Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1027272 - [GSS] (6.3.0) ContextNotActiveException thrown on session invalidation when using clustered SSO
[GSS] (6.3.0) ContextNotActiveException thrown on session invalidation when u...
Status: CLOSED CURRENTRELEASE
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web (Show other bugs)
6.2.0
Unspecified Unspecified
unspecified Severity unspecified
: ER5
: EAP 6.3.0
Assigned To: Rémy Maucherat
Ron Šmeral
Russell Dickenson
:
Depends On:
Blocks: 1101472
  Show dependency treegraph
 
Reported: 2013-11-06 08:02 EST by Ron Šmeral
Modified: 2016-10-31 21:37 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
In previous versions of JBoss EAP 6, the SSO valves did not set the context when expiring sessions associated with SSO. As a result, `ClusteredSingleSignOn` would call `WeldListener.sessionDestroyed(event)` after the session has been destroyed, resulting in a `ContextNotActiveException` upon session invalidation. In this release the SSO valves now set the context when expiring sessions associated with SSO and the ContextNotActiveException is avoided upon session invalidation.
Story Points: ---
Clone Of:
: 1101472 (view as bug list)
Environment:
Last Closed: 2014-08-06 10:40:34 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Reproducer (9.42 KB, application/zip)
2013-11-06 08:02 EST, Ron Šmeral 		no flags Details
standalone-ha.xml (19.42 KB, text/xml)
2013-11-06 09:46 EST, Ron Šmeral 		no flags Details
application-roles.properties (633 bytes, text/plain)
2013-11-06 09:52 EST, Ron Šmeral 		no flags Details
application-users.properties (811 bytes, text/plain)
2013-11-06 09:53 EST, Ron Šmeral 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Ron Šmeral 2013-11-06 08:02:46 EST 
Created attachment 820349 [details]
Reproducer

Description of problem:
When using the clustered SSO in the standalone-ha configuration of EAP, an exception is thrown on sesion invalidation, if there is an active long-running conversation:
javax.enterprise.context.ContextNotActiveException: Conversation Context not active when method called on conversation Conversation with id: 1

This does not occur with the non-clustered SSO option, nor does it occur without the SSO, in a clustered application.

Version-Release number of selected component (if applicable):
EAP 6.2.0.ER7

Steps to Reproduce:
1. Deploy war-one and war-two
2. Open http://localhost:8080/war-one/index.jsf
3. Click war-two link (begins a conversation)
4. In the original window (http://localhost:8080/war-one/index.jsf), click logout (calls request.session.invalidate)

