You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@deltaspike.apache.org by "l.penet@senat.fr" <l....@senat.fr> on 2015/07/09 09:13:40 UTC
Problem with servlet module
Hi.
I have a problem with servlet module.
I am using Tomcat 8.0.23 and it seems to me that there is a bug when
using container managed security with auth method set to "FORM".
In my web.xml, I have :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/access-denied.xhtml</form-error-page>
</form-login-config>
</login-config>
+ securiy constraints.
When the forward to the form login page is performed, an exception is
raised because the same thread is registered twice.
So, an illegal state exception is raised with the following stack trace :
java.lang.IllegalStateException: There is already an instance bound to this thread.
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)
As my webapp is version="3.0", I should not have configuration to set in the web.xml (correct me if I am wrong).
However, as there are sometimes strange behaviours with tomcat, I tried to explicitly define config as indicated in https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup , but it does not change anything.
Any help welcomed !
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
Re: Problem with servlet module
Posted by "l.penet@senat.fr" <l....@senat.fr>.
Oh, I did not put an important info : I am using DS 1.3.0.
Sorry for the double post.
Ludovic
On 09/07/2015 09:13, l.penet@senat.fr wrote:
> Hi.
>
> I have a problem with servlet module.
>
> I am using Tomcat 8.0.23 and it seems to me that there is a bug when
> using container managed security with auth method set to "FORM".
>
> In my web.xml, I have :
>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/login.xhtml</form-login-page>
> <form-error-page>/access-denied.xhtml</form-error-page>
> </form-login-config>
> </login-config>
>
>
> + securiy constraints.
>
> When the forward to the form login page is performed, an exception is
> raised because the same thread is registered twice.
>
> So, an illegal state exception is raised with the following stack trace :
>
> java.lang.IllegalStateException: There is already an instance bound to
> this thread.
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
>
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
>
> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
>
> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
>
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
>
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>
> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>
> java.lang.Thread.run(Thread.java:745)
>
>
> As my webapp is version="3.0", I should not have configuration to set
> in the web.xml (correct me if I am wrong).
>
> However, as there are sometimes strange behaviours with tomcat, I
> tried to explicitly define config as indicated in
> https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
> , but it does not change anything.
>
> Any help welcomed !
>
> Ludovic
>
>
> |
> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> |
>
>
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
Re: Problem with servlet module
Posted by Christian Kaltepoth <ch...@kaltepoth.de>.
Hey Ludovic,
=> so :
> * there are two "logical" requests in this case.
> * the forward to login.xhtml is just some sort of "inner request", and its
> result will be sent as the first, "original" request result.
>
That's absolutely correct. I guess Tomcat "forwards" the request to the
login page instead of sending a redirect. I think this is required by the
spec. A "forward" is a standard Servlet feature. You can for example
configure your filters so that they are also invoked for forwarded requests
("DispatchType" in web.xml).
However, from my understanding of the ServletRequestListener javadocs the
listener refers to "physical" requests. It says:
[...] enter the first servlet or filter of the web application.
Unfortunately I didn't find anything in the Servlet spec that clarifies
this.
Would be interesting to hear what the Tomcat guys think about this.
Christian
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
Re: Problem with servlet module
Posted by "l.penet@senat.fr" <l....@senat.fr>.
On 14/07/2015 10:14, Christian Kaltepoth wrote:
> Hey Ludovic,
>
> thanks a lot. To be honest, I don't fully understand Christopher's response
> to your question.
>
> The javadocs of ServletRequestListener say:
>
> Interface for receiving notification events about requests coming into and
>> going out of scope of a web application. A ServletRequest is defined as
>> coming into scope of a web application when it is about to enter the first
>> servlet or filter of the web application, and as going out of scope as it
>> exits the last servlet or the first filter in the chain.
>
> In my understanding this means that requestInitialized() is called only
> once for each "physical" request. Or at least that requestDestroyed() is
> called _before_ requestInitialized() gets executed another time.
If I get it right, and supposing that the form page is my-webapp/login.xhtml
* there is really one "physical", user triggered request (by a web
browser, curl, wget or whatever) ;
* when one requests any page other than login.xhtml without being
already authenticated, Tomcat does NOT reply with a 302 or any other
HTTP code, it internally forwards the request using forwardToLoginPage
(see
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?view=markup&pathrev=1024397
, line 246).
=> so :
* there are two "logical" requests in this case.
* the forward to login.xhtml is just some sort of "inner request", and
its result will be sent as the first, "original" request result.
=> so so :
* two logical requests are processed at the same time
* it is normal that we are not notified of the deletion of the first
request.
