tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kouba <>
Subject Re: The way Tomcat7 fires requestInitialized/requestDestroyed events breaks Weld (CDI)
Date Fri, 06 Dec 2013 13:13:50 GMT
Dne 6.12.2013 13:08, Mark Thomas napsal(a):
> On 06/12/2013 11:22, Martin Kouba wrote:
>> Hi all,
>> while investigating an user issue I found out that
>> org.apache.catalina.authenticator.FormAuthenticator (Tomcat 7 codebase)
>> fires requestInitialized/requestDestroyed events during forwards (login
>> and error page) [1]. However ApplicationDispatcher fires these events as
>> well (if "fireRequestListenersOnForwards" is set to true) [2]. So if you
>> do form based auth init/destroy events are fired 3x.
>> Moreover it seems the event payload request is missing
>> "javax.servlet.forward.request_uri" attribute. So Weld is not able to
>> identify such "nested forward event" and we have problems during CDI
>> contexts termination.
>> I think FormAuthenticator should not fire those events at all. And the
>> event request should have those attributes set. Am I missing something?
> The CDI community missed an opportunity to have some specific events
> added to the Servlet 3.1 specification to handle forwards and includes.
> See also
> The door was wide open but no-one spoke up so nothing was added.
> It looks to me like the events in the FORM authenticator should be
> removed leaving it up to the ApplicationDispatcher to fire them if
> fireRequestListenersOnForwards is true.
> The javax.servlet.forward.request_uri is not set for the event fired
> from the FormAuthenticator.
> The javax.servlet.forward.request_uri is set for the event fired from
> the RequestDispatcher.
> Mark

Hi Mark,

thanks for response. My quick test shows that
"javax.servlet.forward.request_uri" is not set for RequestDispatcher
(Tomcat 7.0.47). I will create a bug and provide a simple test app. With
regard to FormAuthenticator - I will check bug 49991 (it seems related
although it's about redirects).


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message