8 Replies Latest reply on Dec 9, 2011 10:44 AM by lightguard

    WELD-000052 error following Seam Security identity.logout()

    dmiklancic
    dmiklancic Nov 26, 2011 4:35 PM

      After upgrading to Seam 3.1.0.Beta5, a simple, identity.logout() call generates the following:




      Caused by: org.jboss.weld.exceptions.IllegalProductException: WELD-000052 Cannot return null from a non-dependent producer method:  [method] @Produces @RequestScoped protected org.jboss.solder.servlet.http.ImplicitHttpServletObjectsProducer.getHttpSession()
     at org.jboss.weld.bean.AbstractProducerBean.checkReturnValue(AbstractProducerBean.java:256) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:362) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:122) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:124) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.proxies.HttpSession$1681475766$Proxy$_$$_WeldClientProxy.invalidate(HttpSession$1681475766$Proxy$_$$_WeldClientProxy.java)
     at org.jboss.seam.security.IdentityImpl.logout(IdentityImpl.java:424) [seam-security-3.1.0.Beta5.jar:]
     at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.logout(IdentityImpl$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.Beta5.jar:]
     at com.bp.cpr.pn.application.onepcoe.security.PortalSecurityManager.logout(PortalSecurityManager.java:153) [classes:]
     at com.bp.cpr.pn.application.onepcoe.security.PortalSecurityManager$Proxy$_$$_WeldClientProxy.logout(PortalSecurityManager$Proxy$_$$_WeldClientProxy.java) [classes:]
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_29]
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_29]
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_29]
     at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_29]
     at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
     at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
     at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
     at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
     at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
     ... 29 more



      I have reviewed various WELD-000052 errors, but none seem to be related to the HttpSession. Can such an error be caused by a new configuration that is required with the new version of Seam that I may have overlooked?


      This may be a WELD issue, but since it appeared immediately following upgrade to Seam 3.1.0.Beta5, I thought I would begin here for suggestions.






      • 863 Views
      • Tags:
        • 1. Re: WELD-000052 error following Seam Security identity.logout()
          lightguard
          lightguard Nov 27, 2011 4:36 PM (in response to dmiklancic)

          This may be a regression, please file a JIRA

            • Actions
          • 2. Re: WELD-000052 error following Seam Security identity.logout()
            dmiklancic
            dmiklancic Nov 27, 2011 8:27 PM (in response to dmiklancic)

            https://issues.jboss.org/browse/SEAM-120

              • Actions
            • 3. Re: WELD-000052 error following Seam Security identity.logout()
              dmiklancic
              dmiklancic Dec 2, 2011 9:03 AM (in response to dmiklancic)
              After upgrading to Seam 3.1.0.CR1, the problem persists, but not fatally.  The user's session is gone, and the web view appears normal, but the log contains the same stack trace.  All appears fine in the browser, but something is still not correct underneath.

              All I am doing is logging in and immediately logging out.  Any ideas?

              08:54:28,489 TRACE [com.bp.cpr.pn.framework.security.SecurityManagerBean] (http--0.0.0.0-8080-4) User admin logged in successfully.
              08:54:47,300 WARNING [javax.enterprise.resource.webcontainer.jsf.lifecycle] (http--0.0.0.0-8080-4) #{portalSecurityManager.logout}: org.jboss.weld.exceptions.IllegalProductException: WELD-000052 Cannot return null from a non-dependent producer method:  [method] @Produces @RequestScoped protected org.jboss.solder.servlet.http.ImplicitHttpServletObjectsProducer.getHttpSession(): javax.faces.FacesException: #{portalSecurityManager.logout}: org.jboss.weld.exceptions.IllegalProductException: WELD-000052 Cannot return null from a non-dependent producer method:  [method] @Produces @RequestScoped protected org.jboss.solder.servlet.http.ImplicitHttpServletObjectsProducer.getHttpSession()
                   at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   at javax.faces.component.UICommand.broadcast(UICommand.java:315) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at com.ocpsoft.pretty.PrettyFilter.doFilter(PrettyFilter.java:126) [prettyfaces-jsf2-3.3.2.jar:]
                   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:139) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
                   at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
                   at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49) [jboss-as-jpa-7.0.2.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:952) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at java.lang.Thread.run(Thread.java:680) [:1.6.0_29]
              Caused by: javax.faces.el.EvaluationException: org.jboss.weld.exceptions.IllegalProductException: WELD-000052 Cannot return null from a non-dependent producer method:  [method] @Produces @RequestScoped protected org.jboss.solder.servlet.http.ImplicitHttpServletObjectsProducer.getHttpSession()
                   at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   ... 28 more
              Caused by: org.jboss.weld.exceptions.IllegalProductException: WELD-000052 Cannot return null from a non-dependent producer method:  [method] @Produces @RequestScoped protected org.jboss.solder.servlet.http.ImplicitHttpServletObjectsProducer.getHttpSession()
                   at org.jboss.weld.bean.AbstractProducerBean.checkReturnValue(AbstractProducerBean.java:256) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:362) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:122) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:124) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.proxies.HttpSession$1681475766$Proxy$_$$_WeldClientProxy.invalidate(HttpSession$1681475766$Proxy$_$$_WeldClientProxy.java)
                   at org.jboss.seam.security.IdentityImpl.logout(IdentityImpl.java:424) [seam-security-3.1.0.CR1.jar:]
                   at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.logout(IdentityImpl$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.CR1.jar:]
                   at com.bp.cpr.pn.application.onepcoe.security.PortalSecurityManager.logout(PortalSecurityManager.java:153) [classes:]
                   at com.bp.cpr.pn.application.onepcoe.security.PortalSecurityManager$Proxy$_$$_WeldClientProxy.logout(PortalSecurityManager$Proxy$_$$_WeldClientProxy.java) [classes:]
                   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_29]
                   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_29]
                   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_29]
                   at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_29]
                   at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
                   at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [weld-core-1.1.2.Final.jar:2011-07-26 15:02]
                   at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.1.3-b02-jbossorg-2.jar:2.1.3-SNAPSHOT]
                   at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) [jboss-jsf-api_2.1_spec-2.0.0.Beta1.jar:2.0.0.Beta1]
                   ... 29 more