I am curious on why they do not simply perform a HTTP redirect. I guess
there must be something in a spec requesting it. My first move was to
leave that alone, not having time to read related specs and wanting to
spare Christopher Schultz time, but the question might be interesting to
other people, so I will continue the discussion on Tomcat list;
>
> However, my commit should fix the problem. Looking forward to hear if it
> works for you.
I tested and, as expected, it works ! :-)
I would have tested before that we are re-binding the same "physical"
request and would have logged an error if not. That might detect other
strange cases. But I can leave without it. :-)
Thanks a lot. I look forward to 1.4.2 release.
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
Re: Problem with servlet module
Posted by Christian Kaltepoth <ch...@kaltepoth.de>.
Hey Ludovic,
thanks a lot. To be honest, I don't fully understand Christopher's response
to your question.
The javadocs of ServletRequestListener say:
Interface for receiving notification events about requests coming into and
> going out of scope of a web application. A ServletRequest is defined as
> coming into scope of a web application when it is about to enter the first
> servlet or filter of the web application, and as going out of scope as it
> exits the last servlet or the first filter in the chain.
In my understanding this means that requestInitialized() is called only
once for each "physical" request. Or at least that requestDestroyed() is
called _before_ requestInitialized() gets executed another time.
However, my commit should fix the problem. Looking forward to hear if it
works for you.
Christian
2015-07-14 9:38 GMT+02:00 Ludovic Pénet <l....@senat.fr>:
> I will try it tomorrow, but it should be ok.
>
> BTW, Christopher Schultz gave me the following answee on Tomcat user list
> : http://mail-archives.apache.org/mod_mbox/tomcat-users/201507.mbox/
> <55A3B97A.1090409%40christopherschultz.net>
>
> Ludovic
>
> Le 14 juillet 2015 06:47:49 CEST, Christian Kaltepoth <
> christian@kaltepoth.de> a écrit :
> >This issue should be fixed now:
> >
> >
> https://github.com/chkal/deltaspike/commit/9d0ad6b6b7d2109ffee1a9577f87a44bcc91a535
> >
> >It would be great if you could give 1.4.2-SNAPSHOT a try as we will
> >release
> >1.4.2 very soon.
> >
> >Christian
> >
> >
> >2015-07-13 12:17 GMT+02:00 Christian Kaltepoth
> ><ch...@kaltepoth.de>:
> >
> >> Hey Ludovic,
> >>
> >> I created two issues to track this. I hope I'll find some time to
> >work on
> >> them later today.
> >>
> >> https://issues.apache.org/jira/browse/DELTASPIKE-949
> >> https://issues.apache.org/jira/browse/DELTASPIKE-950
> >>
> >> Christian
> >>
> >>
> >>
> >> 2015-07-10 9:23 GMT+02:00 l.penet@senat.fr <l....@senat.fr>:
> >>
> >>> Well, I shall try to raise the question on the tomcat list. I had
> >other
> >>> troubles with this double registration, so it might be worth the
> >time.
> >>>
> >>> Thanks for the quick replies and the workaround, but I fear it might
> >be
> >>> more complex to understand for some other guy taking over my current
> >>> project in some time than a clearly different, patched, dependency.
> >>>
> >>> The simplest thing would be, IMHO, to allow double, identical,
> >>> registration, but I understand that you do not want to stuff your
> >clean
> >>> work with kludges. It would however make servlet module more
> >>> straightforward to use for Tomcat users, who are not a small user
> >base. :)
> >>>
> >>> Ludovic
> >>>
> >>> Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth <
> >>> christian@kaltepoth.de> a écrit :
> >>>
> >>> Hey Ludovic,
> >>>
> >>> I'm not completely sure if Tomcat behaves correctly when it calls
> >>> requestInitialized() more than once for a request. I'll try
> >>> to clarify this.
> >>>
> >>> I agree with Martin that it should work fine if you just using
> >>> RequestResponseHolderFilter.
> >>> Unfortunately RequestResponseHolderListener is currently
> >>> not deactivateable. So the only workaround would be to set
> >>> metadata-complete="true" in your web.xml and include everything
> >>> except for RequestResponseHolderListener from [1] in your own
> >web.xml.
> >>>
> >>> You could also use <absolute-ordering> without <others/> to
> >>> basically exclude DeltaSpike's web-fragment.xml from being
> >processed.
> >>>
> >>> I hope this helps.
> >>>
> >>> Christian
> >>>
> >>> [1]
> >>>
> >>>
> >
> https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
> >>>
> >>> 2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
> >>> <ma...@redhat.com>>:
> >>>
> >>> Hi,
> >>>
> >>> some time ago I observed that Tomcat fires superfluous
> >>> init/destroy events when form based auth is used. See also
> >>>
> >>>
> >
> http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
> >>>
> >>> So one way to fix the problem would be not to use the
> >listener
> >>> to bind the current ServletRequest. I'm not sure whether it's
> >>> possible to disable the RequestResponseHolderListener and
> >only
> >>> use RequestResponseHolderFilter though...
> >>>
> >>> Martin
> >>>
> >>> Dne 9.7.2015 v 09:13 l.penet@senat.fr
> ><ma...@senat.fr>
> >>>
> >>> napsal(a):
> >>>
> >>> Hi.
> >>>
> >>> I have a problem with servlet module.
> >>>
> >>> I am using Tomcat 8.0.23 and it seems to me that there is
> >a
> >>> bug when
> >>> using container managed security with auth method set to
> >>> "FORM".
> >>>
> >>> In my web.xml, I have :
> >>>
> >>> <login-config>
> >>> <auth-method>FORM</auth-method>
> >>> <form-login-config>
> >>> <form-login-page>/login.xhtml</form-login-page>
> >>> <form-error-page>/access-denied.xhtml</form-error-page>
> >>> </form-login-config>
> >>> </login-config>
> >>>
> >>>
> >>> + securiy constraints.
> >>>
> >>> When the forward to the form login page is performed, an
> >>> exception is
> >>> raised because the same thread is registered twice.
> >>>
> >>> So, an illegal state exception is raised with the
> >following
> >>> stack trace :
> >>>
> >>> java.lang.IllegalStateException: There is already an
> >>> instance bound to
> >>> this thread.
> >>>
> >>>
>
> >org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
> >>>
> >>>
>
> >org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
> >>>
> >>>
>
> >org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
> >>>
> >>>
>
> >org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
> >>>
> >>>
>
> >org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
> >>>
> >>>
>
> >org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
> >>>
> >>>
>
> >org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> >>>
> >>>
>
> >org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
> >>>
> >>>
>
> >org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
> >>>
> >>>
>
> >org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
> >>>
> >>>
>
> >org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
> >>>
> >>>
>
> >org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
> >>> org.apache.tomcat.util.net
> >>> <http://org.apache.tomcat.util.net
> >>> >.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
> >>> org.apache.tomcat.util.net
> >>> <http://org.apache.tomcat.util.net
> >>> >.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
> >>>
> >>>
>
> >java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> >>>
> >>>
>
> >java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> >>>
> >>>
>
> >org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> >>> java.lang.Thread.run(Thread.java:745)
> >>>
> >>>
> >>> As my webapp is version="3.0", I should not have
> >>> configuration to set in
> >>> the web.xml (correct me if I am wrong).
> >>>
> >>> However, as there are sometimes strange behaviours with
> >>> tomcat, I tried
> >>> to explicitly define config as indicated in
> >>>
> >>>
> >https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
> >>> ,
> >>> but it does not change anything.
> >>>
> >>> Any help welcomed !
> >>>
> >>> Ludovic
> >>>
> >>>
> >>> |
> >>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> >>> |
> >>>
> >>>
> >>>
> >>> -- Martin Kouba
> >>> Software Engineer
> >>> Red Hat, Czech Republic
> >>>
> >>>
> >>>
> >>>
> >>> -- Christian Kaltepoth
> >>> Blog: http://blog.kaltepoth.de/
> >>> Twitter: http://twitter.com/chkal
> >>> GitHub: https://github.com/chkal
> >>>
> >>>
> >>> --
> >>> Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma
> >>> brièveté.
> >>>
> >>>
> >>> |
> >>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> >>> |
> >>>
> >>>
> >>
> >>
> >> --
> >> Christian Kaltepoth
> >> Blog: http://blog.kaltepoth.de/
> >> Twitter: http://twitter.com/chkal
> >> GitHub: https://github.com/chkal
> >>
> >>
> >
> >
> >--
> >Christian Kaltepoth
> >Blog: http://blog.kaltepoth.de/
> >Twitter: http://twitter.com/chkal
> >GitHub: https://github.com/chkal
>
> --
> Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
>
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
Re: Problem with servlet module
Posted by Ludovic Pénet <l....@senat.fr>.
I will try it tomorrow, but it should be ok.
