Hi all,
I'm using seam on tomcat 6.0.20 and encounter problem in my security module.
Basically, i try to add cookie with base64 encoding of the username which is
email address.
The encoding works and no exception is thrown. But when seam try adding the
cookie an exception is thrown:
05/12/2009 02:23:00 com.sun.faces.lifecycle.Phase doPhase
SEVERE: JSF1054: (Phase ID: INVOKE_APPLICATION 5, View ID: /login.xhtml)
Exception thrown during phase execution:
javax.faces.event.phaseevent[source=com.sun.faces.lifecycle.lifecyclei...@7d5
05/12/2009 02:23:00 org.ajax4jsf.webapp.BaseXMLFilter doXmlFilter
SEVERE: Exception in the filter chain
javax.servlet.ServletException: #{identity.login}:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
at
org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at
org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
at
org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
at
org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
at
org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.FacesException: #{identity.login}:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118)
at javax.faces.component.UICommand.broadcast(UICommand.java:387)
at
org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
at
org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
at
org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
at
org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
... 30 more
Caused by: javax.faces.el.EvaluationException:
java.lang.IllegalArgumentException: Control character in cookie value,
consider BASE64 encoding your value
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102)
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
... 39 more
Caused by: java.lang.IllegalArgumentException: Control character in cookie
value, consider BASE64 encoding your value
at
org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:396)
at
org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:389)
at
org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java:293)
at
org.apache.catalina.connector.Response.addCookieInternal(Response.java:1010)
at
org.apache.catalina.connector.Response.addCookieInternal(Response.java:979)
at
org.apache.catalina.connector.Response.addCookie(Response.java:967)
at
org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:343)
at
javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:58)
at
org.ajax4jsf.webapp.FilterServletResponseWrapper.addCookie(FilterServletResponseWrapper.java:627)
at
javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:58)
at
org.jboss.seam.faces.Selector.setCookieValueIfEnabled(Selector.java:119)
at
org.jboss.seam.security.RememberMe$UsernameSelector.setCookieValueIfEnabled(RememberMe.java:70)
at
org.jboss.seam.security.RememberMe.postAuthenticate(RememberMe.java:388)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
at
org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144)
at org.jboss.seam.Component.callComponentMethod(Component.java:2253)
at org.jboss.seam.core.Events.raiseEvent(Events.java:85)
at
org.jboss.seam.security.Identity.postAuthenticate(Identity.java:397)
at org.jboss.seam.security.Identity.authenticate(Identity.java:345)
at org.jboss.seam.security.Identity.authenticate(Identity.java:332)
at org.jboss.seam.security.Identity.login(Identity.java:259)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335)
at
org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348)
at
org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58)
at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
at
org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
at
com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
... 40 more
See below the seam source:
protected void setCookieValueIfEnabled(String value)
{
FacesContext ctx = FacesContext.getCurrentInstance();
if ( isCookieEnabled() && ctx != null)
{
HttpServletResponse response = (HttpServletResponse)
ctx.getExternalContext().getResponse();
Cookie cookie = new Cookie( getCookieName(), value );
cookie.setMaxAge( getCookieMaxAge() );
cookie.setPath(cookiePath);
* response.addCookie(cookie); //This thrown the
exception*
}
}
