Patch welcome.  :)

Glen

On Sat, Jan 10, 2015 at 10:36 AM, kyle <k...@bridge9.sakura.ne.jp> wrote:

> I think I found the cause. UIAction#setSalt(String) is being invoked with
> old salt value (maybe it comes from POST parameter). simply deleting
> UIAction#setSalt(String) solved the problem on my workspace. now I'm seeing
> a new salt value at every hitting of "Save as draft".
>
> 2015/01/10 22:49、kyle <k...@bridge9.sakura.ne.jp> のメール:
>
> > Hello Glen,
> >
> > Thanks for the response.
> >
> > I think it appears that my previous email was not clear. in my
> environment, the clock won't restart when I hit save as draft. the clock
> start ticking at the first time I visit the editing page, it never stops so
> I can't stay in the editing page over 60 minutes. to restart the clock (to
> get a new salt), I need 2 steps - move to other page and get back to the
> editing page. do you mean I should doing so?
> >
> > 2015/01/10 22:22、Glen <glen.ma...@gmail.com> wrote:
> >
> >> Hi Kyle, while it probably could be handled more elegantly, your
> writing would not normally be lost, as you can just hit the back key from
> your browser to get back to your text. 60 minutes is pretty generous and
> the clock restarts everytime you hit save draft as you periodically should
> be doing anyway.  We haven't the resources to try to implement google doc
> style editing within blog entries, at any rate for long term editing you
> can use your favorite desktop editor and then just copy and paste the html
> into the roller blog edit field and then publish it.
> >>
> >> Yes this happens with other containers like Tomcat.
> >>
> >> Glen
> >>
> >> -----Original Message-----
> >> From: "kyle" <k...@bridge9.sakura.ne.jp>
> >> Sent: ‎1/‎10/‎2015 7:57 AM
> >> To: "user@roller.apache.org" <user@roller.apache.org>
> >> Subject: Salt stays same in entryEdit page - is it by design?
> >>
> >> Hello, I'm running Roller 5.1.1 on WildFly 8.2.0.Final.
> >>
> >> Recently I got into a problem which is getting status code 500
> >> by "javax.servlet.ServletException: Security Violation."
> >> at editing page 1 or 2 times per day.
> >> it occurs when I push save as draft button.
> >>
> >> I'm looking into this problem now,
> >> then I found that the salt value in the editing page stays same
> >> while I'm writing content and pushing save button sometimes.
> >> I mean this element in the form:
> >> <input type="hidden" name="salt" value="8l4wTyF0LBKuhJLJ5zvU"
> id="entry_salt"/>
> >>
> >> I turned on DEBUG logs, then I can see the problem more clearly.
> >>
> >> DEBUG 2015-01-10 20:52:28,267 SaltCache:put - PUT 8l4wTyF0LBKuhJLJ5zvU
> >> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU
> >> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU
> >> ...snip...
> >> DEBUG 2015-01-10 21:51:49,744 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU
> >> DEBUG 2015-01-10 21:53:14,173 ExpiringLRUCacheImpl:get - EXPIRED
> [8l4wTyF0LBKuhJLJ5zvU]
> >> DEBUG 2015-01-10 21:53:14,173 SaltCache:get - MISS 8l4wTyF0LBKuhJLJ5zvU
> >>
> >> And, after some investigating I found that
> >> all salts will be expired in 60 minutes after creation.
> >> thus, I can't stay at editing page over 60 minutes.
> >> If I overstayed, then I can't save my draft anymore
> >> and got "Security Violation".
> >>
> >> Is it expected behavior?
> >> or it might be a WildFly specific problem?
> >>
> >> Also I posted about the problem:
> >>
> http://www.nailedtothex.org/roller/kyle/entry/debugging-roller-s-salt-processing
> >>
> >> Thanks.
> >
> >
>
>

Reply via email to