7 Replies Latest reply on Apr 17, 2006 11:40 AM by Anil Saldanha

    SecurityFlushSessionListener

    1 sda Newbie

      when I logout "session.invalidate()" this problem become. why?
      -----------------------------------
      2006-04-04 12:13:49,366 ERROR [org.jboss.web.tomcat.security.SecurityFlushSessionListener] Exception in sessionDestroyed:
      javax.naming.NameNotFoundException: security not bound
      at org.jnp.server.NamingServer.getBinding(NamingServer.java:529)
      at org.jnp.server.NamingServer.getBinding(NamingServer.java:537)
      at org.jnp.server.NamingServer.getObject(NamingServer.java:543)
      at org.jnp.server.NamingServer.lookup(NamingServer.java:267)
      at org.jnp.server.NamingServer.lookup(NamingServer.java:270)
      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:625)
      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:716)
      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
      at javax.naming.InitialContext.lookup(InitialContext.java:347)
      at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSecurityManagerService(SecurityFlushSessionListener.java:188)
      at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSubjectAndSecurityDomain(SecurityFlushSessionListener.java:160)
      at org.jboss.web.tomcat.security.SecurityFlushSessionListener.sessionDestroyed(SecurityFlushSessionListener.java:79)
      at org.apache.catalina.session.StandardSession.expire(StandardSession.java:685)
      at org.apache.catalina.session.StandardSession.expire(StandardSession.java:643)
      at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1088)
      at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:149)

        • 1. Re: SecurityFlushSessionListener
          Scott Stark Master

          Wrong forum, moved to user forum. Post the jboss version details.

          • 2. Re: SecurityFlushSessionListener
            1 sda Newbie

            sorry I am a new member; I cant understand the which forum.
            Please could you help me?

            • 3. Re: SecurityFlushSessionListener
              Anil Saldanha Master

               

              I have a problem "jboss-4.0.4RC1" when
              I logout "session.invalidate".Please help me????


              Is it possible for you to provide us a test deployment (a test WAR file) that reproduces this issue?

              You can create a JIRA issue(while attach the test deployment at):
              http://jira.jboss.com/jira/browse/JBAS

              I do not understand why the Security Manager is not bound in the private namespace by the AbstractWebDeployer, in your case.

              private SubjectSecurityManager getSecurityManagerService() throws Exception
               {
               //Get the SecurityManagerService from JNDI
               InitialContext ctx = new InitialContext();
               return (SubjectSecurityManager) ctx.lookup("java:comp/env/security/securityMgr");
               }
              


              Anyway, the error you see is just a logged error and does not affect the health of your application.

              • 4. Re: SecurityFlushSessionListener
                1 sda Newbie

                I want to explain problem;
                I had a problem with logon.jsp page
                has include page

                <jsp:include page="a.jsp"
                flush="true"/>
                cannot initialize session after response has been committed.

                I solved this problem wiht add '/' page="/a.jsp"

                but when I logout the page I invalidate the http session.
                "session.invalidate()" but there is a problem.

                where must the jboss set the context
                as "java:comp/env/security/securityMgr". But jboss doesnt. Is there
                any link to look? I think there must be a xml to configure but I cant find.
                Thanks...
                --------------------------------------------

                2006-04-04 12:13:49,366 ERROR [org.jboss.web.tomcat.security.SecurityFlushSessionListener] Exception in sessionDestroyed:
                javax.naming.NameNotFoundException: security not bound
                at org.jnp.server.NamingServer.getBinding(NamingServer.java:529)
                at org.jnp.server.NamingServer.getBinding(NamingServer.java:537)
                at org.jnp.server.NamingServer.getObject(NamingServer.java:543)
                at org.jnp.server.NamingServer.lookup(NamingServer.java:267)
                at org.jnp.server.NamingServer.lookup(NamingServer.java:270)
                at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:625)
                at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:716)
                at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
                at javax.naming.InitialContext.lookup(InitialContext.java:347)
                at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSecurityManagerService(SecurityFlushSessionListener.java:188)
                at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSubjectAndSecurityDomain(SecurityFlushSessionListener.java:160)
                at org.jboss.web.tomcat.security.SecurityFlushSessionListener.sessionDestroyed(SecurityFlushSessionListener.java:79)
                at org.apache.catalina.session.StandardSession.expire(StandardSession.java:685)
                at org.apache.catalina.session.StandardSession.expire(StandardSession.java:643)
                at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1088)
                at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:149)


                • 5. Re: SecurityFlushSessionListener
                  Anil Saldanha Master

                  Are you able to attach your WAR file that displays this behavior to the associated JIRA issue?
                  http://jira.jboss.com/jira/browse/JBAS-2151

                  You may be required to register at the JBoss JIRA site.

                  • 6. Re: SecurityFlushSessionListener
                    1 sda Newbie

                    I couldnt attach the war to jira.

                    Why the "webcontext: null" in the server.log.
                    There is a note in AbstractWebDeployer.java. How can deploy my project
                    as part of an enterprise to avoid null.


                    @param di The deployment info that contains the context-root element value
                    288 from the J2EE application/module/web application.xml descriptor. This may
                    289 be null if war was is not being deployed as part of an enterprise application.
                    290 It also contains the URL of the web application war.
                    291 */


                    292 public synchronized WebApplication start(DeploymentInfo di) throws DeploymentException
                    293 {
                    ----------------------------------------------------------------------
                    server.log
                    ----------------------------------------------------------------------
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.MainDeployer] Adding deployer: MBeanProxyExt[jboss.web:service=WebServer]
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.SuffixOrderHelper] Static suffix exists; ignoring request for adding enhanced suffix: 558.war
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.MainDeployer] trying to deploy with new deployer: invoker.war
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.MainDeployer] Starting deployment of package: file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.MainDeployer] Starting deployment (init step) of package at: file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.deployment.MainDeployer] using deployer MBeanProxyExt[jboss.web:service=WebServer]
                    2006-04-05 11:18:41,206 DEBUG [org.jboss.web.tomcat.tc5.Tomcat5] Begin init
                    2006-04-05 11:18:41,222 DEBUG [org.jboss.web.tomcat.tc5.Tomcat5] webContext: null
                    2006-04-05 11:18:41,222 DEBUG [org.jboss.web.tomcat.tc5.Tomcat5] warURL: file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,284 DEBUG [org.jboss.web.tomcat.tc5.Tomcat5] End init
                    2006-04-05 11:18:41,284 DEBUG [org.jboss.mx.loading.RepositoryClassLoader] Added url: file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/, to ucl: org.jboss.mx.loading.UnifiedClassLoader3@166f9b9{ url=file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/ ,addedOrder=9}
                    2006-04-05 11:18:41,284 DEBUG [org.jboss.deployment.MainDeployer] found 0 subpackages of file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,284 DEBUG [org.jboss.deployment.MainDeployer] create step for deployment file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,284 DEBUG [org.jboss.web.tomcat.tc5.Tomcat5] create, invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.system.ServiceController] Creating service jboss.web.deployment:id=1763989388,war=invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.system.ServiceController] adding depends in ServiceController.register: []
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.web.WebModule] Creating jboss.web.deployment:id=1763989388,war=invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.web.WebModule] Created jboss.web.deployment:id=1763989388,war=invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.system.ServiceController] Creating dependent components for: jboss.web.deployment:id=1763989388,war=invoker.war dependents are: []
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.deployment.MainDeployer] Done with create step of deploying invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.deployment.MainDeployer] Begin deployment start file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.system.ServiceController] starting service jboss.web.deployment:id=1763989388,war=invoker.war
                    2006-04-05 11:18:41,347 DEBUG [org.jboss.web.WebModule] Starting jboss.web.deployment:id=1763989388,war=invoker.war
                    2006-04-05 11:18:41,363 DEBUG [org.jboss.web.tomcat.tc5.TomcatDeployer] webContext: null
                    2006-04-05 11:18:41,363 DEBUG [org.jboss.web.tomcat.tc5.TomcatDeployer] warURL: file:/C:/jboss-4.0.4RC1/server/ibankAll/deploy/httpha-invoker.sar/invoker.war/
                    2006-04-05 11:18:41,363 DEBUG [org.jboss.web.tomcat.tc5.TomcatDeployer] webAppParser: org.jboss.web.AbstractWebDeployer$DescriptorParser@771eb1
                    2006-04-05 11:18:41,472 DEBUG [org.jboss.web.WebPermissionMapping] Qualified url patterns: {/=PatternInfo[pattern=/,type=3,isOverriden=false,qualifiers=[PatternInfo[pattern=/restricted/*,type=1,isOverriden=false,qualifiers=[]]]], /restricted/*=PatternInfo[pattern=/restricted/*,type=1,isOverriden=false,qualifiers=[]]}
                    2006-04-05 11:18:41,488 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] deploy, ctxPath=/invoker, warUrl=.../deploy/httpha-invoker.sar/invoker.war/

                    • 7. Re: SecurityFlushSessionListener
                      Anil Saldanha Master

                      Have u registered urself in the JBoss jira? If we allow arbitrary people to attach things to JIRA issues, our JIRA ecosystem will be in an adorable state.

                      Register yourself and then attach the war file that is giving you headache (with regard to the SecurityFlushSessionListener) to the JIRA issue, I have referenced above.