April 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-6315) session.invalidate() behaviour not conform Servlet specification in HA profile

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-6315?page=com.atlassian.jira.plugin.... ] Paul Ferraro edited comment on WFLY-6315 at 4/28/16 11:08 AM: -------------------------------------------------------------- "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request - thus your HttpSession references are not guaranteed to be valid/functional. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. was (Author: pferraro): "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request (or listener) - thus your HttpSession references are not guaranteed to be valid/functional. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. > session.invalidate() behaviour not conform Servlet specification in HA profile > ------------------------------------------------------------------------------ > > Key: WFLY-6315 > URL: https://issues.jboss.org/browse/WFLY-6315 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 10.0.0.Final > Environment: Wildfly 8.2.1-Final > JDK 1.8.0_66-b17 > Windows & Linux > Reporter: Sammy Chu > Assignee: Paul Ferraro > Priority: Blocker > Attachments: session-invalidate-noreplication.war, session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war, session-invalidate-replication-session.war > > > We suspected that calling session.invalidate() on an already invalidated session with replication-granularity set to "ATTRIBUTE" will throw a NullPointerException, but from the specification it should throw an IllegalStateException instead. > Stack trace as below: > {noformat} > 13:12:35,554 ERROR [io.undertow.request] (default task-32) UT005023: Exception handling request to /<our system url>: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > ... // our application code, just calling "session.invalidate()" > {noformat} > We also enclosed the simplified samples to reproduce this issue (session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war). In general they are the same except the replication-granularity (in jboss-web.xml => replication-granularity) settings. > # session-invalidate-noreplication.war and session-invalidate-replication-session.war works correctly as they are throwing IllegalStateException. > # session-invalidate-replication-attribute.war is buggy because it throw NullPointerException instead. > For more information, please refer to https://developer.jboss.org/message/947295 > *Updated in 2016-04-27* > Test again in Wildfly 8.2.1.Final, Wildfly 10.0.0.Final and Wildfly 10.1.0.Final-SNAPSHOT (master branch), with HA profile (2 nodes in same machine), with my updated WARs, detail as below: > *Wildfly 8.2.1.Final*: > * session-invalidate-noreplication.war - throwing IllegalStateException in the index.jsp (line 62), which is expected, detail stacktrace as below: > {noformat} > 15:42:56,424 INFO [stdout] (default task-9) {} session.invalidate() throw IllegalStateException, but it is intended!!! > 15:42:56,424 ERROR [stderr] (default task-9) {} java.lang.IllegalStateException: UT000021: Session already invalidated > 15:42:56,424 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:415) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:404) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) > 15:42:56,425 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) > 15:42:56,426 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) > 15:42:56,426 ERROR [stderr] (default task-9) {} at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > 15:42:56,427 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.lang.Thread.run(Thread.java:745) > {noformat} > * session-invalidate-replication-session.war - do *NOT* throw IllegalStateException when invalidating an already invalidated session, which is incorrect. My test just print: > {noformat} > 15:38:38,568 ERROR [stderr] (default task-4) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-attribute.war - throwing NullPointerException in the index.jsp (line 62), which is incorrect. Detail stacktrace as below: > {noformat} > 15:38:57,894 ERROR [io.undertow.request] (default task-6) {} UT005023: Exception handling request to /session-invalidate-replication-attribute/index.jsp: org.apache.jasper.JasperException: JBWEB004038: An exception occurred processing JSP page /index.jsp at line 7 > 4: <% > 5: if (request.getParameter("logout") != null) { > 6: try { > 7: session.invalidate(); // invalidate the invalidated session > 8: System.err.println("Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException"); > 9: } catch (IllegalStateException e) { > 10: // expected to throw IllegalStateException when invalidate a invalidated session > Stacktrace: > at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:494) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:408) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) [classes:] > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_92] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_92] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_92] > Caused by: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) [jastow-1.0.0.Final.jar:1.0.0.Final] > ... 34 more > {noformat} > *Wildfly-10.0.0.Final:* > * session-invalidate-noreplication.war - same as Wildfly 8 to throw IllegalStateException which is intended. > * session-invalidate-replication-session.war - throwing IllegalStateException in the filter!!! (Yes, in the filter, NOT in the index.jsp!!!) which is incorrect. Detail as below: > {noformat} > 16:00:28,742 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-5) {} ISPN000136: Error executing command GetKeyValueCommand, writing keys []: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,743 ERROR [com.jboss.test.StoreSessionFilter] (default task-5) {} Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on.: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,745 ERROR [stderr] (default task-5) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-session.war - same behaviour as session-invalidate-replication-attribute.war as in Wildfly 10.0.0.Final, which throw exception in filter and do NOT throw exception in index.jsp, which is incorrect. > *Wildfly 10.1.0.Final-SNAPSHOT*: > those 3 cases behaviour identical as Wildfly 10.0.0.Final. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6315) session.invalidate() behaviour not conform Servlet specification in HA profile

