JSESSIONID cookie path empty for root deployments
by arjan tijms
Hi,
For a root deployment, Undertow by default writes the JSESSIONID cookie
with an empty path. I.e. in the response header the following appears:
SET-COOKIE: JSESSIONID=FhgSh... path=; ...
An empty path causes browsers to set the cookie on whatever path was used
for the request URI. In effect, this causes multiple JSESSIONIDs to be
created while browsing through an app deployed to WildFly, and thus
multiple JSESSIONIDs being posted back when other paths are accessed
(leading to many issues).
The cause of this seems to be in
io.undertow.servlet.spec.ServletContextImpl#ServletContextImpl and
io.undertow.servlet.core.DeploymentManagerImpl#handleDeploymentSessionConfig,
where the cookie path is set to deploymentInfo#getContextPath, which in
both cases returns the empty string.
See:
io.undertow.servlet.spec.ServletContextImpl.ServletContextImpl(ServletContainer,
Deployment)
sessionCookieConfig = new SessionCookieConfigImpl(this);
sessionCookieConfig.setPath(deploymentInfo.getContextPath());
and:
io.undertow.servlet.core.DeploymentManagerImpl.handleDeploymentSessionConfig(DeploymentInfo,
ServletContextImpl)
if(sc.getPath() != null) {
sessionCookieConfig.setPath(sc.getPath());
} else {
sessionCookieConfig.setPath(deploymentInfo.getContextPath());
}
I'm not sure if deploymentInfo#getContextPath should indeed return the
empty string for a root deployment or not, but I think setting the cookie
path to the empty string is not really correct and should be "/" in that
case.
Kind regards,
Arjan Tijms
10 years
CAS / OAuth / OpenID / HTTP / SAML client protocol support?
by Michaël REMOND
Hi,
I currently contribute to a Java library from Jerome Leleu, able to protect
applications and delegate authentications to various identity providers. It
currently supports 5 different protocols: CAS, OAuth, OpenID, HTTP and SAML
and 18 identity providers (Facebook, Twitter, Google, Yahoo...) through a
very simple and unified API accross protocols/JVM frameworks:
https://github.com/leleuj/pac4j.
The pac4j librairies are used in various JVM frameworks with the
appropriate implementations: Spring Security, Shiro, CAS, J2E and Play.
Although the core pac4j librairies gathers "a lot of" code (300 classes,
26000 lines of source code), the implementations to specific JVM frameworks
are pretty straigtforward: from 4 classes for Spring Security to 11 classes
for Play Framework 2.x.
We are currently targeting new plateforms and especially async one; we got
an implementation from ratpack (http://www.ratpack.io/) and we discussed
also with the guys from vert.x. They gave us some ideas in order to improve
our library by becoming more "reactive".
I think that pac4j could be helpful for the Undertow community too by
bringing client multi-protocols support.
I looked at the security model from Undertow and I start to think about a
possible integration by developing a "Pac4jAuthenticationMechanism".
What do you think about such development? Are you interested in a demo app
showing how this could work? Do you have suggestions?
Thanks.
Best regards,
Michael Remond
10 years, 1 month
Can we please have a notification scheme enabled for Undertow Jira?
by Darran Lofthouse
Can we please have a notification scheme enabling for the Undertow Jira
project so that we can receive e-mail notifications.
I would suggest just use the same one as is used for Remoting JMX, it
should be sufficient to have the notifications go to the general mailing
list and interested individuals.
Regards,
Darran Lofthouse.
10 years, 3 months
JDK6 Support
by Jakub Bartecek
I am responding to discussion about JDK6 support. I prepared integration of Undertow into Jenkins CI and the community just
considering it, but for the community is important compatibility with JDK6. Is it possible to keep Undertow on JDK6?
Jakub Bartecek
> The recent report from JRebel Labs that surveyed developers said that
> majority of the developers are
> already on JDK7 with a small footprint for JDK6.
>
>
>> On 06/11/2014 10:24 AM, Stuart Douglas wrote:
>>/ Given that no one replied we have now moved to JDK7.
/>>/
/>/> Stuart
/>>/
/>>/> Jason Greene wrote:
/>>>/ Is there anyone using undertow on JDK6, and cares that we continue to support it? We are considering dropping it.
