Perhaps a coincidence, but it's pretty much the same error as reported here: https://issues.jboss.org/browse/UNDERTOW-577

And the same error that makes it impossible to call sendError in an authentication module (where there's no such thing as encapsulating within a challenge).

The fix has solved those 2 issues, but it's not yet available in a released (or nightly) WildFly build afaik.

On Sat, Nov 21, 2015 at 2:02 AM, Bill Burke <bburke@redhat.com> wrote:

Meh, nevermind...Just gotta encapsulate the call within a challenge.

On 11/20/2015 7:56 PM, Bill Burke wrote:
> Is there a way to call HttpServletResponse.sendError() within a
> AuthenticationMechanism? I'm getting the following after calling
> sendError and returning AuthenticationMechanismOutcome.NOT_AUTHENTICATED
>
>
> java.lang.IllegalStateException: UT010019: Response already commited
> at
> io.undertow.servlet.spec.HttpServletResponseImpl.sendError(HttpServletResponseImpl.java:124)
> at
> io.undertow.servlet.spec.HttpServletResponseImpl.sendError(HttpServletResponseImpl.java:167)
> at
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:61)
> at
> io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
> io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
> at
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
>
>
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
undertow-dev mailing list
undertow-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev