[jira] Commented: (TOMAHAWK-1469) CAPTCHA renderer throws exception when session is missing

Tue, 08 Dec 2009 23:59:44 -0800 

    [ 
https://issues.apache.org/jira/browse/TOMAHAWK-1469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12787959#action_12787959
 ] 

Igor Spac commented on TOMAHAWK-1469:
-------------------------------------

I use  Debian/Tomcat5.5/JSF1.2

I am not aware of the exact scenario (I see this exception randomly in server 
logs), but I was able to reproduce this as follows:

1. Open the page where captcha is usually displayed.
2. Copy image url for captcha image.
3. Clear cookies.
4. Navigate to captcha image URL.

Hope this helps.


> CAPTCHA renderer throws exception when session is missing
> ---------------------------------------------------------
>
>                 Key: TOMAHAWK-1469
>                 URL: https://issues.apache.org/jira/browse/TOMAHAWK-1469
>             Project: MyFaces Tomahawk
>          Issue Type: Bug
>          Components: Captcha
>    Affects Versions: 1.1.9
>         Environment: Debian/Tomcat5.5
>            Reporter: Igor Spac
>            Assignee: Hazem Saleh
>
> CAPTCHARenderer.renderCAPTCHA throws exception in case session is missing. 
> This happens because session attribute is set after the image being rendered. 
> The fix would involve setting the attribute before rendering the image.
> Full stack trace:
> java.lang.IllegalStateException: Cannot create a session after the response 
> has been committed
>         at 
> org.apache.catalina.connector.Request.doGetSession(Request.java:2221)
>         at org.apache.catalina.connector.Request.getSession(Request.java:2031)
>         at 
> org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction.run(RequestFacade.java:196)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at 
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:830)
>         at 
> org.apache.myfaces.context.servlet.SessionMap.setAttribute(SessionMap.java:56)
>         at 
> org.apache.myfaces.util.AbstractAttributeMap.put(AbstractAttributeMap.java:105)
>         at 
> org.apache.myfaces.util.AbstractAttributeMap.put(AbstractAttributeMap.java:38)
>         at 
> org.apache.myfaces.custom.captcha.CAPTCHARenderer.renderCAPTCHA(CAPTCHARenderer.java:207)
>         at 
> org.apache.myfaces.custom.captcha.CAPTCHARenderer.serveResource(CAPTCHARenderer.java:159)
>         at 
> org.apache.myfaces.renderkit.html.util.NonBufferingAddResource.serveResource(NonBufferingAddResource.java:544)
>         at 
> org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:268)
>         at sun.reflect.GeneratedMethodAccessor244.invoke(Unknown Source)
>         at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
>         at 
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
>         at 
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilterChain.java:192)
>         at 
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167)
>         at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>         at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
>         at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>         at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>         at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>         at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
>         at 
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
>         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
>         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
>         at 
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
>         at 
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
>         at 
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
>         at java.lang.Thread.run(Thread.java:595)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to