[jira] Commented: (GERONIMO-1480) Cross context include does not set jacc contextID for 2nd web app. (Tomcat only)
[ http://issues.apache.org/jira/browse/GERONIMO-1480?page=comments#action_12365703 ] Jian Liao commented on GERONIMO-1480: - Your new patch is like what I am done on my testing env, but I use mb.setString(webContext.getPath() + dispatchPath);. because mapper initialize its internal context with the value return by webContext.getPath() in org.apache.catalina.core.StandardContext, line 4110 (Tomcat 5.5.12). But they are exactly the same cause getPath() will delegate to getName() :-). Now both policy context and jndi context work well !!! Thanks, jeff. - Jian Liao Cross context include does not set jacc contextID for 2nd web app. (Tomcat only) Key: GERONIMO-1480 URL: http://issues.apache.org/jira/browse/GERONIMO-1480 Project: Geronimo Type: Bug Components: Tomcat Versions: 1.0.1, 1.1 Reporter: David Jencks Assignee: Jeff Genender Priority: Blocker Fix For: 1.1, 1.0.1 If you do a cross context include from web app A to web app B, the jacc contextID fetched from PolicyContext when you evaluate isUserInRole in web app B is the contextID for A, not B. Presumably the cross context dispatch does not go through the PolicyContextValve for B. Here's a thread trace that demonstrates this, with a couple annotations. [EMAIL PROTECTED] daemon prio=5, in group main, status: RUNNING implies():80, GeronimoPolicy.java implies():46, JaasPolicyCoordinator.java implies():189, ProtectionDomain.java checkPermission():254, AccessControlContext.java hasRole():248, TomcatGeronimoRealm.java isUserInRole():2128, Request.java isUserInRole():761, RequestFacade.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():265, PortletRequestImpl.java _jspService():46, roles.jsp service():97, HttpJspBase.java service():688, HttpServlet.java service():322, JspServletWrapper.java serviceJspFile():314, JspServlet.java service():264, JspServlet.java service():688, HttpServlet.java internalDoFilter():252, ApplicationFilterChain.java doFilter():173, ApplicationFilterChain.java invoke():672, ApplicationDispatcher.java doInclude():574, ApplicationDispatcher.java include():499, ApplicationDispatcher.java include():72, JetspeedRequestDispatcher.java doView():363, GenericServletPortlet.java doDispatch():250, GenericPortlet.java render():178, GenericPortlet.java render():102, JetspeedPortletInstance.java THIS IS WEB APP B doGet():230, JetspeedContainerServlet.java service():595, HttpServlet.java service():688, HttpServlet.java internalDoFilter():252, ApplicationFilterChain.java doFilter():173, ApplicationFilterChain.java invoke():672, ApplicationDispatcher.java doInclude():574, ApplicationDispatcher.java include():499, ApplicationDispatcher.java THIS IS A INCLUDING B invoke():213, ServletPortletInvoker.java render():125, ServletPortletInvoker.java renderPortlet():119, PortletContainerImpl.java renderPortlet():120, JetspeedPortletContainerWrapper.java execute():120, RenderingJobImpl.java renderNow():110, PortletRendererImpl.java aggregateAndRender():199, PageAggregatorImpl.java aggregateAndRender():182, PageAggregatorImpl.java build():106, PageAggregatorImpl.java invoke():48, AggregatorValve.java invokeNext():166, JetspeedPipeline.java invoke():132, ActionValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():76, ContainerValve.java invokeNext():166, JetspeedPipeline.java invoke():100, DecorationValve.java invokeNext():166, JetspeedPipeline.java invoke():179, ProfilerValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():143, LoginValidationValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():148, PasswordCredentialValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():168, LocalizationValveImpl.java invokeNext():166, JetspeedPipeline.java run():117, AbstractSecurityValve.java doPrivileged():-1, AccessController.java doAsPrivileged():437, Subject.java invoke():111, AbstractSecurityValve.java invokeNext():166, JetspeedPipeline.java invoke():55, PortalURLValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():128,
[jira] Commented: (GERONIMO-1480) Cross context include does not set jacc contextID for 2nd web app. (Tomcat only)
[ http://issues.apache.org/jira/browse/GERONIMO-1480?page=comments#action_12365679 ] Jian Liao commented on GERONIMO-1480: - Sorry for the delay, although there are still two exceptions here, but isUserInRole() works. I think Exception_2is caused by Exception_1. I will also look into it. Thanks! Exception 1 ## java.lang.StringIndexOutOfBoundsException: String index out of range: -2 at java.lang.String.init(String.java:192) at org.apache.tomcat.util.buf.CharChunk.toStringInternal(CharChunk.java: 499) at org.apache.tomcat.util.buf.StringCache.toString(StringCache.java:325) at org.apache.tomcat.util.buf.CharChunk.toString(CharChunk.java:495) at org.apache.tomcat.util.http.mapper.Mapper.internalMapWrapper(Mapper.j ava:776) at org.apache.tomcat.util.http.mapper.Mapper.map(Mapper.java:531) at org.apache.geronimo.tomcat.listener.DispatchListener.getWrapperName(D ispatchListener.java:104) at org.apache.geronimo.tomcat.listener.DispatchListener.beforeDispatch(D ispatchListener.java:71) at org.apache.geronimo.tomcat.listener.DispatchListener.instanceEvent(Di spatchListener.java:50) at org.apache.catalina.util.InstanceSupport.fireInstanceEvent(InstanceSu pport.java:295) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDisp atcher.java:668) at org.apache.catalina.core.ApplicationDispatcher.processRequest(Applica tionDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationD ispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDis patcher.java:301) at org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.j ava:693) at org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.jav a:660) at