<div dir="ltr"><div><div><div><div><div><div><div><div><div><div><div><div>Hi Folks,<br><br></div>I was using the filter: org.keycloak.adapters.saml.servlet.SamlFilter in our application.<br><br></div>I got the following exception in the logs:<br><br>ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/].[AppName]]
Servlet.service() for servlet NasDefault threw exception:
java.lang.RuntimeException: This method is not supported in a restored
authenticated request<br> at org.keycloak.adapters.servlet.FilterSessionStore$1.getDateHeader(FilterSessionStore.java:178) [:1.7.0.CR1]<br> at org.apache.catalina.servlets.DefaultServlet.checkIfModifiedSince(DefaultServlet.java:1731) [:]<br> at org.apache.catalina.servlets.DefaultServlet.checkIfHeaders(DefaultServlet.java:608) [:]<br> at org.apache.catalina.servlets.DefaultServlet.serveResource(DefaultServlet.java:714) [:]<br> at org.apache.catalina.servlets.DefaultServlet.doGet(DefaultServlet.java:368) [:]<br> at javax.servlet.http.HttpServlet.service(HttpServlet.java:734) [:1.0.0.Final]<br> at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [:1.0.0.Final]<br> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:]<br> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:]<br>... (trimmed)<br>...<br> at org.keycloak.adapters.saml.servlet.SamlFilter.doFilter(SamlFilter.java:125) [:1.7.0.CR1]<br>...(trimmed)<br>...<br>etc.<br><br></div>After looking into the Keycloak code base, I saw the method (implemented in an anonymous class):<br>javax.servlet.http.HttpServletRequestWrapper#getDateHeader<br></div>inside the class: org.keycloak.adapters.servlet.FilterSessionStore <br><br></div>The code was:<br>@Override<br>public long getDateHeader(String name) {<br> if (!needRequestRestore) return super.getDateHeader(name);<br> throw new RuntimeException("This method is not supported in a restored authenticated request");<br> }<br><br></div><div>Looks like a particular case isn't implemented yet, and an exception is thrown. <br></div><div><br></div>After looking into the JEE API at: <a href="http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html#getDateHeader-java.lang.String-">http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html#getDateHeader-java.lang.String-</a> <br><br></div>It is required that any class implementing HttpServletRequest getDateHeader() method, return a -1 in case it cannot get the required header.<br><br></div>Hence, I suggest that instead of throwing an exception to handle the error condition, we should return -1.<br><br></div><b>Any help appreciated.</b><br><br></div>Thanks,<br></div>Regards,<br></div>Akshay <br><div><div><div><div><div><div><div><div><div><br><div><div><br><br></div></div></div></div></div></div></div></div></div></div></div></div>