Bug 1163126 - IllegalArgumentException when using CrawlerSessionManagerValve in EAP 6 cluster
Summary: IllegalArgumentException when using CrawlerSessionManagerValve in EAP 6 cluster
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: DR11
: EAP 6.4.0
Assignee: Rémy Maucherat
QA Contact: Michael Cada
URL:
Whiteboard:
Depends On:
Blocks: 1157438
TreeView+ depends on / blocked
 
Reported: 2014-11-12 12:27 UTC by Lyle Wang
Modified: 2019-08-19 12:41 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:

Attachments (Terms of Use)
A simple distributable war deployment example. (4.36 KB, application/zip)
2014-11-12 12:27 UTC, Lyle Wang 		no flags Details
View All

Description Lyle Wang 2014-11-12 12:27:06 UTC 
Created attachment 956716 [details]
A simple distributable war deployment example.

Description of problem:

org.apache.catalina.valves.CrawlerSessionManagerValve is a valve provided by JBossWeb (jbossweb-7.4.8.Final-redhat-4.jar). When using this valve in clustered EAP 6 environment, session cannot be replicated.


Version-Release number of selected component (if applicable):

jbossweb-7.4.8.Final-redhat-4.jar


How reproducible:
Always


Steps to Reproduce:
1. Setup a 2-node EAP 6.3 cluster. Both 2 nodes use standalone-ha profile and have port offset=100 on 2nd node. Setup DEBUG logging level for root logger.
2. Deploy a "distributable" war deployment on 2 nodes (example echo.war attached)
3. Use any developer tool to change browser's user-agent, to similate a bot/crawler to visit the deployment page (http://localhost:8080/echo). I use "User Agent Switcher" on firefox to change user-agent as MSNBot (user-agent string="msnbot/1.1 ( http://search.msn.com/msnbot.htm)"    )
4. The session created for this bot cannot be replicated and get the exception in server log:

-----------------------------------
22:05:07,494 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: ClientIp=127.0.0.1, RequestedSessionId=null
22:05:07,495 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
22:05:07,496 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: Bot found. UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
22:05:07,516 ERROR [org.apache.catalina.connector] (http-/127.0.0.1:8180-1) JBWEB001018: An exception or error occurred in the container during the request processing: java.lang.IllegalArgumentException: JBAS018062: 'org.apache.catalina.valves.CrawlerSessionManagerValve' attribute with type 'org.apache.catalina.valves.CrawlerSessionManagerValve' cannot be replicated
	at org.jboss.as.web.session.ClusteredSession.setAttribute(ClusteredSession.java:824) [jboss-as-web-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]
	at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at org.apache.catalina.valves.CrawlerSessionManagerValve.invoke(CrawlerSessionManagerValve.java:222) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]

22:05:07,580 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: ClientIp=127.0.0.1, RequestedSessionId=null
22:05:07,581 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
22:05:07,581 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: Bot found. UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
22:05:07,582 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: SessionID=+Xxz8f6BiTLtqvReNLZkrZ+6
22:05:07,583 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 1915297560: Bot session accessed. SessionID=+Xxz8f6BiTLtqvReNLZkrZ+6

-----------------------------------


Actual results:
Exception printed out


Expected results:
No exception

Additional info:
Comment 1 Lyle Wang 2014-11-12 14:37:28 UTC 
Sorry, forgot a step in section "Steps to Reproduce"

Steps to Reproduce:

1. Setup a 2-node EAP 6.3 cluster. Both 2 nodes use standalone-ha profile and have port offset=100 on 2nd node. Setup DEBUG logging level for root logger.

1-a. Enable "CrawlerSessionManagerValve" by adding <valve> definition into "web" subsystem in standalone-ha.xml (on both 2 nodes):

------------------------------------------------------
        <subsystem xmlns="urn:jboss:domain:web:2.1" default-virtual-server="default-host" native="false">

......