BTW, Christopher Schultz gave me the following answee on Tomcat user list : http://mail-archives.apache.org/mod_mbox/tomcat-users/201507.mbox/<55A3B97A.1090409%40christopherschultz.net>
Ludovic
Le 14 juillet 2015 06:47:49 CEST, Christian Kaltepoth <ch...@kaltepoth.de> a écrit :
>This issue should be fixed now:
>
>https://github.com/chkal/deltaspike/commit/9d0ad6b6b7d2109ffee1a9577f87a44bcc91a535
>
>It would be great if you could give 1.4.2-SNAPSHOT a try as we will
>release
>1.4.2 very soon.
>
>Christian
>
>
>2015-07-13 12:17 GMT+02:00 Christian Kaltepoth
><ch...@kaltepoth.de>:
>
>> Hey Ludovic,
>>
>> I created two issues to track this. I hope I'll find some time to
>work on
>> them later today.
>>
>> https://issues.apache.org/jira/browse/DELTASPIKE-949
>> https://issues.apache.org/jira/browse/DELTASPIKE-950
>>
>> Christian
>>
>>
>>
>> 2015-07-10 9:23 GMT+02:00 l.penet@senat.fr <l....@senat.fr>:
>>
>>> Well, I shall try to raise the question on the tomcat list. I had
>other
>>> troubles with this double registration, so it might be worth the
>time.
>>>
>>> Thanks for the quick replies and the workaround, but I fear it might
>be
>>> more complex to understand for some other guy taking over my current
>>> project in some time than a clearly different, patched, dependency.
>>>
>>> The simplest thing would be, IMHO, to allow double, identical,
>>> registration, but I understand that you do not want to stuff your
>clean
>>> work with kludges. It would however make servlet module more
>>> straightforward to use for Tomcat users, who are not a small user
>base. :)
>>>
>>> Ludovic
>>>
>>> Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth <
>>> christian@kaltepoth.de> a écrit :
>>>
>>> Hey Ludovic,
>>>
>>> I'm not completely sure if Tomcat behaves correctly when it calls
>>> requestInitialized() more than once for a request. I'll try
>>> to clarify this.
>>>
>>> I agree with Martin that it should work fine if you just using
>>> RequestResponseHolderFilter.
>>> Unfortunately RequestResponseHolderListener is currently
>>> not deactivateable. So the only workaround would be to set
>>> metadata-complete="true" in your web.xml and include everything
>>> except for RequestResponseHolderListener from [1] in your own
>web.xml.
>>>
>>> You could also use <absolute-ordering> without <others/> to
>>> basically exclude DeltaSpike's web-fragment.xml from being
>processed.
>>>
>>> I hope this helps.
>>>
>>> Christian
>>>
>>> [1]
>>>
>>>
>https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
>>>
>>> 2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
>>> <ma...@redhat.com>>:
>>>
>>> Hi,
>>>
>>> some time ago I observed that Tomcat fires superfluous
>>> init/destroy events when form based auth is used. See also
>>>
>>>
>http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
>>>
>>> So one way to fix the problem would be not to use the
>listener
>>> to bind the current ServletRequest. I'm not sure whether it's
>>> possible to disable the RequestResponseHolderListener and
>only
>>> use RequestResponseHolderFilter though...
>>>
>>> Martin
>>>
>>> Dne 9.7.2015 v 09:13 l.penet@senat.fr
><ma...@senat.fr>
>>>
>>> napsal(a):
>>>
>>> Hi.
>>>
>>> I have a problem with servlet module.
>>>
>>> I am using Tomcat 8.0.23 and it seems to me that there is
>a
>>> bug when
>>> using container managed security with auth method set to
>>> "FORM".
>>>
>>> In my web.xml, I have :
>>>
>>> <login-config>
>>> <auth-method>FORM</auth-method>
>>> <form-login-config>
>>> <form-login-page>/login.xhtml</form-login-page>
>>> <form-error-page>/access-denied.xhtml</form-error-page>
>>> </form-login-config>
>>> </login-config>
>>>
>>>
>>> + securiy constraints.
>>>
>>> When the forward to the form login page is performed, an
>>> exception is
>>> raised because the same thread is registered twice.
>>>
>>> So, an illegal state exception is raised with the
>following
>>> stack trace :
>>>
>>> java.lang.IllegalStateException: There is already an
>>> instance bound to
>>> this thread.
>>>
>>>
>org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
>>>
>>>
>org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
>>>
>>>
>org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
>>>
>>>
>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
>>>
>>>
>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
>>>
>>>
>org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>>
>>>
>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
>>>
>>>
>org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>>
>>>
>org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
>>>
>>>
>org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
>>>
>>>
>org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>>>
>>>
>org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>>> org.apache.tomcat.util.net
>>> <http://org.apache.tomcat.util.net
>>> >.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>>> org.apache.tomcat.util.net
>>> <http://org.apache.tomcat.util.net
>>> >.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>>>
>>>
>java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>>
>>>
>java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>>
>>>
>org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>> java.lang.Thread.run(Thread.java:745)
>>>
>>>
>>> As my webapp is version="3.0", I should not have
>>> configuration to set in
>>> the web.xml (correct me if I am wrong).
