Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 24715 invoked from network); 15 May 2007 22:26:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 15 May 2007 22:26:29 -0000 Received: (qmail 44705 invoked by uid 500); 15 May 2007 22:26:34 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 44653 invoked by uid 500); 15 May 2007 22:26:33 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 44642 invoked by uid 99); 15 May 2007 22:26:33 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 May 2007 15:26:33 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: local policy) Received: from [69.147.95.90] (HELO smtp127.plus.mail.sp1.yahoo.com) (69.147.95.90) by apache.org (qpsmtpd/0.29) with SMTP; Tue, 15 May 2007 15:26:26 -0700 Received: (qmail 92617 invoked from network); 15 May 2007 22:26:06 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:Mime-Version:In-Reply-To:References:Content-Type:Message-Id:Content-Transfer-Encoding:From:Subject:Date:To:X-Mailer; b=TnRJ9l/8HRZXUZllsJ6I+eKBUI2s2i2UvE68au/FX6TuSqLEvbi6FefEUGfrmqZ95s9pr1s3BxmJgrJHG7U85MU7fbxKCd6sK9J/KRcn3z8eHdKCaAjKqulOLUp43ch9u0Cg46fI3UIvbtkE2qZkrYZszio5WJCtlH09xDQvzVo= ; Received: from unknown (HELO ?10.11.55.8?) (david_jencks@63.105.20.225 with plain) by smtp127.plus.mail.sp1.yahoo.com with SMTP; 15 May 2007 22:26:05 -0000 Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <20070515175114.A272F1A983E@eris.apache.org> References: <20070515175114.A272F1A983E@eris.apache.org> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <21682396-0641-44C1-A31A-2DFDB8DAC340@yahoo.com> Content-Transfer-Encoding: 7bit From: David Jencks Subject: Re: svn commit: r538265 - /geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java Date: Tue, 15 May 2007 15:26:13 -0700 To: dev@geronimo.apache.org X-Mailer: Apple Mail (2.752.3) X-Virus-Checked: Checked by ClamAV on apache.org I think we need to fix this by having jetty check for a response before trying to use it. Which authenticator is this using? I filed a bug http://jira.codehaus.org/browse/JETTY-340 for this situation in the FormAuthenticator. I'm going to be removing this change as part of GERONIMO-3154. I'm happy to take this up with Greg W if necessary, but I don't think this is an appropriate fix. thanks david jencks On May 15, 2007, at 10:51 AM, rickmcguire@apache.org wrote: > Author: rickmcguire > Date: Tue May 15 10:51:13 2007 > New Revision: 538265 > > URL: http://svn.apache.org/viewvc?view=rev&rev=538265 > Log: > Fix exception when authenticator fails because of missing certs. > > > Modified: > geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ > apache/geronimo/jetty6/handler/JettySecurityHandler.java > > Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/main/ > java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java > URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/ > geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/ > JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265 > ====================================================================== > ======== > --- geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ > apache/geronimo/jetty6/handler/JettySecurityHandler.java (original) > +++ geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ > apache/geronimo/jetty6/handler/JettySecurityHandler.java Tue May 15 > 10:51:13 2007 > @@ -259,11 +259,16 @@ > // j_security_check. > // if we are logged in, return the logged in principal. > if (request != null) { > - // null response appears to prevent redirect to login > page > - Principal user = authenticator.authenticate(realm, > pathInContext, > - request, null); > - if (user != null) { > - return user; > + try { > + // null response appears to prevent redirect to > login page > + Principal user = authenticator.authenticate(realm, > pathInContext, > + request, null); > + if (user != null) { > + return user; > + } > + } catch (Exception e) { > + // the Jetty authenticator tries to write something to > the response if > + // there is a failure. Ignore any errors and continue > as if this failed. > } > } > > >