Actual results:
Exception appears

Expected results:
Session invalidated without exception
Comment 1 Ron Šmeral 2013-11-06 08:03:36 EST 
Stacktrace:
13:32:13,196 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/war-one].[FacesServlet]] (http-/127.0.0.1:8080-1) JBWEB000236: Servlet.service() for servlet FacesServlet threw exception: javax.enterprise.context.ContextNotActiveException: Conversation Context not active when method called on conversation Conversation with id: 1
	at org.jboss.weld.context.conversation.ConversationImpl.verifyConversationContextActive(ConversationImpl.java:197) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.context.conversation.ConversationImpl.getId(ConversationImpl.java:121) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.context.AbstractConversationContext.destroy(AbstractConversationContext.java:298) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.context.http.HttpConversationContextImpl.destroy(HttpConversationContextImpl.java:12) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.context.http.HttpSessionContextImpl.destroy(HttpSessionContextImpl.java:42) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.servlet.WeldListener.sessionDestroyed(WeldListener.java:93) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.as.web.session.ClusteredSession.expire(ClusteredSession.java:1302) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.ClusteredSession.expire(ClusteredSession.java:649) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.sso.ClusteredSingleSignOn.deregister(ClusteredSingleSignOn.java:494) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.sso.ClusteredSingleSignOn.logout(ClusteredSingleSignOn.java:562) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.sso.ClusteredSingleSignOn.sessionEvent(ClusteredSingleSignOn.java:282) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.ClusteredSession.fireSessionEvent(ClusteredSession.java:1790) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.ClusteredSession.expire(ClusteredSession.java:1326) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.ClusteredSession.invalidate(ClusteredSession.java:629) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:150) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_17]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_17]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_17]
	at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_17]
	at org.apache.el.parser.AstValue.invoke(AstValue.java:258) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-1.1.16.Final-redhat-1.jar:1.1.16.Final-redhat-1]
	at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
	at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:101) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
	at javax.faces.component.UICommand.broadcast(UICommand.java:315) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:786) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1251) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
	at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
	at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-2.1.19-redhat-2.jar:2.1.19-redhat-2]
	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.jboss.modcluster.container.jbossweb.JBossWebContext$RequestListenerValve.event(JBossWebContext.java:91)
	at org.jboss.modcluster.container.jbossweb.JBossWebContext$RequestListenerValve.invoke(JBossWebContext.java:72)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:499) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.jboss.as.web.session.ClusteredSessionValve.handleRequest(ClusteredSessionValve.java:134) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.ClusteredSessionValve.invoke(ClusteredSessionValve.java:99) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.JvmRouteValve.invoke(JvmRouteValve.java:92) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.session.LockingValve.invoke(LockingValve.java:64) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.jboss.as.web.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:384) [jboss-as-web-7.3.0.Final-redhat-10.jar:7.3.0.Final-redhat-10]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_17]
Comment 2 JBoss JIRA Server 2013-11-06 09:40:26 EST 
Ron Šmeral <rsmeral@redhat.com> made a comment on jira WELD-1544

Attaching the configuration XML with the SSO configured, necessary for reproduction.
The important change is in adding 
{{<sso cache-container="web" cache-name="sso" reauthenticate="true"/>}} to the {{default-host}} virtual server.
Comment 3 Ron Šmeral 2013-11-06 09:46:48 EST 
Created attachment 820433 [details]
standalone-ha.xml
Comment 4 JBoss JIRA Server 2013-11-06 09:51:40 EST 
Ron Šmeral <rsmeral@redhat.com> made a comment on jira WELD-1544

Attaching AS user configuration files for the reproducer.
These go into {{EAP_HOME/standalone/configuration}}.
User is {{admin}}, password is {{abc.12345}}.
Comment 5 Ron Šmeral 2013-11-06 09:52:31 EST 
Created attachment 820434 [details]
application-roles.properties
Comment 6 Ron Šmeral 2013-11-06 09:53:08 EST 
Created attachment 820435 [details]
application-users.properties
Comment 7 JBoss JIRA Server 2013-11-12 04:34:58 EST 
Matej Briskar <mbriskar@redhat.com> made a comment on jira WELD-1544

The method WeldListener.sessionDestroyed(event) in Weld is called twice.
Comment 8 Jozef Hartinger 2013-11-12 04:51:35 EST 
This looks like a problem with ClusteredSingleSignOn which causes WeldListener.sessionDestroyed(event) to be called after the session has been destroyed. Changing component to Web.
Comment 9 JBoss JIRA Server 2014-01-08 01:34:38 EST 
Jozef Hartinger <jharting@redhat.com> updated the status of jira WELD-1544 to Resolved
Comment 10 Rémy Maucherat 2014-01-09 12:44:09 EST 
I would say the issue is that SSO doesn't set the context when expiring sessions associated with the SSO. The difference between clustered and non clustered is that the clustered session then rethrows runtime exceptions from session lifecycle listeners (for whatever reason), while the regular one simply logs them (that seems safer).
Comment 11 Rémy Maucherat 2014-01-14 05:07:10 EST 
First step in r2338, clustered SSO would need to use this patch to set the context classloader.
Comment 13 Rémy Maucherat 2014-05-06 08:39:24 EDT 
Trying https://github.com/jbossas/jboss-eap/pull/1302 but it might be too late for a non blocker.
Comment 15 Ron Šmeral 2014-07-02 10:39:55 EDT 
Verified on 6.3.0.ER8.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.