>>>
>>> However, as there are sometimes strange behaviours with
>>> tomcat, I tried
>>> to explicitly define config as indicated in
>>>
>>>
>https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
>>> ,
>>> but it does not change anything.
>>>
>>> Any help welcomed !
>>>
>>> Ludovic
>>>
>>>
>>> |
>>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
>>> |
>>>
>>>
>>>
>>> -- Martin Kouba
>>> Software Engineer
>>> Red Hat, Czech Republic
>>>
>>>
>>>
>>>
>>> -- Christian Kaltepoth
>>> Blog: http://blog.kaltepoth.de/
>>> Twitter: http://twitter.com/chkal
>>> GitHub: https://github.com/chkal
>>>
>>>
>>> --
>>> Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma
>>> brièveté.
>>>
>>>
>>> |
>>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
>>> |
>>>
>>>
>>
>>
>> --
>> Christian Kaltepoth
>> Blog: http://blog.kaltepoth.de/
>> Twitter: http://twitter.com/chkal
>> GitHub: https://github.com/chkal
>>
>>
>
>
>--
>Christian Kaltepoth
>Blog: http://blog.kaltepoth.de/
>Twitter: http://twitter.com/chkal
>GitHub: https://github.com/chkal
--
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
Re: Problem with servlet module
Posted by Christian Kaltepoth <ch...@kaltepoth.de>.
This issue should be fixed now:
https://github.com/chkal/deltaspike/commit/9d0ad6b6b7d2109ffee1a9577f87a44bcc91a535
It would be great if you could give 1.4.2-SNAPSHOT a try as we will release
1.4.2 very soon.
Christian
2015-07-13 12:17 GMT+02:00 Christian Kaltepoth <ch...@kaltepoth.de>:
> Hey Ludovic,
>
> I created two issues to track this. I hope I'll find some time to work on
> them later today.
>
> https://issues.apache.org/jira/browse/DELTASPIKE-949
> https://issues.apache.org/jira/browse/DELTASPIKE-950
>
> Christian
>
>
>
> 2015-07-10 9:23 GMT+02:00 l.penet@senat.fr <l....@senat.fr>:
>
>> Well, I shall try to raise the question on the tomcat list. I had other
>> troubles with this double registration, so it might be worth the time.
>>
>> Thanks for the quick replies and the workaround, but I fear it might be
>> more complex to understand for some other guy taking over my current
>> project in some time than a clearly different, patched, dependency.
>>
>> The simplest thing would be, IMHO, to allow double, identical,
>> registration, but I understand that you do not want to stuff your clean
>> work with kludges. It would however make servlet module more
>> straightforward to use for Tomcat users, who are not a small user base. :)
>>
>> Ludovic
>>
>> Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth <
>> christian@kaltepoth.de> a écrit :
>>
>> Hey Ludovic,
>>
>> I'm not completely sure if Tomcat behaves correctly when it calls
>> requestInitialized() more than once for a request. I'll try
>> to clarify this.
>>
>> I agree with Martin that it should work fine if you just using
>> RequestResponseHolderFilter.
>> Unfortunately RequestResponseHolderListener is currently
>> not deactivateable. So the only workaround would be to set
>> metadata-complete="true" in your web.xml and include everything
>> except for RequestResponseHolderListener from [1] in your own web.xml.
>>
>> You could also use <absolute-ordering> without <others/> to
>> basically exclude DeltaSpike's web-fragment.xml from being processed.
>>
>> I hope this helps.
>>
>> Christian
>>
>> [1]
>>
>> https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
>>
>> 2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
>> <ma...@redhat.com>>:
>>
>> Hi,
>>
>> some time ago I observed that Tomcat fires superfluous
>> init/destroy events when form based auth is used. See also
>>
>> http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
>>
>> So one way to fix the problem would be not to use the listener
>> to bind the current ServletRequest. I'm not sure whether it's
>> possible to disable the RequestResponseHolderListener and only
>> use RequestResponseHolderFilter though...
>>
>> Martin
>>
>> Dne 9.7.2015 v 09:13 l.penet@senat.fr <ma...@senat.fr>
>>
>> napsal(a):
>>
>> Hi.
