Return-Path: X-Original-To: apmail-roller-user-archive@www.apache.org Delivered-To: apmail-roller-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 158C010ADA for ; Sat, 10 Jan 2015 15:39:37 +0000 (UTC) Received: (qmail 42130 invoked by uid 500); 10 Jan 2015 15:39:38 -0000 Delivered-To: apmail-roller-user-archive@roller.apache.org Received: (qmail 42113 invoked by uid 500); 10 Jan 2015 15:39:38 -0000 Mailing-List: contact user-help@roller.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@roller.apache.org Delivered-To: mailing list user@roller.apache.org Received: (qmail 42100 invoked by uid 99); 10 Jan 2015 15:39:37 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 10 Jan 2015 15:39:37 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [112.78.112.174] (HELO www1834.sakura.ne.jp) (112.78.112.174) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 10 Jan 2015 15:39:32 +0000 Received: from [10.0.1.11] (i114-187-224-118.s41.a037.ap.plala.or.jp [114.187.224.118]) (authenticated bits=0) by www1834.sakura.ne.jp (8.14.5/8.14.5) with ESMTP id t0AFaenW069691 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 11 Jan 2015 00:36:41 +0900 (JST) (envelope-from kyle@bridge9.sakura.ne.jp) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: Salt stays same in entryEdit page - is it by design? From: kyle In-Reply-To: <96136DF5-16B7-440F-8367-0ADFC1A9E1EA@bridge9.sakura.ne.jp> Date: Sun, 11 Jan 2015 00:36:40 +0900 Content-Transfer-Encoding: quoted-printable Message-Id: <261C0394-1569-44B4-B4DC-CBE943433853@bridge9.sakura.ne.jp> References: <80E8DC3B-B23A-4F33-BE4D-E783692F499A@bridge9.sakura.ne.jp> <54b127de.105f8c0a.0b38.0c54@mx.google.com> <96136DF5-16B7-440F-8367-0ADFC1A9E1EA@bridge9.sakura.ne.jp> To: user@roller.apache.org X-Mailer: Apple Mail (2.1878.6) X-Virus-Checked: Checked by ClamAV on apache.org I think I found the cause. UIAction#setSalt(String) is being invoked = with old salt value (maybe it comes from POST parameter). simply = deleting UIAction#setSalt(String) solved the problem on my workspace. = now I'm seeing a new salt value at every hitting of "Save as draft". 2015/01/10 22:49=E3=80=81kyle = =E3=81=AE=E3=83=A1=E3=83=BC=E3=83=AB=EF=BC=9A > Hello Glen, >=20 > Thanks for the response. >=20 > I think it appears that my previous email was not clear. in my = environment, the clock won't restart when I hit save as draft. the clock = start ticking at the first time I visit the editing page, it never stops = so I can't stay in the editing page over 60 minutes. to restart the = clock (to get a new salt), I need 2 steps - move to other page and get = back to the editing page. do you mean I should doing so? >=20 > 2015/01/10 22:22=E3=80=81Glen wrote: >=20 >> Hi Kyle, while it probably could be handled more elegantly, your = writing would not normally be lost, as you can just hit the back key = from your browser to get back to your text. 60 minutes is pretty = generous and the clock restarts everytime you hit save draft as you = periodically should be doing anyway. We haven't the resources to try to = implement google doc style editing within blog entries, at any rate for = long term editing you can use your favorite desktop editor and then just = copy and paste the html into the roller blog edit field and then publish = it. >>=20 >> Yes this happens with other containers like Tomcat. >>=20 >> Glen >>=20 >> -----Original Message----- >> From: "kyle" >> Sent: =E2=80=8E1/=E2=80=8E10/=E2=80=8E2015 7:57 AM >> To: "user@roller.apache.org" >> Subject: Salt stays same in entryEdit page - is it by design? >>=20 >> Hello, I'm running Roller 5.1.1 on WildFly 8.2.0.Final. >>=20 >> Recently I got into a problem which is getting status code 500 >> by "javax.servlet.ServletException: Security Violation." >> at editing page 1 or 2 times per day. >> it occurs when I push save as draft button. >>=20 >> I'm looking into this problem now, >> then I found that the salt value in the editing page stays same >> while I'm writing content and pushing save button sometimes. >> I mean this element in the form: >> >>=20 >> I turned on DEBUG logs, then I can see the problem more clearly. >>=20 >> DEBUG 2015-01-10 20:52:28,267 SaltCache:put - PUT = 8l4wTyF0LBKuhJLJ5zvU >> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT = 8l4wTyF0LBKuhJLJ5zvU >> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT = 8l4wTyF0LBKuhJLJ5zvU >> ...snip... >> DEBUG 2015-01-10 21:51:49,744 SaltCache:get - HIT = 8l4wTyF0LBKuhJLJ5zvU >> DEBUG 2015-01-10 21:53:14,173 ExpiringLRUCacheImpl:get - EXPIRED = [8l4wTyF0LBKuhJLJ5zvU] >> DEBUG 2015-01-10 21:53:14,173 SaltCache:get - MISS = 8l4wTyF0LBKuhJLJ5zvU >>=20 >> And, after some investigating I found that >> all salts will be expired in 60 minutes after creation. >> thus, I can't stay at editing page over 60 minutes. >> If I overstayed, then I can't save my draft anymore >> and got "Security Violation". >>=20 >> Is it expected behavior? >> or it might be a WildFly specific problem? >>=20 >> Also I posted about the problem: >> = http://www.nailedtothex.org/roller/kyle/entry/debugging-roller-s-salt-proc= essing >>=20 >> Thanks. >=20 >=20