On 06/12/2013 11:22, Martin Kouba wrote: > Hi all, > > while investigating an user issue I found out that > org.apache.catalina.authenticator.FormAuthenticator (Tomcat 7 codebase) > fires requestInitialized/requestDestroyed events during forwards (login > and error page) [1]. However ApplicationDispatcher fires these events as > well (if "fireRequestListenersOnForwards" is set to true) [2]. So if you > do form based auth init/destroy events are fired 3x. > > Moreover it seems the event payload request is missing > "javax.servlet.forward.request_uri" attribute. So Weld is not able to > identify such "nested forward event" and we have problems during CDI > contexts termination. > > I think FormAuthenticator should not fire those events at all. And the > event request should have those attributes set. Am I missing something?
The CDI community missed an opportunity to have some specific events added to the Servlet 3.1 specification to handle forwards and includes. https://java.net/jira/browse/SERVLET_SPEC-19 See also https://issues.apache.org/bugzilla/show_bug.cgi?id=50789 https://issues.apache.org/bugzilla/show_bug.cgi?id=49991 The door was wide open but no-one spoke up so nothing was added. It looks to me like the events in the FORM authenticator should be removed leaving it up to the ApplicationDispatcher to fire them if fireRequestListenersOnForwards is true. The javax.servlet.forward.request_uri is not set for the event fired from the FormAuthenticator. The javax.servlet.forward.request_uri is set for the event fired from the RequestDispatcher. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