>>
>> I have a problem with servlet module.
>>
>> I am using Tomcat 8.0.23 and it seems to me that there is a
>> bug when
>> using container managed security with auth method set to
>> "FORM".
>>
>> In my web.xml, I have :
>>
>> <login-config>
>> <auth-method>FORM</auth-method>
>> <form-login-config>
>> <form-login-page>/login.xhtml</form-login-page>
>> <form-error-page>/access-denied.xhtml</form-error-page>
>> </form-login-config>
>> </login-config>
>>
>>
>> + securiy constraints.
>>
>> When the forward to the form login page is performed, an
>> exception is
>> raised because the same thread is registered twice.
>>
>> So, an illegal state exception is raised with the following
>> stack trace :
>>
>> java.lang.IllegalStateException: There is already an
>> instance bound to
>> this thread.
>>
>> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
>>
>> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
>>
>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
>>
>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
>>
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
>>
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
>>
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>
>> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
>>
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
>>
>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>>
>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>> org.apache.tomcat.util.net
>> <http://org.apache.tomcat.util.net
>> >.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>> org.apache.tomcat.util.net
>> <http://org.apache.tomcat.util.net
>> >.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>>
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>> java.lang.Thread.run(Thread.java:745)
>>
>>
>> As my webapp is version="3.0", I should not have
>> configuration to set in
>> the web.xml (correct me if I am wrong).
>>
>> However, as there are sometimes strange behaviours with
>> tomcat, I tried
>> to explicitly define config as indicated in
>>
>> https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
>> ,
>> but it does not change anything.
>>
>> Any help welcomed !
>>
>> Ludovic
>>
>>
>> |
>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
>> |
>>
>>
>>
>> -- Martin Kouba
>> Software Engineer
>> Red Hat, Czech Republic
>>
>>
>>
>>
>> -- Christian Kaltepoth
>> Blog: http://blog.kaltepoth.de/
>> Twitter: http://twitter.com/chkal
>> GitHub: https://github.com/chkal
>>
>>
>> --
>> Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma
>> brièveté.
>>
>>
>> |
>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
>> |
>>
>>
>
>
> --
> Christian Kaltepoth
> Blog: http://blog.kaltepoth.de/
> Twitter: http://twitter.com/chkal
> GitHub: https://github.com/chkal
>
>
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
Re: Problem with servlet module
Posted by Christian Kaltepoth <ch...@kaltepoth.de>.
Hey Ludovic,
I created two issues to track this. I hope I'll find some time to work on
them later today.
https://issues.apache.org/jira/browse/DELTASPIKE-949
https://issues.apache.org/jira/browse/DELTASPIKE-950
Christian
2015-07-10 9:23 GMT+02:00 l.penet@senat.fr <l....@senat.fr>:
> Well, I shall try to raise the question on the tomcat list. I had other
> troubles with this double registration, so it might be worth the time.
>
> Thanks for the quick replies and the workaround, but I fear it might be
> more complex to understand for some other guy taking over my current
> project in some time than a clearly different, patched, dependency.
>
> The simplest thing would be, IMHO, to allow double, identical,
> registration, but I understand that you do not want to stuff your clean
> work with kludges. It would however make servlet module more
> straightforward to use for Tomcat users, who are not a small user base. :)
>
> Ludovic
>
> Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth <
> christian@kaltepoth.de> a écrit :
>
> Hey Ludovic,
>
> I'm not completely sure if Tomcat behaves correctly when it calls
> requestInitialized() more than once for a request. I'll try
> to clarify this.
>
> I agree with Martin that it should work fine if you just using
> RequestResponseHolderFilter.
> Unfortunately RequestResponseHolderListener is currently
> not deactivateable. So the only workaround would be to set
> metadata-complete="true" in your web.xml and include everything
> except for RequestResponseHolderListener from [1] in your own web.xml.
>
> You could also use <absolute-ordering> without <others/> to
> basically exclude DeltaSpike's web-fragment.xml from being processed.
>
> I hope this helps.
>
> Christian
>
> [1]
>
> https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
>
> 2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
> <ma...@redhat.com>>:
>
> Hi,
>
> some time ago I observed that Tomcat fires superfluous
> init/destroy events when form based auth is used. See also
>
> http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
>
> So one way to fix the problem would be not to use the listener
> to bind the current ServletRequest. I'm not sure whether it's
> possible to disable the RequestResponseHolderListener and only
> use RequestResponseHolderFilter though...
>
> Martin
>
> Dne 9.7.2015 v 09:13 l.penet@senat.fr <ma...@senat.fr>
>
> napsal(a):
>
> Hi.
