IllegalStateException when updating Spring Boot to 2.1.7
I have a Spring Boot application, which is running fine and has with the following setup Spring Webflux + Tomcat 9 I have a Spring Boot application, which is running fine and has with the following setup - Spring Webflux + Tomcat - Spring Actuator as dependency. - Spring Boot 2.1.2 - Java 1.8.0_212 - Gradle 5.1 to build However when I update to Spring Boot 2.1.7 & Spring 5.1.9 the application fails to start. This is the error in the logs java.lang.IllegalStateException: Calling [asyncOperation()] is not valid for a request with Async state [COMPLETING] This is the stack trace org.apache.coyote.AsyncStateMachine.asyncOperation(AsyncStateMachine.java:269) org.apache.coyote.AbstractProcessor.dispatch(AbstractProcessor.java:203) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:53) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Thread.java:748) What could be the issue here ? However when I update to Spring Boot 2.1.7 & Spring 5.1.9 the application fails to start. This is the error in the logs *java.lang.IllegalStateException: Calling [asyncOperation()] is not valid for a request with Async state [COMPLETING] * This is the stack trace *org.apache.coyote.AsyncStateMachine.asyncOperation(AsyncStateMachine.java:269) org.apache.coyote.AbstractProcessor.dispatch(AbstractProcessor.java:203) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:53) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Thread.java:748)* What could be the issue here ?
Re: Enhancement: New option 'persistAuthentication' for session manager
Hi there, what to do next to get things moving? Seems like there's nothing more to implement for the addition right now. Should I just create a PR in the apache/tomcat repository? And/or post some lines to the dev mailing list? Carsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Enhancement: New option 'persistAuthentication' for session manager
Jonathan, On Tue, Feb 18, 2020 at 5:29 PM Jonathan S. Fisher wrote: For older versions of tomcat, I'd suggest adding an additional option that causes GenericPrincipal to drop the password after authentication is complete, by default if persistAuthentication is enabled, which alleviates your concern. Tomcat's GenericPrincipal implements Serializable only as of the 8.5 branch. However, the latest 8.5 version uses a helper class SerializablePrincipal (private static class in GenericPrincipal). In both 8.5 and 9.0 branch, this class also serializes the password, whereas in current 10.0 branch, there is no longer a password available in GenericPrincipal. Although it would be a good idea to remove the password field generally from GenericPrincipal even in 8.5 and 9.0 (as in 10.0), it's likely easiest to just remove it from SerializablePrincipal in the older versions. So, even if the user's password is stored in memory, its no longer persisted to storage and does not blame session and authentication persistence. Carsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org