I haven't seen an actual bug report but saw that other people are having
problems with deploying at root:
http://stackoverflow.com/questions/127492/
It must be something in glassfish but it is also related to servlets because
simple static html pages do not invalidate the session of the admin console.
And also the admin console is on a separate virtual server/listener so it
shouldn't be affected by normal requests. Other than that I'm not using Spring
at all, just Click and Velocity.
Alex
On 04.03.2010, at 23:38, Bob Schellink wrote:
> Hi Alex,
>
> Do you have a link to the G3 bug or where it was mentioned?
>
> I don't think Click contains any code that will invalidate the session. Are
> you using a Security framework such as Spring Security?
>
> kind regards
>
> bob
>
> On 5/03/2010 02:01 AM, Alex B wrote:
>> Hi Bob,
>>
>> Thanks for the quick reply! Indeed my app was deployed under root / and
>> after I changed the context to /myapp the problem disappeared. I read around
>> forums that this is some kind of bug with glassfish in particular. Still I
>> can't figure out what triggers the session to be invalidated - i.e. is it
>> Click or glassfish? I guess I'll just have to stick to deploying to a
>> non-root context then...
>>
>> Regards,
>> Alex
>>
>> On 04.03.2010, at 10:57, Bob Schellink wrote:
>>
>>> Hi Alex,
>>>
>>> I haven't used G3 yet so not sure why the two apps will interfere with one
>>> another. What is the context root of the two applications? Seems as if your
>>> Click applications is deployed under root? Does the problem still occur if
>>> you deploy the Click app under a non-root context?
>>>
>>> kind regards
>>>
>>> bob
>>>
>>> On 4/03/2010 05:57 AM, Alex B wrote:
>>>> Hi there,
>>>> I am using Click 2.1.0 with Glassfish v3. I'm having trouble with the
>>>> admin console which immediately logs me out after I refresh a page in my
>>>> app (i.e. after each ClickServlet request) and I have to log back in to
>>>> use the web admin interface. I am sure it is caused by Click because it
>>>> never happens when I access normal .html pages - only click .htm pages.
>>>> It's quite annoying and I can't figure out how to fix this. Any ideas?
>>>>
>>>> Regards,
>>>> Alex
>>>>
>>>> -------------- GLASSFISH LOG ----------------
>>>>
>>>> FINE: Requested cookie session id is 4edfef1385d09bad90c4b2858ec9
>>>> FINE: Security checking request GET /tour
>>>> FINE: Calling hasUserDataPermission()
>>>> FINE: [Web-Security] Policy Context ID was: MyApp/MyApp
>>>> FINE: [Web-Security] hasUserDataPermission perm:
>>>> (javax.security.jacc.WebUserDataPermission /tour GET)
>>>> FINE: [Web-Security] hasUserDataPermission isGranted: true
>>>> FINE: Calling authenticate()
>>>> FINE: getEntry for: HttpServlet -- pluggable-auth
>>>> module class: name.aikesommer.authenticator.AuthModule
>>>> options: {}
>>>> request policy: javax.security.auth.message.messagepol...@c0fc23d
>>>> response policy: null
>>>> FINE: Calling accessControl()
>>>> FINE: [Web-Security] Policy Context ID was: MyApp/MyApp
>>>> FINE: [Web-Security] hasResource isGranted: true
>>>> FINE: [Web-Security] hasResource perm:
>>>> (javax.security.jacc.WebResourcePermission /tour GET)
>>>> FINE: Successfully passed all security constraints
>>>> FINEST: Returning non-STM instance
>>>> FINE: servletPath=/tour.htm, pathInfo=null, queryString=null, name=null
>>>> FINEST: Returning non-STM instance
>>>> INFO: [Click] [debug] GET http://localhost:8080/tour.htm
>>>> FINE: Got encoding: UTF-8
>>>> FINE: realWrite(b, 0, 6336) com.sun.grizzly.tcp.respo...@2222cd3a
>>>> INFO: [Click] [info ] renderTemplate: /tour.htm,basetemplate.htm - 162 ms
>>>> INFO: [Click] [info ] handleRequest: /tour.htm - 163 ms
>>>> FINE: SecurityContext: setCurrentSecurityContext method called
>>>> FINEST: recycle()
>>>> FINE: recycle()
>>>> FINE: Requested cookie session id is 4f07b0ce9938fae32137472cb32c
>>>> FINE: Security checking request GET /common/applications/applications.jsf
>>>> FINE: Calling hasUserDataPermission()
>>>> FINE: [Web-Security] Policy Context ID was: __admingui/__admingui
>>>> FINE: [Web-Security] hasUserDataPermission perm:
>>>> (javax.security.jacc.WebUserDataPermission
>>>> /common/applications/applications.jsf GET)
>>>> FINE: [Web-Security] hasUserDataPermission isGranted: true
>>>> FINE: [Web-Security] Policy Context ID was: __admingui/__admingui
>>>> FINE: [Web-Security] Codesource with Web URL: file:/__admingui/__admingui
>>>> FINE: [Web-Security] Checking Web Permission with Principals : null
>>>> FINE: [Web-Security] Web Permission =
>>>> (javax.security.jacc.WebResourcePermission
>>>> /common/applications/applications.jsf GET)
>>>> FINEST: JACC Policy Provider: PolicyWrapper.implies, context
>>>> (__admingui/__admingui)- result was(false) permission
>>>> ((javax.security.jacc.WebResourcePermission
>>>> /common/applications/applications.jsf GET))
>>>> FINE: [Web-Security] hasResource isGranted: false
>>>> FINE: [Web-Security] hasResource perm:
>>>> (javax.security.jacc.WebResourcePermission
>>>> /common/applications/applications.jsf GET)
>>>> FINE: Calling authenticate()
>>>> FINE: Save request in session '4f1408b8aa6cbd8d84adb07c20a9'
>>>> FINE: Got encoding: ISO-8859-1
>>>> FINE: Failed authenticate() test
>>>> FINE: realWrite(b, 0, 181) com.sun.grizzly.tcp.respo...@124ed067
>>>> FINEST: recycle()
>>>> FINE: recycle()
>>>> FINE: Requested cookie session id is 4f1408b8aa6cbd8d84adb07c20a9
>>>> FINE: Security checking request GET /login.jsf
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>