>
> I have a problem with servlet module.
>
> I am using Tomcat 8.0.23 and it seems to me that there is a
> bug when
> using container managed security with auth method set to "FORM".
>
> In my web.xml, I have :
>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/login.xhtml</form-login-page>
> <form-error-page>/access-denied.xhtml</form-error-page>
> </form-login-config>
> </login-config>
>
>
> + securiy constraints.
>
> When the forward to the form login page is performed, an
> exception is
> raised because the same thread is registered twice.
>
> So, an illegal state exception is raised with the following
> stack trace :
>
> java.lang.IllegalStateException: There is already an
> instance bound to
> this thread.
>
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
>
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
>
> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
>
> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
>
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
>
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>
> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
> org.apache.tomcat.util.net
> <http://org.apache.tomcat.util.net
> >.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
> org.apache.tomcat.util.net
> <http://org.apache.tomcat.util.net
> >.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> java.lang.Thread.run(Thread.java:745)
>
>
> As my webapp is version="3.0", I should not have
> configuration to set in
> the web.xml (correct me if I am wrong).
>
> However, as there are sometimes strange behaviours with
> tomcat, I tried
> to explicitly define config as indicated in
>
> https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
> ,
> but it does not change anything.
>
> Any help welcomed !
>
> Ludovic
>
>
> |
> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> |
>
>
>
> -- Martin Kouba
> Software Engineer
> Red Hat, Czech Republic
>
>
>
>
> -- Christian Kaltepoth
> Blog: http://blog.kaltepoth.de/
> Twitter: http://twitter.com/chkal
> GitHub: https://github.com/chkal
>
>
> --
> Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
>
>
> |
> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> |
>
>
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
Re: Problem with servlet module
Posted by "l.penet@senat.fr" <l....@senat.fr>.
Well, I shall try to raise the question on the tomcat list. I had other
troubles with this double registration, so it might be worth the time.
Thanks for the quick replies and the workaround, but I fear it might be
more complex to understand for some other guy taking over my current
project in some time than a clearly different, patched, dependency.
The simplest thing would be, IMHO, to allow double, identical,
registration, but I understand that you do not want to stuff your clean
work with kludges. It would however make servlet module more
straightforward to use for Tomcat users, who are not a small user base. :)
Ludovic
Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth
<ch...@kaltepoth.de> a écrit :
Hey Ludovic,
I'm not completely sure if Tomcat behaves correctly when it calls
requestInitialized() more than once for a request. I'll try
to clarify this.
I agree with Martin that it should work fine if you just using
RequestResponseHolderFilter.
Unfortunately RequestResponseHolderListener is currently
not deactivateable. So the only workaround would be to set
metadata-complete="true" in your web.xml and include everything
except for RequestResponseHolderListener from [1] in your own web.xml.
You could also use <absolute-ordering> without <others/> to
basically exclude DeltaSpike's web-fragment.xml from being processed.
I hope this helps.
Christian
[1]
https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
<ma...@redhat.com>>:
Hi,
some time ago I observed that Tomcat fires superfluous
init/destroy events when form based auth is used. See also
http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
So one way to fix the problem would be not to use the listener
to bind the current ServletRequest. I'm not sure whether it's
possible to disable the RequestResponseHolderListener and only
use RequestResponseHolderFilter though...
Martin
Dne 9.7.2015 v 09:13 l.penet@senat.fr <ma...@senat.fr>
napsal(a):
Hi.
I have a problem with servlet module.
I am using Tomcat 8.0.23 and it seems to me that there is a
bug when
using container managed security with auth method set to "FORM".
In my web.xml, I have :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/access-denied.xhtml</form-error-page>
</form-login-config>
</login-config>
+ securiy constraints.
When the forward to the form login page is performed, an
exception is
raised because the same thread is registered twice.
So, an illegal state exception is raised with the following
stack trace :
java.lang.IllegalStateException: There is already an
instance bound to
this thread.
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
org.apache.tomcat.util.net
<http://org.apache.tomcat.util.net>.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
org.apache.tomcat.util.net
<http://org.apache.tomcat.util.net>.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)
As my webapp is version="3.0", I should not have
configuration to set in
the web.xml (correct me if I am wrong).
However, as there are sometimes strange behaviours with
tomcat, I tried
to explicitly define config as indicated in
https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
,
but it does not change anything.
Any help welcomed !
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
--
Martin Kouba
Software Engineer
Red Hat, Czech Republic
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
--
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
Re: Problem with servlet module
Posted by Christian Kaltepoth <ch...@kaltepoth.de>.
