Thanks to your excellent analysis it was easy for me to figure out a fix.
The problem is that LocalizationFilter's HttpRequestWrapper for reasons of brewity extends, and makes use of HttpServletRequestWrapper which is there for exactly that purpose.
Catalina, however is being a bit too smart, probably in order to support certain cross-context scenarios, but in a way that breaks proper behaviour for our case. In ApplicationDispatcher it detects that LocalizationFilter's HttpRequestWrapper is instanceof ServletRequestWrapper, and injects a different request object into it via inherited setRequest() method - effectively making it wrap a completely different request.
The solution is simply not to use HttpServletRequestWrapper when implementing LocalizationFilter's HttpRequestWrapper.
I'll do some more tests before committing.
On Sun, Sep 5, 2010 at 4:00 PM, Phuong Vu Viet
<vstorm83@gmail.com> wrote:
Steps to reproduce:
- Try to register new user : fill the form with all needed data
- Expect : Register successfully, but always show PopupMessage : Text verification isn't correct
I've tried to debug and found that :
- in PortalController servlet and CaptchaServlet : i can retrieve the same HttpSession from the HttpRequestWrapper (wrapped in LocalizationFilter)
- but in the CaptchaValidator : after call to portalRequestContext.getRequest().getSession() , the HttpSession object is difference with the one we retrieved in PortalController
Actually, in each request, ApplicationDispatcher doesn't wrap the ServletFacade , it wrap the
HttpRequestWrapper (RequestFacade has already wrapped by LocalizationFilter), and the local variable crossContext is set to true
--> In portlet, when i call getSession(), the wrapper object delegates the call to ApplicationHttpRequest, but this wrapper doesn't delegate to RequestFacade's getSession() method but
return the wrong HttSession
_______________________________________________
gatein-dev mailing list
gatein-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/gatein-dev