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-6315?page=com.atlassian.jira.plugin.... ] Paul Ferraro edited comment on WFLY-6315 at 4/28/16 11:07 AM: -------------------------------------------------------------- "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request - thus your HttpSession references are not guaranteed to be valid/functional. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. was (Author: pferraro): "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request - thus your HttpSession references are not guaranteed to be valid. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. > session.invalidate() behaviour not conform Servlet specification in HA profile > ------------------------------------------------------------------------------ > > Key: WFLY-6315 > URL: https://issues.jboss.org/browse/WFLY-6315 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 10.0.0.Final > Environment: Wildfly 8.2.1-Final > JDK 1.8.0_66-b17 > Windows & Linux > Reporter: Sammy Chu > Assignee: Paul Ferraro > Priority: Blocker > Attachments: session-invalidate-noreplication.war, session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war, session-invalidate-replication-session.war > > > We suspected that calling session.invalidate() on an already invalidated session with replication-granularity set to "ATTRIBUTE" will throw a NullPointerException, but from the specification it should throw an IllegalStateException instead. > Stack trace as below: > {noformat} > 13:12:35,554 ERROR [io.undertow.request] (default task-32) UT005023: Exception handling request to /<our system url>: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > ... // our application code, just calling "session.invalidate()" > {noformat} > We also enclosed the simplified samples to reproduce this issue (session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war). In general they are the same except the replication-granularity (in jboss-web.xml => replication-granularity) settings. > # session-invalidate-noreplication.war and session-invalidate-replication-session.war works correctly as they are throwing IllegalStateException. > # session-invalidate-replication-attribute.war is buggy because it throw NullPointerException instead. > For more information, please refer to https://developer.jboss.org/message/947295 > *Updated in 2016-04-27* > Test again in Wildfly 8.2.1.Final, Wildfly 10.0.0.Final and Wildfly 10.1.0.Final-SNAPSHOT (master branch), with HA profile (2 nodes in same machine), with my updated WARs, detail as below: > *Wildfly 8.2.1.Final*: > * session-invalidate-noreplication.war - throwing IllegalStateException in the index.jsp (line 62), which is expected, detail stacktrace as below: > {noformat} > 15:42:56,424 INFO [stdout] (default task-9) {} session.invalidate() throw IllegalStateException, but it is intended!!! > 15:42:56,424 ERROR [stderr] (default task-9) {} java.lang.IllegalStateException: UT000021: Session already invalidated > 15:42:56,424 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:415) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:404) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) > 15:42:56,425 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) > 15:42:56,426 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) > 15:42:56,426 ERROR [stderr] (default task-9) {} at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > 15:42:56,427 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.lang.Thread.run(Thread.java:745) > {noformat} > * session-invalidate-replication-session.war - do *NOT* throw IllegalStateException when invalidating an already invalidated session, which is incorrect. My test just print: > {noformat} > 15:38:38,568 ERROR [stderr] (default task-4) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-attribute.war - throwing NullPointerException in the index.jsp (line 62), which is incorrect. Detail stacktrace as below: > {noformat} > 15:38:57,894 ERROR [io.undertow.request] (default task-6) {} UT005023: Exception handling request to /session-invalidate-replication-attribute/index.jsp: org.apache.jasper.JasperException: JBWEB004038: An exception occurred processing JSP page /index.jsp at line 7 > 4: <% > 5: if (request.getParameter("logout") != null) { > 6: try { > 7: session.invalidate(); // invalidate the invalidated session > 8: System.err.println("Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException"); > 9: } catch (IllegalStateException e) { > 10: // expected to throw IllegalStateException when invalidate a invalidated session > Stacktrace: > at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:494) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:408) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) [classes:] > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_92] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_92] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_92] > Caused by: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) [jastow-1.0.0.Final.jar:1.0.0.Final] > ... 