Hello This problem never went away in Geronimo 2.1.4 - Jetty, maybe it's some Jetty logging configuration, I was not persistent enough to find exactly what :-) Karel
yosemite wrote: > > Hello all, > > I have a @Stateless acting as @WebService configured in openejb-jar.xml > like > > <ejb:enterprise-beans> > <ejb:session> > <ejb:ejb-name>TimeBean</ejb:ejb-name> > <ejb:web-service-security> > > <ejb:security-realm-name>MyRealm</ejb:security-realm-name> > > <ejb:transport-guarantee>NONE</ejb:transport-guarantee> > <ejb:auth-method>BASIC</ejb:auth-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </ejb:web-service-security> > </ejb:session> > </ejb:enterprise-beans> > > Which works perfect if user credentials passed to webservice are right. > But if the credentials are wrong (wrong password), it tells the client > "The server sent HTTP status code 401: Unauthorized" but also logs in > geronimo.log: > > 2009-08-23 14:16:03,531 WARN [log] AUTH FAILURE: user tester1 > 2009-08-23 14:16:03,531 WARN [log] Committed before 403 null > 2009-08-23 14:16:03,531 ERROR [log] handle failed > java.lang.IllegalStateException: Committed > at org.mortbay.jetty.Response.resetBuffer(Response.java:995) > at org.mortbay.jetty.Response.sendError(Response.java:240) > at > org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:521) > at > org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:842) > at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:648) > at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211) > at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) > at > org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395) > at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214) > at > org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:619) > > How to avoid this log, how to handle to IllegalStateException and where, > please? > > If I use the same realm in the web app, this section in web.xml > > <realm-name>MyRealm</realm-name> > <form-login-config> > <form-login-page>/login.jsp</form-login-page> > <form-error-page>/loginError.jsp</form-error-page> > </form-login-config> > </login-config> > > bumps to loginError if password is wrong, and then the log entry is just > > WARN [log] AUTH FAILURE: user tester1 > > (i.e.no IllegalStateException) > > Any help appreciated. > Karel > > > -- View this message in context: http://www.nabble.com/How-to-stop-logging-of-webservice-authentication-failure-tp25102983s134p25522154.html Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
