[seam-issues] [JBoss JIRA] (JBSEAM-5124) HTTP Basic Authentication causes a hidden IllegalStateException
Georgi Gyurchev (JIRA)
jira-events at lists.jboss.org
Thu Aug 22 11:47:28 EDT 2013
Georgi Gyurchev created JBSEAM-5124:
---------------------------------------
Summary: HTTP Basic Authentication causes a hidden IllegalStateException
Key: JBSEAM-5124
URL: https://issues.jboss.org/browse/JBSEAM-5124
Project: Seam 2
Issue Type: Bug
Components: Security
Affects Versions: 2.3.1.Final, 2.3.1.CR1
Environment: JBOSS AS 7.0.2
JSF 2.1
Richfaces 4.3.2
Reporter: Georgi Gyurchev
The built-in Authentication filter causes "javax.servlet.ServletException: java.lang.IllegalStateException: No active event context" on every page that goes through the filter. At least for basic authentication.
The user is likely to not see this but it shows in the console and can mess with other functionality.
------------------------------------------------------
I have gone through the Seam classes AuthenticationFilter and ContextualHttpServletRequest and figured out where the problem lies:
chain.doFilter() is called between the start and the end of the request and when ContextualHttpServletRequest tries to end the request, the context is not active anymore, I'm not sure exactly why but it seems logical. I'm also not sure why it worked it Seam 2.2.
------------------------------------------------------
The workaround is to make your own filter. I will post details in the forum topic because I don't see any options for attachments here.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list