34 more > {noformat} > *Wildfly-10.0.0.Final:* > * session-invalidate-noreplication.war - same as Wildfly 8 to throw IllegalStateException which is intended. > * session-invalidate-replication-session.war - throwing IllegalStateException in the filter!!! (Yes, in the filter, NOT in the index.jsp!!!) which is incorrect. Detail as below: > {noformat} > 16:00:28,742 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-5) {} ISPN000136: Error executing command GetKeyValueCommand, writing keys []: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,743 ERROR [com.jboss.test.StoreSessionFilter] (default task-5) {} Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on.: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,745 ERROR [stderr] (default task-5) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-session.war - same behaviour as session-invalidate-replication-attribute.war as in Wildfly 10.0.0.Final, which throw exception in filter and do NOT throw exception in index.jsp, which is incorrect. > *Wildfly 10.1.0.Final-SNAPSHOT*: > those 3 cases behaviour identical as Wildfly 10.0.0.Final. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6315) session.invalidate() behaviour not conform Servlet specification in HA profile

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-6315?page=com.atlassian.jira.plugin.... ] Paul Ferraro edited comment on WFLY-6315 at 4/28/16 11:07 AM: -------------------------------------------------------------- "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request (or listener) - thus your HttpSession references are not guaranteed to be valid/functional. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. was (Author: pferraro): "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request - thus your HttpSession references are not guaranteed to be valid/functional. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. > session.invalidate() behaviour not conform Servlet specification in HA profile > ------------------------------------------------------------------------------ > > Key: WFLY-6315 > URL: https://issues.jboss.org/browse/WFLY-6315 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 10.0.0.Final > Environment: Wildfly 8.2.1-Final > JDK 1.8.0_66-b17 > Windows & Linux > Reporter: Sammy Chu > Assignee: Paul Ferraro > Priority: Blocker > Attachments: session-invalidate-noreplication.war, session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war, session-invalidate-replication-session.war > > > We suspected that calling session.invalidate() on an already invalidated session with replication-granularity set to "ATTRIBUTE" will throw a NullPointerException, but from the specification it should throw an IllegalStateException instead. > Stack trace as below: > {noformat} > 13:12:35,554 ERROR [io.undertow.request] (default task-32) UT005023: Exception handling request to /<our system url>: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > ... // our application code, just calling "session.invalidate()" > {noformat} > We also enclosed the simplified samples to reproduce this issue (session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war). In general they are the same except the replication-granularity (in jboss-web.xml => replication-granularity) settings. > # session-invalidate-noreplication.war and session-invalidate-replication-session.war works correctly as they are throwing IllegalStateException. > # session-invalidate-replication-attribute.war is buggy because it throw NullPointerException instead. > For more information, please refer to https://developer.jboss.org/message/947295 > *Updated in 2016-04-27* > Test again in Wildfly 8.2.1.Final, Wildfly 10.0.0.Final and Wildfly 10.1.0.Final-SNAPSHOT (master branch), with HA profile (2 nodes in same machine), with my updated WARs, detail as below: > *Wildfly 8.2.1.Final*: > * session-invalidate-noreplication.war - throwing IllegalStateException in the index.jsp (line 62), which is expected, detail stacktrace as below: > {noformat} > 15:42:56,424 INFO [stdout] (default task-9) {} session.invalidate() throw IllegalStateException, but it is intended!!! > 15:42:56,424 ERROR [stderr] (default task-9) {} java.lang.IllegalStateException: UT000021: Session already invalidated > 15:42:56,424 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:415) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:404) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) > 15:42:56,425 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) > 15:42:56,426 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) > 15:42:56,426 ERROR [stderr] (default task-9) {} at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > 15:42:56,427 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.lang.Thread.run(Thread.java:745) > {noformat} > * session-invalidate-replication-session.war - do *NOT* throw IllegalStateException when invalidating an already invalidated session, which is incorrect. My test just print: > {noformat} > 15:38:38,568 ERROR [stderr] (default task-4) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-attribute.war - throwing NullPointerException in the index.jsp (line 62), which is incorrect. Detail stacktrace as below: > {noformat} > 15:38:57,894 ERROR [io.undertow.request] (default task-6) {} UT005023: Exception handling request to /session-invalidate-replication-attribute/index.jsp: org.apache.jasper.JasperException: JBWEB004038: An exception occurred processing JSP page /index.jsp at line 7 > 4: <% > 5: if (request.getParameter("logout") != null) { > 6: try { > 7: session.invalidate(); // invalidate the invalidated session > 8: System.err.println("Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException"); > 9: } catch (IllegalStateException e) { > 10: // expected to throw IllegalStateException when invalidate a invalidated session > Stacktrace: > at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:494) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:408) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) [classes:] > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_92] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_92] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_92] > Caused by: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) [jastow-1.0.0.Final.jar:1.0.0.Final] > ... 