deltaspike-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "l.penet@senat.fr" <l.pe...@senat.fr>
Subject Re: Problem with servlet module
Date Fri, 10 Jul 2015 07:23:24 GMT
Well, I shall try to raise the question on the tomcat list. I had other 
troubles with this double registration, so it might be worth the time.

Thanks for the quick replies and the workaround, but I fear it might be 
more complex to understand for some other guy taking over my current 
project in some time than a clearly different, patched, dependency.

The simplest thing would be, IMHO, to allow double, identical, 
registration, but I understand that you do not want to stuff your clean 
work with kludges. It would however make servlet module more 
straightforward to use for Tomcat users, who are not a small user base. :)

Ludovic

Le 10 juillet 2015 07:05:11 CEST, Christian Kaltepoth 
<christian@kaltepoth.de> a écrit :

    Hey Ludovic,

    I'm not completely sure if Tomcat behaves correctly when it calls
    requestInitialized() more than once for a request. I'll try
    to clarify this.

    I agree with Martin that it should work fine if you just using
    RequestResponseHolderFilter.
    Unfortunately RequestResponseHolderListener is currently
    not deactivateable. So the only workaround would be to set
    metadata-complete="true" in your web.xml and include everything
    except for RequestResponseHolderListener from [1] in your own web.xml.

    You could also use <absolute-ordering> without <others/> to
    basically exclude DeltaSpike's web-fragment.xml from being processed.

    I hope this helps.

    Christian

    [1]
    https://github.com/apache/deltaspike/blob/master/deltaspike/modules/servlet/impl/src/main/resources/META-INF/web-fragment.xml

    2015-07-09 9:34 GMT+02:00 Martin Kouba <mkouba@redhat.com
    <mailto:mkouba@redhat.com>>:

        Hi,

        some time ago I observed that Tomcat fires superfluous
        init/destroy events when form based auth is used. See also
        http://markmail.org/thread/uswkg6lvndmbeldf#query:+page:1+mid:uswkg6lvndmbeldf+state:results

        So one way to fix the problem would be not to use the listener
        to bind the current ServletRequest. I'm not sure whether it's
        possible to disable the RequestResponseHolderListener and only
        use RequestResponseHolderFilter though...

        Martin

        Dne 9.7.2015 v 09:13 l.penet@senat.fr <mailto:l.penet@senat.fr>
        napsal(a):

            Hi.

            I have a problem with servlet module.

            I am using Tomcat 8.0.23 and it seems to me that there is a
            bug when
            using container managed security with auth method set to "FORM".

            In my web.xml, I have :

                  <login-config>
                      <auth-method>FORM</auth-method>
                      <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/access-denied.xhtml</form-error-page>
                      </form-login-config>
                  </login-config>


            + securiy constraints.

            When the forward to the form login page is performed, an
            exception is
            raised because the same thread is registered twice.

            So, an illegal state exception is raised with the following
            stack trace :

            java.lang.IllegalStateException: There is already an
            instance bound to
            this thread.
              org.apache.deltaspike.servlet.impl.produce.RequestResponseHolder.bind(RequestResponseHolder.java:62)
              org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderListener.requestInitialized(RequestResponseHolderListener.java:33)
              org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:383)
              org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229)
              org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:577)
              org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
              org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
              org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
              org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
              org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
              org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
              org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
            org.apache.tomcat.util.net
            <http://org.apache.tomcat.util.net>.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
            org.apache.tomcat.util.net
            <http://org.apache.tomcat.util.net>.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
              java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
              java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
              org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
                  java.lang.Thread.run(Thread.java:745)


            As my webapp is version="3.0", I should not have
            configuration to set in
            the web.xml (correct me if I am wrong).

            However, as there are sometimes strange behaviours with
            tomcat, I tried
            to explicitly define config as indicated in
            https://deltaspike.apache.org/documentation/servlet.html#ProjectSetup
            ,
            but it does not change anything.

            Any help welcomed !

            Ludovic


            |
            | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
            |



        -- 
        Martin Kouba
        Software Engineer
        Red Hat, Czech Republic




    -- 
    Christian Kaltepoth
    Blog: http://blog.kaltepoth.de/
    Twitter: http://twitter.com/chkal
    GitHub: https://github.com/chkal


-- 
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.

|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message