Re: Problem with servlet module

Thu, 09 Jul 2015 00:34:55 -0700 

Hi,
some time ago I observed that Tomcat fires superfluous init/destroy events when form based auth is used. See also http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results 


So one way to fix the problem would be not to use the listener to bind 
the current ServletRequest. I'm not sure whether it's possible to 
disable the RequestResponseHolderListener and only use 
RequestResponseHolderFilter though...


Martin

Dne 9.7.2015 v 09:13 [email protected] napsal(a):

Hi.

I have a problem with servlet module.

I am using Tomcat 8.0.23 and it seems to me that there is a bug when
using container managed security with auth method set to "FORM".

In my web.xml, I have :

     <login-config>
         <auth-method>FORM</auth-method>
         <form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/access-denied.xhtml</form-error-page>
         </form-login-config>
     </login-config>


+ securiy constraints.

When the forward to the form login page is performed, an exception is
raised because the same thread is registered twice.

So, an illegal state exception is raised with the following stack trace :

java.lang.IllegalStateException: There is already an instance bound to
this thread.
     
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
     
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
     
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
     
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
     
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
     
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
     
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
     
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
     
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
     org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
     
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
     
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
     
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
     
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
     
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
     
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
     
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
     java.lang.Thread.run(Thread.java:745)


As my webapp is version="3.0", I should not have configuration to set in
the web.xml (correct me if I am wrong).

However, as there are sometimes strange behaviours with tomcat, I tried
to explicitly define config as indicated in
https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup ,
but it does not change anything.

Any help welcomed !

Ludovic


|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|




--
Martin Kouba
Software Engineer
Red Hat, Czech Republic






















					Reply via email to