34 more > {noformat} > *Wildfly-10.0.0.Final:* > * session-invalidate-noreplication.war - same as Wildfly 8 to throw IllegalStateException which is intended. > * session-invalidate-replication-session.war - throwing IllegalStateException in the filter!!! (Yes, in the filter, NOT in the index.jsp!!!) which is incorrect. Detail as below: > {noformat} > 16:00:28,742 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-5) {} ISPN000136: Error executing command GetKeyValueCommand, writing keys []: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,743 ERROR [com.jboss.test.StoreSessionFilter] (default task-5) {} Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on.: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,745 ERROR [stderr] (default task-5) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-session.war - same behaviour as session-invalidate-replication-attribute.war as in Wildfly 10.0.0.Final, which throw exception in filter and do NOT throw exception in index.jsp, which is incorrect. > *Wildfly 10.1.0.Final-SNAPSHOT*: > those 3 cases behaviour identical as Wildfly 10.0.0.Final. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6315) session.invalidate() behaviour not conform Servlet specification in HA profile

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-6315?page=com.atlassian.jira.plugin.... ] Paul Ferraro commented on WFLY-6315: ------------------------------------ "Our test code stored the session object created in the previous request, and use the session Id to perform session invalidation." "Because Servlet API do not have standard API to lookup the corresponding session by session Id, so step 2 will use a hash map to store the session object." It is fundamentally unsafe to retain a reference to an HttpSession instance outside the context of a request (or once a response has been committed). The container is permitted to passivate/activate or expire a session outside of the scope of a request - thus your HttpSession references are not guaranteed to be valid. For this reason (among many others) http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpSessionContext... was explicitly deprecated. Is there a reason why you are not using WildFly's single-sign on implementation? All of this logic (e.g. invalidating associated sessions on logout) is handled for you. > session.invalidate() behaviour not conform Servlet specification in HA profile > ------------------------------------------------------------------------------ > > Key: WFLY-6315 > URL: https://issues.jboss.org/browse/WFLY-6315 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 10.0.0.Final > Environment: Wildfly 8.2.1-Final > JDK 1.8.0_66-b17 > Windows & Linux > Reporter: Sammy Chu > Assignee: Paul Ferraro > Priority: Blocker > Attachments: session-invalidate-noreplication.war, session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war, session-invalidate-replication-session.war > > > We suspected that calling session.invalidate() on an already invalidated session with replication-granularity set to "ATTRIBUTE" will throw a NullPointerException, but from the specification it should throw an IllegalStateException instead. > Stack trace as below: > {noformat} > 13:12:35,554 ERROR [io.undertow.request] (default task-32) UT005023: Exception handling request to /<our system url>: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > ... // our application code, just calling "session.invalidate()" > {noformat} > We also enclosed the simplified samples to reproduce this issue (session-invalidate-noreplication.war, session-invalidate-replication-attribute.war, session-invalidate-replication-session.war). In general they are the same except the replication-granularity (in jboss-web.xml => replication-granularity) settings. > # session-invalidate-noreplication.war and session-invalidate-replication-session.war works correctly as they are throwing IllegalStateException. > # session-invalidate-replication-attribute.war is buggy because it throw NullPointerException instead. > For more information, please refer to https://developer.jboss.org/message/947295 > *Updated in 2016-04-27* > Test again in Wildfly 8.2.1.Final, Wildfly 10.0.0.Final and Wildfly 10.1.0.Final-SNAPSHOT (master branch), with HA profile (2 nodes in same machine), with my updated WARs, detail as below: > *Wildfly 8.2.1.Final*: > * session-invalidate-noreplication.war - throwing IllegalStateException in the index.jsp (line 62), which is expected, detail stacktrace as below: > {noformat} > 15:42:56,424 INFO [stdout] (default task-9) {} session.invalidate() throw IllegalStateException, but it is intended!!! > 15:42:56,424 ERROR [stderr] (default task-9) {} java.lang.IllegalStateException: UT000021: Session already invalidated > 15:42:56,424 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:415) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.server.session.InMemorySessionManager$SessionImpl.invalidate(InMemorySessionManager.java:404) > 15:42:56,425 ERROR [stderr] (default task-9) {} at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > 15:42:56,425 ERROR [stderr] (default task-9) {} at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) > 15:42:56,425 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) > 15:42:56,426 ERROR [stderr] (default task-9) {} at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) > 15:42:56,426 ERROR [stderr] (default task-9) {} at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) > 15:42:56,426 ERROR [stderr] (default task-9) {} at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) > 15:42:56,426 ERROR [stderr] (default task-9) {} at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > 15:42:56,427 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > 15:42:56,427 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) > 15:42:56,428 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,428 ERROR [stderr] (default task-9) {} at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) > 15:42:56,429 ERROR [stderr] (default task-9) {} at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > 15:42:56,430 ERROR [stderr] (default task-9) {} at java.lang.Thread.run(Thread.java:745) > {noformat} > * session-invalidate-replication-session.war - do *NOT* throw IllegalStateException when invalidating an already invalidated session, which is incorrect. My test just print: > {noformat} > 15:38:38,568 ERROR [stderr] (default task-4) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-attribute.war - throwing NullPointerException in the index.jsp (line 62), which is incorrect. Detail stacktrace as below: > {noformat} > 15:38:57,894 ERROR [io.undertow.request] (default task-6) {} UT005023: Exception handling request to /session-invalidate-replication-attribute/index.jsp: org.apache.jasper.JasperException: JBWEB004038: An exception occurred processing JSP page /index.jsp at line 7 > 4: <% > 5: if (request.getParameter("logout") != null) { > 6: try { > 7: session.invalidate(); // invalidate the invalidated session > 8: System.err.println("Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException"); > 9: } catch (IllegalStateException e) { > 10: // expected to throw IllegalStateException when invalidate a invalidated session > Stacktrace: > at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:494) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:408) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) [jastow-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:72) [classes:] > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_92] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_92] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_92] > Caused by: java.lang.NullPointerException > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:103) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory$1.invoke(FineSessionFactory.java:100) > at org.jboss.as.clustering.infinispan.invoker.SimpleCacheInvoker.invoke(SimpleCacheInvoker.java:34) > at org.jboss.as.clustering.infinispan.invoker.RetryingCacheInvoker.invoke(RetryingCacheInvoker.java:87) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:109) > at org.wildfly.clustering.web.infinispan.session.fine.FineSessionFactory.remove(FineSessionFactory.java:53) > at org.wildfly.clustering.web.infinispan.session.InfinispanSession.invalidate(InfinispanSession.java:74) > at org.wildfly.clustering.web.infinispan.session.InfinispanSessionManager$SchedulableSession.invalidate(InfinispanSessionManager.java:359) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:140) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final] > at org.apache.jsp.index_jsp._jspService(index_jsp.java:62) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) [jastow-1.0.0.Final.jar:1.0.0.Final] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366) [jastow-1.0.0.Final.jar:1.0.0.Final] > ... 34 more > {noformat} > *Wildfly-10.0.0.Final:* > * session-invalidate-noreplication.war - same as Wildfly 8 to throw IllegalStateException which is intended. > * session-invalidate-replication-session.war - throwing IllegalStateException in the filter!!! (Yes, in the filter, NOT in the index.jsp!!!) which is incorrect. Detail as below: > {noformat} > 16:00:28,742 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-5) {} ISPN000136: Error executing command GetKeyValueCommand, writing keys []: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,743 ERROR [com.jboss.test.StoreSessionFilter] (default task-5) {} Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on.: java.lang.IllegalStateException: Transaction DummyTransaction{xid=DummyXid{id=5}, status=3} is not in a valid state to be invoking cache operations on. > at org.infinispan.interceptors.TxInterceptor.enlist(TxInterceptor.java:394) > at org.infinispan.interceptors.TxInterceptor.enlistIfNeeded(TxInterceptor.java:350) > at org.infinispan.interceptors.TxInterceptor.enlistReadAndInvokeNext(TxInterceptor.java:344) > at org.infinispan.interceptors.TxInterceptor.visitGetKeyValueCommand(TxInterceptor.java:330) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.base.CommandInterceptor.handleDefault(CommandInterceptor.java:113) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.statetransfer.StateTransferInterceptor.handleTopologyAffectedCommand(StateTransferInterceptor.java:405) > at org.infinispan.statetransfer.StateTransferInterceptor.handleDefault(StateTransferInterceptor.java:390) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.base.CommandInterceptor.invokeNextInterceptor(CommandInterceptor.java:99) > at org.infinispan.interceptors.InvocationContextInterceptor.handleAll(InvocationContextInterceptor.java:107) > at org.infinispan.interceptors.InvocationContextInterceptor.handleDefault(InvocationContextInterceptor.java:76) > at org.infinispan.commands.AbstractVisitor.visitGetKeyValueCommand(AbstractVisitor.java:85) > at org.infinispan.commands.read.GetKeyValueCommand.acceptVisitor(GetKeyValueCommand.java:40) > at