[
https://jira.jboss.org/jira/browse/JBSEAM-4003?page=com.atlassian.jira.pl...
]
Norman Richards updated JBSEAM-4003:
------------------------------------
Assignee: Shane Bryzak
Shane, I'll pass this off to you for comment. The obvious fix of testing for the
hashCode method and bypassing restrictions solves the problem. This is probably
reasonably as hashCode is a system function and not a business function. However,
perhaps there is more general solution? I suspect that we would possibly want to allow
other java.lang.Object methods.
Note that it should be possible to work around this with @BypassInterceptors, but
there's currently a bug related to that that is keeping Seam from seeing the
annotation.
SecurityInterceptor can fail in a cluster
-----------------------------------------
Key: JBSEAM-4003
URL:
https://jira.jboss.org/jira/browse/JBSEAM-4003
Project: Seam
Issue Type: Bug
Reporter: Norman Richards
Assignee: Shane Bryzak
Fix For: 2.1.2.CR1
SecurityInterceptor with an @Restrict clause can cause session replication to fail.
Session replication requires calling the hashCode method. If this method throws an
exception, session replication fails, putting the application in bad state.
15:47:52,701 WARN [/seam-booking] Failed to replicate session mKN0jWfC7HHRYT1vmOeB-Q__
org.jboss.seam.security.NotLoggedInException
at org.jboss.seam.security.Identity.checkRestriction(Identity.java:217)
at
org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:113)
at
org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:159)
at
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
at org.jboss.seam.ejb.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:43)
at
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
at
org.jboss.seam.core.SynchronizationInterceptor.aroundInvoke(SynchronizationInterceptor.java:32)
at
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:118)
at
org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:54)
at
org.javassist.tmp.java.lang.Object_$$_javassist_seam_4.hashCode(Object_$$_javassist_seam_4.java)
at java.util.HashMap$Entry.hashCode(HashMap.java:764)
at java.util.AbstractMap.hashCode(AbstractMap.java:557)
at
org.jboss.ha.framework.server.SimpleCachableMarshalledValue.<init>(SimpleCachableMarshalledValue.java:74)
at
org.jboss.ha.framework.server.SimpleCachableMarshalledValue.<init>(SimpleCachableMarshalledValue.java:80)
at
org.jboss.web.tomcat.service.session.distributedcache.spi.SessionSerializationFactory.createMarshalledValue(SessionSerializationFactory.java:74)
at
org.jboss.web.tomcat.service.session.distributedcache.impl.jbc.AbstractJBossCacheService.getMarshalledValue(AbstractJBossCacheService.java:641)
at
org.jboss.web.tomcat.service.session.distributedcache.impl.jbc.AbstractJBossCacheService.putSession(AbstractJBossCacheService.java:405)
at
org.jboss.web.tomcat.service.session.ClusteredSession.processSessionReplication(ClusteredSession.java:1194)
at
org.jboss.web.tomcat.service.session.JBossCacheManager.processSessionRepl(JBossCacheManager.java:1635)
at
org.jboss.web.tomcat.service.session.JBossCacheManager.storeSession(JBossCacheManager.java:294)
at
org.jboss.web.tomcat.service.session.InstantSnapshotManager.snapshot(InstantSnapshotManager.java:49)
at
org.jboss.web.tomcat.service.session.ClusteredSessionValve.invoke(ClusteredSessionValve.java:120)
at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:613)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira