You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Lorenzo Fini <lo...@gmail.com> on 2014/02/27 15:35:03 UTC
ManagerBase.generateSessionId() gives me a NullPointerException
Hi,
I get this error:
java.lang.NullPointerException
org.apache.catalina.session.ManagerBase.generateSessionId(ManagerBase.java:807)
org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:653)
org.apache.catalina.connector.Request.doGetSession(Request.java:2956)
org.apache.catalina.connector.Request.getSession(Request.java:2320)
org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:899)
org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:911)
com.myfilter.AuthenticationFilter.doFilter(AuthenticationFilter.java:47)
at the line 47 of AuthenticationFilter the only action I do is
((HttpServletRequest) request).getSession()
I use Tomcat 7.0.50 on a 64 bit machine with the basic configuration.
This only happens sometimes, and is hard to reproduce.
I have a filter that uses the session to check if the user is logged,
after undeploying and deploying, sometimes the webapp shows the
exception.
I've traced it down to ManagerBase.java - generateSessionId() method.
I have seen that when I get this error I get it on different browsers
so it is not about a wrong state in the current session.
I have noticed that waiting 10 minutes in some cases can fix the problem.
Re: ManagerBase.generateSessionId() gives me a NullPointerException
Posted by Mark Thomas <ma...@apache.org>.
Looking at the logs added to
https://issues.apache.org/bugzilla/show_bug.cgi?id=54315, the undeploy
log in the failure case is a lot shorter. The Context appears to have no
children (not even the servlets picked up from the default web.xml)
which indicates that the deployment failed.
My best guess at this point remains that the trigger for things going
wrong is that an undeployment fails, possibly with a locked file.
I'd suggest the following to progress this:
1. Look further back in the logs for when things first went wrong.
2. Try Tomcat 8 and enable trackLockedFiles (see
http://tomcat.apache.org/tomcat-8.0-doc/config/resources.html )
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: ManagerBase.generateSessionId() gives me a NullPointerException
Posted by Lorenzo Fini <lo...@gmail.com>.
Hi,
as I told you I'm not a wizard in configuring log4j.
using this configuration for log4j:
log4j.logger.org.apache=FINE, logApache
log4j.additivity.org.apache.catalina.util.LifecycleBase=false
log4j.appender.logApache=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logApache.File=../logs/ApacheFine.log
log4j.appender.logApache.DatePattern='.'yyyy-MM-dd
log4j.appender.logApache.layout=org.apache.log4j.PatternLayout
log4j.appender.logApache.layout.ConversionPattern=[%p] %d %c %M - %m%n
outputs:
[DEBUG] 2014-02-27 16:27:48,063
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:34:10,937 org.apache.ibatis.logging.LogFactory
setImplementation - Logging initialized using 'class
org.apache.ibatis.logging.log4j.Log4jImpl' adapter.
[DEBUG] 2014-02-27 16:34:10,937
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:34:10,937
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:34:10,937
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:34:10,937
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:36:05,254 org.apache.ibatis.logging.LogFactory
setImplementation - Logging initialized using 'class
org.apache.ibatis.logging.log4j.Log4jImpl' adapter.
[DEBUG] 2014-02-27 16:36:05,270
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:36:05,270
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:36:05,270
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
[DEBUG] 2014-02-27 16:36:05,270
org.apache.ibatis.datasource.pooled.PooledDataSource forceCloseAll -
PooledDataSource forcefully closed/removed all connections.
The AuthenticationFilter class is not that complicated
@WebFilter("/AuthenticationFilter")
public class AuthenticationFilter implements Filter {
private ServletContext context;
private static List<String> ALLOWED_URLS;
public void init(FilterConfig fConfig) throws ServletException {
this.context = fConfig.getServletContext();
// put the allowed JSP urls here:
ALLOWED_URLS = new ArrayList<String>();
ALLOWED_URLS.add(fConfig.getServletContext().getContextPath() +
"/login.jsp");
ALLOWED_URLS.add(fConfig.getServletContext().getContextPath() +
"/loginFail.jsp");
ALLOWED_URLS.add(fConfig.getServletContext().getContextPath() +
"/LoginServlet");
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException,
ServletException {
Logger log = Logger.getLogger(AuthenticationFilter.class);
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String uri = req.getRequestURI();
log.info("Requested Resource::" + uri + "-> allowed:" +
ALLOWED_URLS.contains(uri));
LdapAuthenticator authenticator = new
LdapAuthenticator(req.getSession());
if (ALLOWED_URLS.contains(uri) || authenticator.isLogged()) {
// pass the request along the filter chain
chain.doFilter(request, response);
} else {
log.info("Unauthorized access request");
res.sendRedirect(this.context.getContextPath() + "/login.jsp");
}
}
public void destroy() {
// close any resources here
}
}
2014-02-27 16:14 GMT+01:00 Mark Thomas <ma...@apache.org>:
> On 27/02/2014 15:01, Lorenzo Fini wrote:
> > Hi Mark,
> >
> > if I am just doing request.getSession() on the request that I receive,
> how
> > can it be an application error?