org.infinispan.interceptors.InterceptorChain.invoke(InterceptorChain.java:336) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:411) > at org.infinispan.cache.impl.CacheImpl.get(CacheImpl.java:403) > at org.infinispan.cache.impl.AbstractDelegatingCache.get(AbstractDelegatingCache.java:286) > at org.wildfly.clustering.server.registry.CacheRegistry.getEntry(CacheRegistry.java:128) > at org.wildfly.clustering.web.infinispan.session.InfinispanRouteLocator.locate(InfinispanRouteLocator.java:58) > at org.wildfly.clustering.web.undertow.session.DistributableSessionIdentifierCodec.encode(DistributableSessionIdentifierCodec.java:48) > at org.wildfly.extension.undertow.session.CodecSessionConfig.clearSession(CodecSessionConfig.java:51) > at io.undertow.servlet.spec.ServletContextImpl$ServletContextSessionConfig.clearSession(ServletContextImpl.java:985) > at org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:184) > at io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:199) > at com.jboss.test.StoreSessionFilter.doFilter(StoreSessionFilter.java:58) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > 16:00:28,745 ERROR [stderr] (default task-5) {} Should not reach here!!! That means session.invalidate() do NOT throw IllegalStateException > {noformat} > * session-invalidate-replication-session.war - same behaviour as session-invalidate-replication-attribute.war as in Wildfly 10.0.0.Final, which throw exception in filter and do NOT throw exception in index.jsp, which is incorrect. > *Wildfly 10.1.0.Final-SNAPSHOT*: > those 3 cases behaviour identical as Wildfly 10.0.0.Final. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6477) PolicyContextTestCase misses SecurityPermission when run with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6477?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6477: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > PolicyContextTestCase misses SecurityPermission when run with security manager > ------------------------------------------------------------------------------ > > Key: WFLY-6477 > URL: https://issues.jboss.org/browse/WFLY-6477 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.security.jacc.context.PolicyContextTestCase#testHttpServletRequestFromPolicyContext* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.jacc.context.PolicyContextTestCase#testHttpServletRequestFromPolicyContext -Dsecurity.manager}} > Fails with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.security.SecurityPermission" "getPolicy")" in code source "(vfs:/content/ear-jacc-context.ear/ear-jacc-context.jar <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:99) > at org.jboss.as.test.integration.security.jacc.context.PolicyContextTestBean.getHttpServletRequestFromPolicyContext(PolicyContextTestBean.java:35) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:82) > at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:93) > at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.component.invocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > at org.jboss.weld.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:73) > at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:83) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:45) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) > at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:52) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:275) > ... 67 more > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6521) RolloutPlanTestCase fails with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6521?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6521: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > RolloutPlanTestCase fails with security manager > ----------------------------------------------- > > Key: WFLY-6521 > URL: https://issues.jboss.org/browse/WFLY-6521 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestCase#testMaxFailServersPercentageRolloutPlan* > *org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestCase#testMaxFailServersRolloutPlan* > *org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestCase#testRollbackAcrossGroupsRolloutPlan* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.domain -Dtest=org.jboss.as.test.integration.domain.suites.CLITestSuite -Dsecurity.manager}} > Fails with: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /RolloutPlanTestCase/RolloutServlet: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.net.SocketPermission" "localhost:8081" "listen,resolve")" in code source "(vfs:/content/RolloutPlanTestCase.war/WEB-INF/classes <no signer certificates>)" of "null") > [Server:main-one] at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > [Server:main-one] at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > [Server:main-one] at java.lang.SecurityManager.checkListen(SecurityManager.java:1131) [rt.jar:1.8.0_71] > [Server:main-one] at org.wildfly.security.manager.WildFlySecurityManager.checkListen(WildFlySecurityManager.java:419) > [Server:main-one] at java.net.ServerSocket.bind(ServerSocket.java:374) [rt.jar:1.8.0_71] > [Server:main-one] at java.net.ServerSocket.bind(ServerSocket.java:329) [rt.jar:1.8.0_71] > [Server:main-one] at org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestServlet.bind(RolloutPlanTestServlet.java:107) [classes:] > [Server:main-one] at org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestServlet.processRequest(RolloutPlanTestServlet.java:66) [classes:] > [Server:main-one] at org.jboss.as.test.integration.domain.management.cli.RolloutPlanTestServlet.doGet(RolloutPlanTestServlet.java:94) [classes:] > [Server:main-one] at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar:1.0.0.Final-redhat-1] > [Server:main-one] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar:1.0.0.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > [Server:main-one] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > [Server:main-one] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:181) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_71] > [Server:main-one] at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:178) [undertow-servlet-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792) [undertow-core-1.3.21.Final-redhat-1.jar:1.3.21.Final-redhat-1] > [Server:main-one] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_71] > [Server:main-one] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_71] > [Server:main-one] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_71] > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6470) LdapUrlInSearchBaseTestCase fails with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6470?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6470: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > LdapUrlInSearchBaseTestCase fails with security manager > ------------------------------------------------------- > > Key: WFLY-6470 > URL: https://issues.jboss.org/browse/WFLY-6470 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.naming.ldap.LdapUrlInSearchBaseTestCase#testDir* > *org.jboss.as.test.integration.naming.ldap.LdapUrlInSearchBaseTestCase#testLdap* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.naming.ldap.LdapUrlInSearchBaseTestCase -Dsecurity.manager}} > Fail with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.net.SocketPermission" "127.0.0.1:10389" "connect,resolve")" in code source "(vfs:/content/ldap-test.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051) > at org.wildfly.security.manager.WildFlySecurityManager.checkConnect(WildFlySecurityManager.java:407) > at java.net.Socket.connect(Socket.java:584) > at java.net.Socket.connect(Socket.java:538) > at java.net.Socket.<init>(Socket.java:434) > at java.net.Socket.<init>(Socket.java:211) > at com.sun.jndi.ldap.Connection.createSocket(Connection.java:363) > at com.sun.jndi.ldap.Connection.<init>(Connection.java:203) > ... 50 more > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6472) JMXConnectorTestCase fails with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6472?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6472: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > JMXConnectorTestCase fails with security manager > ------------------------------------------------ > > Key: WFLY-6472 > URL: https://issues.jboss.org/browse/WFLY-6472 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.naming.connector.JMXConnectorTestCase#testMBeanCount* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.naming.connector.JMXConnectorTestCase#testMBeanCount -Dsecurity.manager}} > Fails with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.net.SocketPermission" "127.0.0.1:11090" "connect,resolve")" in code source "(vfs:/content/naming-connector-bean <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051) > at org.wildfly.security.manager.WildFlySecurityManager.checkConnect(WildFlySecurityManager.java:407) > at java.net.Socket.connect(Socket.java:584) > at java.net.Socket.connect(Socket.java:538) > at java.net.Socket.<init>(Socket.java:434) > at java.net.Socket.<init>(Socket.java:211) > at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40) > at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148) > at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613) > at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216) > at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202) > at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342) > at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source) > at com.sun.jndi.rmi.registry.RegistryContext.lookup(RegistryContext.java:118) > at com.sun.jndi.toolkit.url.GenericURLContext.lookup(GenericURLContext.java:205) > at javax.naming.InitialContext.lookup(InitialContext.java:417) > at javax.naming.InitialContext.lookup(InitialContext.java:417) > at javax.naming.InitialContext.doLookup(InitialContext.java:290) > at org.jboss.as.test.integration.naming.connector.ConnectedBean.getMBeanCountFromJNDI(ConnectedBean.java:54) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:82) > at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:93) > at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.component.invocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > at org.jboss.weld.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:73) > at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:83) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:45) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) > at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:52) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51) > at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:275) > ... 46 more > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6476) PasswordMaskingInContainerTestCase fails with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6476?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6476: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > PasswordMaskingInContainerTestCase fails with security manager > -------------------------------------------------------------- > > Key: WFLY-6476 > URL: https://issues.jboss.org/browse/WFLY-6476 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.security.passwordmasking.PasswordMaskingInContainerTestCase#datasourceOperationsTest* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.passwordmasking.PasswordMaskingInContainerTestCase#datasourceOperationsTest -Dsecurity.manager}} > Fails with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "getProtectionDomain")" in code source "(vfs:/content/passwordMasking.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.Class.getProtectionDomain(Class.java:2299) > at org.jboss.as.test.integration.security.passwordmasking.PasswordMaskingInContainerTestCase.<clinit>(PasswordMaskingInContainerTestCase.java:178) > ... 62 more > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6469) Some tests from "org.jboss.as.test.integration.security.xacml.*" fail with security manager