/>>>/
/>>>/ --
/>>>/ Jason T. Greene
/>>>/ WildFly Lead / JBoss EAP Platform Architect
/>>>/ JBoss, a division of Red Hat
/>>>/
/>>>
10 years, 5 months
Port Reduction/Unification SSL/HTTP/MQTT
by Dino Tsoumakis
Hello,
I’m currently migrating Glassfish-based Products to Widfly 8.1. I used Grizzly-based Port Unification to tunnel MQTT-Protocol over SSL on Glassfish. Now I switched to Wildfly and I would love to switch the port unification from grizzly to undertow, too. I know there are similar concepts for doing this, but I do not know which way is the best using undertow. On Glassfish I simply start an embedded grizzly for SSL and implemented special handlers for splitting HTTP protocol from MQTT. I know it is possible to use undertow’s builder API, add a listener and write a custom handler for it. Is this the preferred way to do that? Or is there a possibility to simply register a custom handler implementation without starting a separat embedded server. I have a complete wildfly instance running anyway. That way it would be easier to use the already configured SSL stuff (like configured realm, etc).
BTW: It would be possible to contribute this code.
Best regards
Dino
10 years, 5 months
Issues running unit tests in eclipse
by Bill O'Neil
I am trying to run the unit tests in eclipse and get the following error.
Do I need to turn on an annotation processor?
java.lang.RuntimeException: java.lang.RuntimeException:
java.lang.ClassNotFoundException:
io.undertow.server.protocol.http.HttpRequestParser$$generated
at io.undertow.testutils.DefaultServer.runInternal(DefaultServer.java:328)
at io.undertow.testutils.DefaultServer.run(DefaultServer.java:245)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(
JUnit4TestReference.java:50)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(
TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(
RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(
RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(
RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(
RemoteTestRunner.java:192)
Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException:
io.undertow.server.protocol.http.HttpRequestParser$$generated
at io.undertow.server.protocol.http.HttpRequestParser.instance(
HttpRequestParser.java:190)
at io.undertow.server.protocol.http.HttpOpenListener.<init>(
HttpOpenListener.java:63)
at io.undertow.testutils.DefaultServer.runInternal(DefaultServer.java:307)
... 7 more
Caused by: java.lang.ClassNotFoundException:
io.undertow.server.protocol.http.HttpRequestParser$$generated
at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at io.undertow.server.protocol.http.HttpRequestParser.instance(
HttpRequestParser.java:185)
... 9 more
10 years, 5 months
Rewrite with parameters in undertow
by Dariusz Borowski
Hi guys,
I'm struggling getting this working. I need to implement rewrite rules in
my application. It's somehow working. What I do have, is:
undertow-handlers.conf under /WEB-INF/
trying to do simple rule:
regex['^/Women/$'] -> rewrite['/Gender.action']
path-template['/Gender.action'] -> set[attribute='%{q,gender}',
value='women']
regex['^/Men/$'] -> rewrite['/Gender.action']
path-template['/Gender.action'] -> set[attribute='%{q,gender}', value='men']
In both cases it should hit my "Gender.action", but with a different
parameter!
It always applies to the last set path-template and the gender is always:
"men"....
How can I pass different parameters to the same Action?
Thanks!
--
Dariusz Borowski
STYLIGHT
+49 (0) 89 - 1222 895 - 0
+49 (0) 89 - 1222 895 - 48
dariusz.borowski(a)stylight.com
http://www.stylight.com/
Join us on Facebook: http://www.facebook.com/stylight
Follow us on Twitter: http://www.twitter.com/stylight
Follow us on Instagram: http://instagram.com/stylight
10 years, 5 months
FixedLengthUnderflowException and TruncatedResponseException
by Tom Goldsmith
I am using undertow through immutant [org.immutant/immutant
"2.x.incremental.148"] and am receiving the following exceptions:
*17:27:47.670 [XNIO-2 task-4] DEBUG io.undertow.request.io
<http://io.undertow.request.io> - UT005013: An IOException occurred*
*org.xnio.channels.FixedLengthUnderflowException: 16095 bytes remaining*
* at
io.undertow.conduits.AbstractFixedLengthStreamSinkConduit.terminateWrites(AbstractFixedLengthStreamSinkConduit.java:204)
~[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
org.xnio.conduits.ConduitStreamSinkChannel.shutdownWrites(ConduitStreamSinkChannel.java:178)
~[xnio-api-3.2.0.Final.jar:3.2.0.Final]*
* at
io.undertow.channels.DetachableStreamSinkChannel.shutdownWrites(DetachableStreamSinkChannel.java:60)