org.apache.jsp.index_jsp._jspService(org.apache.jsp.index_jsp:45) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:688) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper .java:322) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:3 14) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264) at javax.servlet.http.HttpServlet.service(HttpServlet.java:688) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:178) at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSu bjectValve.java:46) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica torBase.java:432) at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve. invoke(GeronimoStandardContext.java:273) at org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(Gero nimoBeforeAfterValve.java:31) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:107) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java: 541) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :868) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p rocessConnection(Http11BaseProtocol.java:663) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo int.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFol lowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP ool.java:684) at java.lang.Thread.run(Thread.java:534) Exception 2 ## java.lang.NullPointerException at org.apache.geronimo.tomcat.listener.DispatchListener.getWrapperName(D ispatchListener.java:106) at org.apache.geronimo.tomcat.listener.DispatchListener.beforeDispatch(D ispatchListener.java:71) at org.apache.geronimo.tomcat.listener.DispatchListener.instanceEvent(Di spatchListener.java:50) at org.apache.catalina.util.InstanceSupport.fireInstanceEvent(InstanceSu pport.java:295) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDisp atcher.java:668) at
[jira] Commented: (GERONIMO-1480) Cross context include does not set jacc contextID for 2nd web app. (Tomcat only)
[ http://issues.apache.org/jira/browse/GERONIMO-1480?page=comments#action_12365688 ] Jian Liao commented on GERONIMO-1480: - 1. My web application context is /jetspeed, length = 9. 2. The value of request.getAttribute(Globals.DISPATCHER_REQUEST_PATH_ATTR) is /portal, length = 7, so the MessageBytes instance (mb) created with dispatchPath has a length = 7, start = Offset = 0. 3. mapper.map(mb, mappingData); will try to substring mb to get rid of context name, so a StringIndexOutOfBoundsException occur. It seems that mb is expected to contains the context name, like /jetspeed/portal. Cross context include does not set jacc contextID for 2nd web app. (Tomcat only) Key: GERONIMO-1480 URL: http://issues.apache.org/jira/browse/GERONIMO-1480 Project: Geronimo Type: Bug Components: Tomcat Versions: 1.0.1, 1.1 Reporter: David Jencks Assignee: Jeff Genender Priority: Blocker Fix For: 1.1, 1.0.1 If you do a cross context include from web app A to web app B, the jacc contextID fetched from PolicyContext when you evaluate isUserInRole in web app B is the contextID for A, not B. Presumably the cross context dispatch does not go through the PolicyContextValve for B. Here's a thread trace that demonstrates this, with a couple annotations. [EMAIL PROTECTED] daemon prio=5, in group main, status: RUNNING implies():80, GeronimoPolicy.java implies():46, JaasPolicyCoordinator.java implies():189, ProtectionDomain.java checkPermission():254, AccessControlContext.java hasRole():248, TomcatGeronimoRealm.java isUserInRole():2128, Request.java isUserInRole():761, RequestFacade.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():163, HttpServletRequestWrapper.java isUserInRole():265, PortletRequestImpl.java _jspService():46, roles.jsp service():97, HttpJspBase.java service():688, HttpServlet.java service():322, JspServletWrapper.java serviceJspFile():314, JspServlet.java service():264, JspServlet.java service():688, HttpServlet.java internalDoFilter():252, ApplicationFilterChain.java doFilter():173, ApplicationFilterChain.java invoke():672, ApplicationDispatcher.java doInclude():574, ApplicationDispatcher.java include():499, ApplicationDispatcher.java include():72, JetspeedRequestDispatcher.java doView():363, GenericServletPortlet.java doDispatch():250, GenericPortlet.java render():178, GenericPortlet.java render():102, JetspeedPortletInstance.java THIS IS WEB APP B doGet():230, JetspeedContainerServlet.java service():595, HttpServlet.java service():688, HttpServlet.java internalDoFilter():252, ApplicationFilterChain.java doFilter():173, ApplicationFilterChain.java invoke():672, ApplicationDispatcher.java doInclude():574, ApplicationDispatcher.java include():499, ApplicationDispatcher.java THIS IS A INCLUDING B invoke():213, ServletPortletInvoker.java render():125, ServletPortletInvoker.java renderPortlet():119, PortletContainerImpl.java renderPortlet():120, JetspeedPortletContainerWrapper.java execute():120, RenderingJobImpl.java renderNow():110, PortletRendererImpl.java aggregateAndRender():199, PageAggregatorImpl.java aggregateAndRender():182, PageAggregatorImpl.java build():106, PageAggregatorImpl.java invoke():48, AggregatorValve.java invokeNext():166, JetspeedPipeline.java invoke():132, ActionValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():76, ContainerValve.java invokeNext():166, JetspeedPipeline.java invoke():100, DecorationValve.java invokeNext():166, JetspeedPipeline.java invoke():179, ProfilerValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():143, LoginValidationValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():148, PasswordCredentialValveImpl.java invokeNext():166, JetspeedPipeline.java invoke():168, LocalizationValveImpl.java invokeNext():166, JetspeedPipeline.java run():117, AbstractSecurityValve.java doPrivileged():-1, AccessController.java doAsPrivileged():437, Subject.java invoke():111, AbstractSecurityValve.java invokeNext():166, JetspeedPipeline.java invoke():55, PortalURLValveImpl.java invokeNext():166, JetspeedPipeline.java