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6469?page=com.atlassian.jira.plugin.... ] Ivo Studensky reassigned WFLY-6469: ----------------------------------- Assignee: Ivo Studensky (was: Jan Tymel) > Some tests from "org.jboss.as.test.integration.security.xacml.*" fail with security manager > ------------------------------------------------------------------------------------------- > > Key: WFLY-6469 > URL: https://issues.jboss.org/browse/WFLY-6469 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Jan Tymel > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase#testAuthenticationCache* > *org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase#testAuthz* > *org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase#testNotAuthn* > *org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase#testNotAuthz* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase -Dsecurity.manager}} > Fail with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/test/jboss-eap-7.0.0.ER7/dist/target/jboss-eap-7.0/modules/system/layers/base/com/sun/xml/bind/main/jaxb-runtime-2.2.11.redhat-4.jar" "read")" in code source "(vfs:/content/test-custom-xacml.jar <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:377) > at java.util.zip.ZipFile.<init>(ZipFile.java:210) > at java.util.zip.ZipFile.<init>(ZipFile.java:149) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:84) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:150) > at java.net.URL.openStream(URL.java:1045) > at javax.xml.bind.ContextFinder.find(ContextFinder.java:292) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:412) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:375) > at org.jboss.security.xacml.core.JBossPDP.<clinit>(JBossPDP.java:126) > ... 202 more > {code} > *org.jboss.as.test.integration.security.xacml.JBossPDPInteroperabilityTestCase#testInteropTestWithObjects* > *org.jboss.as.test.integration.security.xacml.JBossPDPInteroperabilityTestCase#testInteropTestWithXMLRequests* > *org.jboss.as.test.integration.security.xacml.JBossPDPInteroperabilityTestCase#testPoliciesLoadedFromDir* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.xacml.JBossPDPInteroperabilityTestCase -Dsecurity.manager}} > Fail with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/test/jboss-eap-7.0.0.ER7/dist/target/jboss-eap-7.0/modules/system/layers/base/com/sun/xml/bind/main/jaxb-runtime-2.2.11.redhat-4.jar" "read")" in code source "(vfs:/content/pdp-service-bean.jar <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:377) > at java.util.zip.ZipFile.<init>(ZipFile.java:210) > at java.util.zip.ZipFile.<init>(ZipFile.java:149) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:84) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:150) > at java.net.URL.openStream(URL.java:1045) > at javax.xml.bind.ContextFinder.find(ContextFinder.java:292) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:412) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:375) > at org.jboss.security.xacml.core.JBossPDP.<clinit>(JBossPDP.java:126) > ... 152 more > {code} > *org.jboss.as.test.integration.security.xacml.JBossPDPServletInitializationTestCase#testPdpServlet* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.xacml.JBossPDPServletInitializationTestCase#testPdpServlet -Dsecurity.manager}} > Fails with: > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/test/jboss-eap-7.0.0.ER7/dist/target/jboss-eap-7.0/modules/system/layers/base/com/sun/xml/bind/main/jaxb-runtime-2.2.11.redhat-4.jar" "read")" in code source "(vfs:/content/pdp-service-bean.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:377) > at java.util.zip.ZipFile.<init>(ZipFile.java:210) > at java.util.zip.ZipFile.<init>(ZipFile.java:149) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:84) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:150) > at java.net.URL.openStream(URL.java:1045) > at javax.xml.bind.ContextFinder.find(ContextFinder.java:292) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:412) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:375) > at org.jboss.security.xacml.core.JBossPDP.<clinit>(JBossPDP.java:126) > ... 34 more > {code} > *org.jboss.as.test.integration.security.xacml.WebXACMLAuthorizationModuleTestCase#testWebUsingCustomXACMLAuthz* > {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=org.jboss.as.test.integration.security.xacml.WebXACMLAuthorizationModuleTestCase#testWebUsingCustomXACMLAuthz -Dsecurity.manager}} > {code} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/test/jboss-eap-7.0.0.ER7/dist/target/jboss-eap-7.0/modules/system/layers/base/com/sun/xml/bind/main/jaxb-runtime-2.2.11.redhat-4.jar" "read")" in code source "(vfs:/content/custom-xacml-web-test.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:377) > at java.util.zip.ZipFile.<init>(ZipFile.java:210) > at java.util.zip.ZipFile.<init>(ZipFile.java:149) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:84) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:150) > at java.net.URL.openStream(URL.java:1045) > at javax.xml.bind.ContextFinder.find(ContextFinder.java:292) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:412) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:375) > at org.jboss.security.xacml.core.JBossPDP.<clinit>(JBossPDP.java:126) > ... 44 more > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2016