                • Actions
              • 4. Re: WELD-000052 error following Seam Security identity.logout()
                lightguard
                lightguard Dec 2, 2011 12:09 PM (in response to dmiklancic)

                Which server are you using?

                  • Actions
                • 5. Re: WELD-000052 error following Seam Security identity.logout()
                  dmiklancic
                  dmiklancic Dec 2, 2011 9:30 PM (in response to dmiklancic)
                  I am using JBoss AS 7.0.2.

                  Perhaps, my architecture is what is causing the problem:  JSF action calls session scoped PortalSecurityManager.logout.  PortalSecurityManager has injected SLSB SecurityManager and calls securityManager.logout().  SecurityManagerBean injects Identity and calls identity.logout(); This is the point where I get the WELD exception.  Note:  PortalSecurityManager is in a WAR; the SecurityManager is in  an EJB; Seam Security and other dependent Seam modules are in the lib directory of the EAR.  BTW: This has been working with Seam 3.0.0.Final (although, the IdentityImpl.logout() did not invalidate the session in Seam Security 3.0.0.Final).

                  As a temporary workaround, I wrap the "identity.logout" call in a try block in the SecurityManagerBean (SLSB), eat the exception, and then invalidate the session in the PortalSecurityManager following the return from the SecurityManager.

                       public String logout() {
                            // This is a hack to get around WELD-00052 error.
                            try {
                                 identity.logout();
                            } catch (Exception e) {
                                 logger.errorf("Exception logging out ...%s", e.getMessage());
                            }
                            return SecurityManager.LOGOUT_SUCCESS;
                       }

                  On return from the logout call, the calling PortalSecurityManager  calls:
                            FacesContext.getCurrentInstance().getExternalContext().invalidateSession();

                  This sequence of calls seems to work for me ... although eating the exception is definitely not what should be done. I found that I must invalidate the session on return because the identity.logout() call does not do it, although the call to invalidate the session is in the source code for IdentityImpl.  The exception must be occurring prior to or during the session invalidate call in IdentityImpl.logout().


                    • Actions
                  • 6. Re: WELD-000052 error following Seam Security identity.logout()
                    lightguard
                    lightguard Dec 2, 2011 10:47 PM (in response to dmiklancic)

                    I'm pretty sure there hasn't been any testing in a portal environment. Quite likely this is causing a problem.

                      • Actions
                    • 7. Re: WELD-000052 error following Seam Security identity.logout()
                      mpashworth
                      mpashworth Dec 9, 2011 4:52 AM (in response to dmiklancic)

                      Jason Porter wrote on Dec 02, 2011 22:47:


                      I'm pretty sure there hasn't been any testing in a portal environment. Quite likely this is causing a problem.


                      The problem is also occurring in Glassfish 3.1.1. 

                        • Actions
                      • 8. Re: WELD-000052 error following Seam Security identity.logout()
                        lightguard
                        lightguard Dec 9, 2011 10:44 AM (in response to dmiklancic)

                        I'm not surprised. Glassfish has many issues with CDI. We're trying our best, but we can't workaround every one of their bugs (even ones that have been open since before Seam 3.0.0.Final)

                          • Actions