>
> That would depend on where the object named "request" was obtained from.
>
> > I do no store any request or session..
>
> In which case, I refer you to the answer I provided earlier:
>
> >> This is either an application bug or a bug in
> >> com.abovo.gc.plata.filter.AuthenticationFilter that is retaining and
> >> using a reference to a request object from a previous request rather
> >> than using the request object for the current request.
>
> The application code was not the only possible source of the bug.
>
> Strictly, since you failed to provide the full stack trace, there is a
> third option that some as yet undisclosed component is retaining the
> reference to the request object.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: ManagerBase.generateSessionId() gives me a NullPointerException
Posted by Mark Thomas <ma...@apache.org>.
On 27/02/2014 15:01, Lorenzo Fini wrote:
> Hi Mark,
>
> if I am just doing request.getSession() on the request that I receive, how
> can it be an application error?
That would depend on where the object named "request" was obtained from.
> I do no store any request or session..
In which case, I refer you to the answer I provided earlier:
>> This is either an application bug or a bug in
>> com.abovo.gc.plata.filter.AuthenticationFilter that is retaining and
>> using a reference to a request object from a previous request rather
>> than using the request object for the current request.
The application code was not the only possible source of the bug.
Strictly, since you failed to provide the full stack trace, there is a
third option that some as yet undisclosed component is retaining the
reference to the request object.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: ManagerBase.generateSessionId() gives me a NullPointerException
Posted by Lorenzo Fini <lo...@gmail.com>.
Hi Mark,
if I am just doing request.getSession() on the request that I receive, how
can it be an application error?
I do no store any request or session..
2014-02-27 15:55 GMT+01:00 Mark Thomas <ma...@apache.org>:
> On 27/02/2014 14:35, Lorenzo Fini wrote:
> > Hi,
> > I get this error:
> >
> > java.lang.NullPointerException
> >
> org.apache.catalina.session.ManagerBase.generateSessionId(ManagerBase.java:807)
> >
> org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:653)
> >
> org.apache.catalina.connector.Request.doGetSession(Request.java:2956)
> > org.apache.catalina.connector.Request.getSession(Request.java:2320)
> >
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:899)
> >
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:911)
> >
> com.myfilter.AuthenticationFilter.doFilter(AuthenticationFilter.java:47)
> >
> > at the line 47 of AuthenticationFilter the only action I do is
> > ((HttpServletRequest) request).getSession()
> >
> >
> > I use Tomcat 7.0.50 on a 64 bit machine with the basic configuration.
> > This only happens sometimes, and is hard to reproduce.
> > I have a filter that uses the session to check if the user is logged,
> > after undeploying and deploying, sometimes the webapp shows the
> > exception.
> > I've traced it down to ManagerBase.java - generateSessionId() method.
>
> No, there is no bug there.
>
> To repeat what you have already been told:
>
> This is either an application bug or a bug in
> com.abovo.gc.plata.filter.AuthenticationFilter that is retaining and
> using a reference to a request object from a previous request rather
> than using the request object for the current request.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: ManagerBase.generateSessionId() gives me a NullPointerException
Posted by Mark Thomas <ma...@apache.org>.
On 27/02/2014 14:35, Lorenzo Fini wrote:
> Hi,
> I get this error:
>
> java.lang.NullPointerException
> org.apache.catalina.session.ManagerBase.generateSessionId(ManagerBase.java:807)
> org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:653)
> org.apache.catalina.connector.Request.doGetSession(Request.java:2956)
> org.apache.catalina.connector.Request.getSession(Request.java:2320)
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:899)
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:911)
> com.myfilter.AuthenticationFilter.doFilter(AuthenticationFilter.java:47)
>
> at the line 47 of AuthenticationFilter the only action I do is
> ((HttpServletRequest) request).getSession()
>
>
> I use Tomcat 7.0.50 on a 64 bit machine with the basic configuration.
> This only happens sometimes, and is hard to reproduce.
> I have a filter that uses the session to check if the user is logged,
> after undeploying and deploying, sometimes the webapp shows the
> exception.
> I've traced it down to ManagerBase.java - generateSessionId() method.
No, there is no bug there.
To repeat what you have already been told:
This is either an application bug or a bug in
com.abovo.gc.plata.filter.AuthenticationFilter that is retaining and
using a reference to a request object from a previous request rather
than using the request object for the current request.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org