~[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange.closeAndFlushResponse(HttpServerExchange.java:1476)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange.endExchange(HttpServerExchange.java:1465)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at io.undertow.server.Connectors.executeRootHandler(Connectors.java:184)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[na:1.8.0_05]*
* at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[na:1.8.0_05]*
* at java.lang.Thread.run(Thread.java:745) [na:1.8.0_05]*
*17:27:49.912 [XNIO-2 task-6] DEBUG io.undertow.request.io
<http://io.undertow.request.io> - UT005013: An IOException occurred*
*io.undertow.server.TruncatedResponseException: null*
* at
io.undertow.server.protocol.http.HttpResponseConduit.truncateWrites(HttpResponseConduit.java:665)
~[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.conduits.AbstractFixedLengthStreamSinkConduit.terminateWrites(AbstractFixedLengthStreamSinkConduit.java:206)
~[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
org.xnio.conduits.ConduitStreamSinkChannel.shutdownWrites(ConduitStreamSinkChannel.java:178)
~[xnio-api-3.2.0.Final.jar:3.2.0.Final]*
* at
io.undertow.channels.DetachableStreamSinkChannel.shutdownWrites(DetachableStreamSinkChannel.java:60)
~[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange.closeAndFlushResponse(HttpServerExchange.java:1476)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange.endExchange(HttpServerExchange.java:1465)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at immutant.web.undertow$handle_request.invoke(undertow.clj:123) [na:na]*
* at
immutant.web.undertow$create_http_handler$reify__1051.handleRequest(undertow.clj:130)
[na:na]*
* at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
[undertow-core-1.0.7.Final.jar:1.0.7.Final]*
* at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[na:1.8.0_05]*
* at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[na:1.8.0_05]*
* at java.lang.Thread.run(Thread.java:745) [na:1.8.0_05]*
I am making a GET request using Google's xhrio library, and the request
works fine when I use a service such as Postman. However, when I make
several simultaneous GET requests in javascript, undertow throws these
exceptions and returns an empty response (net::ERR_EMPTY_RESPONSE in
chrome).
I'm wondering what might be causing these issues, and if there are certain
HTTP headers I might be missing or need to remove from my requests. It
looks like the requests are all getting cancelled when another request is
received on the same channel, but it must be possible to fire multiple
asynchronous requests so I must be missing something.
Thanks!
Tom
10 years, 5 months
blocking IO
by Machiel Groeneveld
I have a question about the blocking IO. In the documentation there is
mention of the startBlocking call but not of spinning threads. I'm
mentioning this because in the FileResource.java (a supplied handler in
undertow) the file seems to be served from a new thread.
I currently have this:
public void handleRequest(HttpServerExchange exchange) throws Exception {
if (exchange.isInIoThread()) {
exchange.dispatch(this);
return;
}
exchange.getResponseHeaders().put(Headers.CONTENT_TYPE, "text/plain");
exchange.startBlocking();
OutputStream out = exchange.getOutputStream();
writeToStream(out); //query database and write rows to out
exchange.endExchange();
}
is this the way to correctly write a chunked http response?
10 years, 5 months
So many connection reset by peer exception and socket leak
by junyi qin
[XNIO-1 I/O-7] DEBUG io.undertow.request.io - Error reading request
java.io.IOException: Connection reset by peer
at sun.nio.ch.FileDispatcherImpl.read0(Native Method) ~[na:1.7.0_60]
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
~[na:1.7.0_60]
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
~[na:1.7.0_60]
at sun.nio.ch.IOUtil.read(IOUtil.java:192) ~[na:1.7.0_60]
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:379)
~[na:1.7.0_60]
at org.xnio.nio.NioSocketConduit.read(NioSocketConduit.java:280)
[echo-1.0.5.jar:na]
at
org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127)
~[echo-1.0.5.jar:na]
at
io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:113)
~[echo-1.0.5.jar:na]
at
io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:91)
~[echo-1.0.5.jar:na]
at
io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:45)
~[echo-1.0.5.jar:na]
at
org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
~[echo-1.0.5.jar:na]
at
org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
[echo-1.0.5.jar:na]
at
org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
[echo-1.0.5.jar:na]
at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
[echo-1.0.5.jar:na]
tcp state:
TIME_WAIT 1
CLOSE_WAIT 8
ESTABLISHED 26774
SYN_RECV 6
LAST_ACK 37
Any advice is welcome.
10 years, 5 months
