PDA

View Full Version : sample contacts application - null pointer exception


rajnish.srivastava
Oct 19th, 2004, 02:49 AM
I tried to deploy the sample contacts web application on jrun. I ran into some issues with ContextLoaderListener but it worked after using ContextLoaderServlet and the patch from CVS. So far so good. The problem is when I try to login using the manage link, jrun gives the following excpetion:

java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:386)
at jrun.servlet.session.JRunSession.setAttribute(JRun Session.java:270)
at net.sf.acegisecurity.ui.AbstractProcessingFilter.d oFilter(AbstractProcessingFilter.java:350)
at net.sf.acegisecurity.util.FilterToBeanProxy.doFilt er(FilterToBeanProxy.java:105)
at jrun.servlet.FilterChain.doFilter(FilterChain.java :94)
at jrun.servlet.FilterChain.service(FilterChain.java: 101)
at jrun.servlet.ServletInvoker.invoke(ServletInvoker. java:106)
at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvok erChain.java:42)
at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequ estDispatcher.java:241)
at jrun.servlet.ServletEngineService.dispatch(Servlet EngineService.java:527)
at jrun.servlet.http.WebService.invokeRunnable(WebSer vice.java:172)
at jrunx.scheduler.ThreadPool$DownstreamMetrics.invok eRunnable(ThreadPool.java:348)
at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRu nnable(ThreadPool.java:451)
at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeR unnable(ThreadPool.java:294)
at jrunx.scheduler.WorkerThread.run(WorkerThread.java :66)

There are two problems:
1. Why was the request not authenticated even after putting correct username and password?
2. I saw the code of AbstractProcessingFilter..it is trying to set null into session in case of login failure (line number 350)..which is not allowed in jrun..

any comments?
Ben Alex
Oct 19th, 2004, 04:35 PM
Which version of JRun? Could you point me in the direction of some docs re the JRun prohibition on nulls in HttpSession? Also, could you please post here your web.xml and debug-level logging from Acegi Security so we can see what is happening.
rajnish.srivastava
Oct 20th, 2004, 12:04 AM
Thanx for your response.

I am using Jrun version 4. If you consult the java docs of jrunsession class (http://livedocs.macromedia.com/jrun/4/javadocs/jrun/servlet/session/JRunSession.html), you can find the following comments:

********************
public void setAttribute(java.lang.String name,
java.lang.Object value)
throws java.lang.IllegalStateException
Binds the specified object into the session's application layer data with the given name. Any existing binding with the same name is replaced. If the new (or existing) value implements the JRunSessionBindingListener interface, it is notified appropriately.
Parameters:
name - the name to which the data object will be bound. This may not be null.
vlaue - the data object to be bound. This may not be null.
*********************

Regarding my previous post, I would like to add that I was properly authenticated but the crash came after getting authenticated. Here is my web.xml

***********************
<?xml version="1.0" encoding="UTF-8"?>

<!--
- Contacts web application
- $Id: web.xml,v 1.9 2004/08/03 07:18:33 benalex Exp $
- File will be copied into WAR's WEB-INF directory if NOT using container adapter
-->

<web-app>

<display-name>Contacts Sample Application</display-name>

<description>
Example of an application secured using Acegi Security System for Spring.
</description>

<!--
- Loads the root application context of this web app at startup,
- by default from "/WEB-INF/applicationContext.xml".
- Use WebApplicationContextUtils.getWebApplicationContex t(servletContext)
- to access it anywhere in the web application, outside of the framework.
-->
<servlet>
<servlet-name>ContextLoaderServlet</servlet-name>
<servlet-class>org.springframework.web.context.ContextLoaderServl et</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>


<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>

<filter>
<filter-name>Acegi Channel Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.securechannel.ChannelProcessi ngFilter</param-value>
</init-param>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter</param-value>
</init-param>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingF ilter</param-value>
</init-param>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.AutoIntegrationFilter</param-value>
</init-param>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter</param-value>
</init-param>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
</init-param>
</filter>

<!-- Remove the comments from the following <filter-mapping> if you'd
like to ensure secure URLs are only available over HTTPS -->
<!--
<filter-mapping>
<filter-name>Acegi Channel Processing Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->

<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!--
- Servlet that dispatches request to registered handlers (Controller implementations).
- Has its own application context, by default defined in "{servlet-name}-servlet.xml",
- i.e. "contacts-servlet.xml".
-
- A web app can contain any number of such servlets.
- Note that this web app does not have a shared root application context,
- therefore the DispatcherServlet contexts do not have a common parent.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet>
<servlet-name>caucho</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>

<!--
- Maps the contacts dispatcher to /*.
-
-->
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>

<!--
- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
-->
<servlet-mapping>
<servlet-name>caucho</servlet-name>
<url-pattern>/caucho/*</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>

<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>

</web-app>
*****************************

I am not sure where is the setting for debug level for acegi. Hope this helps.
Ben Alex
Oct 20th, 2004, 06:54 PM
If you edit the AbstractProcessingFilter and use HttpSession.removeAttribute instead of setting it to null, does the application work with JRun as intended? If so I'll update CVS.
rajnish.srivastava
Oct 21st, 2004, 12:35 AM
Yes it works.
Thanx
Ben Alex
Oct 29th, 2004, 09:46 PM
I've just committed the change to CVS.