFilter.java, 
> ContextualHttpServletRequest.java
>
>
> The built-in Authentication filter causes "javax.servlet.ServletException: 
> java.lang.IllegalStateException: No active event context" on every page that 
> goes through the filter. At least for basic authentication.
> The user is likely to not see this but it shows in the console and can mess 
> with other functionality.
> ------------------------------------------------------
> I have gone through the Seam classes AuthenticationFilter and 
> ContextualHttpServletRequest and figured out where the problem lies:
> chain.doFilter() is called between the start and the end of the request and 
> when ContextualHttpServletRequest tries to end the request, the context is 
> not active anymore, I'm not sure exactly why but it seems logical. I'm also 
> not sure why it worked it Seam 2.2.
> ------------------------------------------------------
> The workaround is to make your own filter. I will attach my fix here. To use 
> a custom filter you must specify it in web.xml:
>       <filter>
>               <filter-name>Basic Authentication Filter</filter-name>
>               <filter-class>com.something.AuthenticationFilter</filter-class>
>       </filter>
>       <filter-mapping>
>               <filter-name>Basic Authentication Filter</filter-name>
>               <url-pattern>/*</url-pattern>
>       </filter-mapping>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
seam-issues@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/seam-issues

Reply via email to