Hey Ludovic,
I'm not completely sure if Tomcat behaves correctly when it calls
requestInitialized() more than once for a request. I'll try to clarify this.
I agree with Martin that it should work fine if you just using
RequestResponseHolderFilter.
Unfortunately RequestResponseHolderListener is currently
not deactivateable. So the only workaround would be to set
metadata-complete="true" in your web.xml and include everything except for
RequestResponseHolderListener from [1] in your own web.xml.
You could also use <absolute-ordering> without <others/> to basically
exclude DeltaSpike's web-fragment.xml from being processed.
I hope this helps.
Christian
[1]
https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml
2015-07-09 9:34 GMT+02:00 Martin Kouba <mk...@redhat.com>:
> Hi,
>
> some time ago I observed that Tomcat fires superfluous init/destroy events
> when form based auth is used. See also
> http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
>
> So one way to fix the problem would be not to use the listener to bind the
> current ServletRequest. I'm not sure whether it's possible to disable the
> RequestResponseHolderListener and only use RequestResponseHolderFilter
> though...
>
> Martin
>
> Dne 9.7.2015 v 09:13 l.penet@senat.fr napsal(a):
>
> Hi.
>>
>> I have a problem with servlet module.
>>
>> I am using Tomcat 8.0.23 and it seems to me that there is a bug when
>> using container managed security with auth method set to "FORM".
>>
>> In my web.xml, I have :
>>
>> <login-config>
>> <auth-method>FORM</auth-method>
>> <form-login-config>
>> <form-login-page>/login.xhtml</form-login-page>
>> <form-error-page>/access-denied.xhtml</form-error-page>
>> </form-login-config>
>> </login-config>
>>
>>
>> + securiy constraints.
>>
>> When the forward to the form login page is performed, an exception is
>> raised because the same thread is registered twice.
>>
>> So, an illegal state exception is raised with the following stack trace :
>>
>> java.lang.IllegalStateException: There is already an instance bound to
>> this thread.
>>
>> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
>>
>> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
>>
>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
>>
>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
>>
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
>>
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
>>
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
>>
>> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
>>
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
>>
>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>>
>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>> org.apache.tomcat.util.net
>> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>> org.apache.tomcat.util.net
>> .NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>>
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>> java.lang.Thread.run(Thread.java:745)
>>
>>
>> As my webapp is version="3.0", I should not have configuration to set in
>> the web.xml (correct me if I am wrong).
>>
>> However, as there are sometimes strange behaviours with tomcat, I tried
>> to explicitly define config as indicated in
>> https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup ,
>> but it does not change anything.
>>
>> Any help welcomed !
>>
>> Ludovic
>>
>>
>> |
>> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
>> |
>>
>>
>>
> --
> Martin Kouba
> Software Engineer
> Red Hat, Czech Republic
>
--
Christian Kaltepoth
Blog: http://blog.kaltepoth.de/
Twitter: http://twitter.com/chkal
GitHub: https://github.com/chkal
Re: Problem with servlet module
Posted by Martin Kouba <mk...@redhat.com>.
Hi,
some time ago I observed that Tomcat fires superfluous init/destroy
events when form based auth is used. See also
http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results
So one way to fix the problem would be not to use the listener to bind
the current ServletRequest. I'm not sure whether it's possible to
disable the RequestResponseHolderListener and only use
RequestResponseHolderFilter though...
Martin
Dne 9.7.2015 v 09:13 l.penet@senat.fr napsal(a):
> Hi.
>
> I have a problem with servlet module.
>
> I am using Tomcat 8.0.23 and it seems to me that there is a bug when
> using container managed security with auth method set to "FORM".
>
> In my web.xml, I have :
>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/login.xhtml</form-login-page>
> <form-error-page>/access-denied.xhtml</form-error-page>
> </form-login-config>
> </login-config>
>
>
> + securiy constraints.
>
> When the forward to the form login page is performed, an exception is
> raised because the same thread is registered twice.
>
> So, an illegal state exception is raised with the following stack trace :
>
> java.lang.IllegalStateException: There is already an instance bound to
> this thread.
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
> org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> java.lang.Thread.run(Thread.java:745)
>
>
> As my webapp is version="3.0", I should not have configuration to set in
> the web.xml (correct me if I am wrong).
>
> However, as there are sometimes strange behaviours with tomcat, I tried
> to explicitly define config as indicated in
> https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup ,
> but it does not change anything.
>
> Any help welcomed !
>
> Ludovic
>
>
> |
> | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> |
>
>
--
Martin Kouba
Software Engineer
Red Hat, Czech Republic