[Mashup-dev] [jira] Commented: (MASHUP-968) Exception when navigating to mashup.jsp page (or others) after hours of idle.

Channa Gunawardena (JIRA) jira at wso2.org
Thu Aug 7 01:52:56 PDT 2008 

    [ https://wso2.org/jira/browse/MASHUP-968?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18574#action_18574 ] 

Channa Gunawardena commented on MASHUP-968:
-------------------------------------------

Reproduced by accessing mashup page via HTTP while signed in and remembered on HTTPS. 

Defaulting to anonymous user instead of null in validate_login, to prevent errors in this situation. Result is that if a signed in and remembered user accesses on a different port, he is treated as an anonymous (not logged in) user.

Also added a fix where the getUserRoles method now returns an empty array if the roles of a null user are requested, which is consistent with the rest of the API.

Committed as SVN 20528 in trunk and 20530 in the 1.5 branch.

> Exception when navigating to mashup.jsp page (or others) after hours of idle.
> -----------------------------------------------------------------------------
>
>                 Key: MASHUP-968
>                 URL: https://wso2.org/jira/browse/MASHUP-968
>             Project: WSO2 Mashup Server
>          Issue Type: Bug
>         Environment: FF3
>            Reporter: Jonathan Marsh
>            Assignee: Channa Gunawardena
>             Fix For: 1.5.1
>
>
> Resource at '/users/null/profile' does  not exist.
> ERROR [2008-07-17 07:13:47,285]  Unable to get roles
> java.lang.NullPointerException
> 	at org.wso2.wsas.persistence.dao.UserDAO.getUserRoles(UserDAO.java:175)
> 	at org.wso2.wsas.persistence.PersistenceManager.getUserRoles(PersistenceManager.java:614)
> 	at org.wso2.wsas.admin.service.UserAdmin.getUserRoles(UserAdmin.java:398)
> 	at org.wso2.mashup.realm.wsas.WSASStrategyImpl.getUserRoles(WSASStrategyImpl.java:252)
> 	at org.wso2.mashup.realm.wsas.WSASAuthorizer.getUserAuthorizationConsideringRoles(WSASAuthorizer.java:260)
> 	at org.wso2.mashup.realm.wsas.WSASAuthorizer.isUserAuthorized(WSASAuthorizer.java:81)
> 	at org.wso2.registry.users.accesscontrol.ACLAuthorizer.isUserAuthorized(ACLAuthorizer.java:68)
> 	at org.wso2.registry.utils.AuthorizationUtils.authorize(AuthorizationUtils.java:39)
> 	at org.wso2.registry.jdbc.Repository.get(Repository.java:97)
> 	at org.wso2.registry.jdbc.handlers.filters.MediaTypeMatcher.handleGet(MediaTypeMatcher.java:46)
> 	at org.wso2.registry.jdbc.handlers.HandlerManager.get(HandlerManager.java:67)
> 	at org.wso2.registry.jdbc.BasicRegistry.get(BasicRegistry.java:111)
> 	at org.wso2.registry.jdbc.AtomicRegistry.get(AtomicRegistry.java:177)
> 	at org.wso2.registry.jdbc.JDBCRegistry.get(JDBCRegistry.java:299)
> 	at org.wso2.registry.session.UserRegistry.get(UserRegistry.java:185)
> 	at org.apache.jsp.mashup_jsp._jspService(mashup_jsp.java:235)
> 	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> 	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
> 	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
> 	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at org.wso2.mashup.transport.ServiceUIFilter.doFilter(ServiceUIFilter.java:207)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at org.wso2.adminui.AdminUIServletFilter.doFilter(AdminUIServletFilter.java:135)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
> 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
> 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
> 	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> 	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> 	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> 	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
> 	at java.lang.Thread.run(Thread.java:595)
> The only url I could find that worked was https://localhost:7443/.  If our login expires, we should still display the page in logged out mode.
> Could this be an artifact of the browser cache, where a page still thinks it's signed in but the ajax services don't?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the Mashup-dev mailing list