            <valve name="CrawlerSessionManagerValve" module="org.jboss.as.web" class-name="org.apache.catalina.valves.CrawlerSessionManagerValve">
                <param param-name="crawlerUserAgents" param-value=".*[bB]ot.*|.*Yahoo! Slurp.*|.*Feedfetcher-Google.*"/>
                <param param-name="sessionInactiveInterval" param-value="60"/>
            </valve>
        </subsystem>

------------------------------------------------------

2. Deploy a "distributable" war deployment on 2 nodes (example echo.war attached)
......
Comment 2 Rémy Maucherat 2014-11-12 15:49:57 UTC 
r2537 in web, you should probably verify it.
Comment 3 Kabir Khan 2014-11-18 08:31:36 UTC 
Should be fixed by 7.5.0.Beta5 upgrade 1157438
Comment 4 Paul Ferraro 2014-11-18 15:30:29 UTC 
The posted fix won't work:
https://source.jboss.org/changelog/JBossWeb?cs=2537
A non-static inner class cannot be serialized unless the parent class is also Serializable (since the object will contain an implicit reference to the parent instance).
Comment 5 Paul Ferraro 2014-11-18 15:36:14 UTC 
As I mention to the poster on the jboss-support-eap6 mailing list:

> Looking deeper into the actual implementation, the purpose of setting the
> value as a session attribute is only to trigger a valueUnbound() session
> event (the CrawlerSessionManagerValve implements
> HttpSessionBindingListener), which is used on session destruction to cleanup
> obsolete client IP <-> session ID mappings.
> This seems sloppy.  I don't see why this couldn't be more easily achieved by
> implementing HttpSessionListener, and registering the valve as a listener
> when a new "bot" session is detected.  That way, there is nothing to put in
> the session, and no need for the class to be serializable.
Comment 6 Paul Ferraro 2014-11-18 15:36:51 UTC 
As I mention to the poster on the jboss-support-eap6 mailing list:

> Looking deeper into the actual implementation, the purpose of setting the
> value as a session attribute is only to trigger a valueUnbound() session
> event (the CrawlerSessionManagerValve implements
> HttpSessionBindingListener), which is used on session destruction to cleanup
> obsolete client IP <-> session ID mappings.
> This seems sloppy.  I don't see why this couldn't be more easily achieved by
> implementing HttpSessionListener, and registering the valve as a listener
> when a new "bot" session is detected.  That way, there is nothing to put in
> the session, and no need for the class to be serializable.
Comment 7 Rémy Maucherat 2014-11-18 15:52:55 UTC 
A session listener must be added to all webapps by the valve then, it's not so easy and it may not be better in practice. BTW, this valve is a utility straight from upstream Tomcat.

I will modify my commit, but that is all I'm going to do about this.
Comment 8 Rémy Maucherat 2014-11-18 16:01:39 UTC 
Trying r2544 to work around the serialization issue.
Comment 9 Lyle Wang 2014-11-26 23:13:53 UTC 
Trying  r2544 in a 2-node (standalone mode) EAP 6 cluster, couldn't reproduce the error anymore:

---------------------
16:58:19,365 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8080-1) 1489346810: UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
16:58:19,365 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8080-1) 1489346810: Bot found. UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
......
16:58:19,390 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8080-1) 1489346810: New bot session. SessionID=59AITeqJezBwoNA2tq2Gjfok

......
......

16:58:58,523 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 551206825: Bot found. UserAgent=msnbot/1.1 ( http://search.msn.com/msnbot.htm)
16:58:58,524 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 551206825: SessionID=e-qeCfNBBs2sM4JT9avuC4Pl
16:58:58,590 DEBUG [org.apache.catalina.valves] (http-/127.0.0.1:8180-1) 551206825: Bot session accessed. SessionID=e-qeCfNBBs2sM4JT9avuC4Pl
---------------------
Comment 10 Radim Hatlapatka 2014-12-01 11:41:20 UTC 
Verified in EAP 6.4.0.DR11
Note You need to log in before you can comment on or make changes to this bug.