I am using struts2 framework . when I submit a form it gets stored in database successfully and I redirect the user to the same page but when I refresh that page again I get below error.
I am using tokenSession interceptor.
Can someone please help how to get rid of this problem?
Error 500--Internal Server Error
java.lang.NullPointerException
at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.initSessionInfo(ServletRequestImpl.java:3193)
at weblogic.servlet.internal.ServletRequestImpl$SessionHelper._getSessionInternal(ServletRequestImpl.java:2894)
at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.getSessionInternal(ServletRequestImpl.java:2881)
at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.getSession(ServletRequestImpl.java:2871)
at weblogic.servlet.internal.ServletRequestImpl.getSession(ServletRequestImpl.java:1525)
at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:508)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:161)
at org.apache.struts2.result.ServletDispatcherResult.doExecute(ServletDispatcherResult.java:132)
at org.apache.struts2.result.StrutsResultSupport.execute(StrutsResultSupport.java:206)
at org.apache.struts2.interceptor.TokenSessionStoreInterceptor.handleInvalidToken(TokenSessionStoreInterceptor.java:143)
at org.apache.struts2.interceptor.TokenSessionStoreInterceptor.handleToken(TokenSessionStoreInterceptor.java:109)
at org.apache.struts2.interceptor.TokenInterceptor.doIntercept(TokenInterceptor.java:139)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249)
at org.apache.struts2.factory.StrutsActionProxy.execute(StrutsActionProxy.java:48)
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:574)
at org.apache.struts2.dispatcher.ExecuteOperations.executeAction(ExecuteOperations.java:79)
at org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:141)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3701)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3667)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:326)
at weblogic.security.service.SecurityManager.runAsForUserCode(SecurityManager.java:197)
at weblogic.servlet.provider.WlsSecurityProvider.runAsForUserCode(WlsSecurityProvider.java:203)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:71)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2443)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2291)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2269)
at weblogic.servlet.internal.ServletRequestImpl.runInternal(ServletRequestImpl.java:1703)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1663)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:272)
at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:352)
at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:337)
at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:57)
at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:644)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:415)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:355)
Is this an issue with weblogic version?
Related
I am using following spring security saml repo from github:
https://github.com/spring-projects/spring-security-saml/tree/master/sample
Whenever I try to update the SSO url, for e.g. localhost:8100/saml/ddo, instead of /saml/sso, browser gets stuck in infinite loops.
(I have followed the steps mentioned in readme and updated the url on okta as well in application to test)
Sample code and config enclosed in:
Spring secuirty saml issue
EDIT:
I did what below answer suggested,but I am getting the Incoming SAML message is invalid..
On debugging, I found that attemptAuthentication in SAMLProcessingFilter, the location in endpoint that are added still contain the /api/saml/SSO instead of /api/saml/ddo
and that's why getEndpoint method in SamlUtil throws excpetion with following line:
throw new SAMLException("Endpoint with message binding " + messageBinding + " and URL " + requestURL + " wasn't found in local metadata");
because the requestUrl and endpoint location do not match.
I also checked my metadata.xml but it does not contain any info related to these urls.
In the MetaDataGenerator class method getSAMLWebSSOProcessingFilterPath, the samlWebSSOFilter is null and that's why the default filter url: /saml/SSO is returned. I am trying to figure out how to set this value at runtime?
I understand that there is a method with name: setSamlWebSSOFilter, and everything works correct if I provide the url /saml/ddo at the time of startup. But I am not able to make this work if config is changed at runtime.
Any idea how can I move forward?
Setting field filterProcessesUrl on bean samlWebSSOProcessingFilter to value /saml/ddo should solve the problem.
I am using the following code in my logout button :
<a id="login-control-logout" href="${createLink(controller:'LicGenerator', action:'logout')}"><i class="icon-off"></i> Logout</a></li>
Inside my controller, I am using the following code :
def logout() {
request.getSession().invalidate()
response.setHeader("Cache-Control","no-cache,no-store,must-revalidate")
response.setHeader("Pragma","no-cache")
response.setDateHeader("Expires", 0)
redirect(uri:'/login.html')
}
It goes to login.html, but when I enter the username and password again, it doesn't log me back in and throws an error
type Status report
message /LicGenerator/j_security_check
description The requested resource (/LicGenerator/j_security_check) is not available.
When I refresh the browser, I got this error :
type Status report
message Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).
Also, the back button takes me to page even though I added cache control to response.
Simply invalidating your session for spring security is probably not advisable. As there is a SecuritySession which also has cookies. It may be better to use whats provided by spring security already.
import grails.plugin.springsecurity.SpringSecurityUtils
redirect uri: SpringSecurityUtils.securityConfig.logout.filterProcessesUrl
Then you can configure your default login url via the config options for the spring security plugin
Issue: I am unable to access portlet action URL from within panel in my struts2 liferay portlet.
Description:
I need to access "var"
<portlet:actionURL var="Overview" ../>
from inside
<sj:tabbedpanel href=%{Overview}.../>
but I am unable to access it , it gives blank value!
options I have tried:
<sj:tab href=${Overview}..../>
It gave exception:"according to tld or attribute href, does not accept any expressions" ,
also tried <sj:tab href=%{#Overview}..../>
didnt gave any exception but it did not fetch any value either.
Please help!!
I am getting following error message while I am trying to login via facebook using this (https://github.com/SocalNick/ScnSocialAuth) module of ZF 2. Could anyone say what can be the solution ??
Error message
Auth event was stopped without a response. Got "NULL" instead
Thanks
I got the same error. To solve it, I used this explanation : https://github.com/SocalNick/ScnSocialAuth/issues/91
So just remove this line into your composer.json "zf-commons/zfc-user": "dev-master", or "zf-commons/zfc-user": "0.1.*", (that was my error)
and change it to this "zf-commons/zfc-user": "0.1.2",
ps: don't forget to remove into the database the user and the provider, and clear the browser session.
I am trying to integrate CAS into our web application to authenticate via OAuth 2.0, and i have downloaded the demo application from "https://github.com/leleuj/cas-oauth-demo-3.5.x."(client demo). and deployed it in tomcat7, but exception is thrown when authenticate with Google account. i have tried to write another provider and authentication is ok, but can not be redirected to my original web page.
Below is the error message. Does anyone be familar with CAS Oauth? look forward to your answers, thanks.
{"failure":"true","exception.message":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.jasig.cas.support.oauth.web.flow.OAuthAction#1077092 in state 'oauthAction' of flow 'login' -- action execution attributes were 'map[[empty]]'","exception.stacktrace":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.jasig.cas.support.oauth.web.flow.OAuthAction#1077092 in state 'oauthAction' of flow 'login' -- action execution attributes were 'map[[empty]]'\r\n\tat org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)\r\n\tat org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)\r\n\tat org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)\r\n\tat org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)\r\n\tat org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)\r\n\tat org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)\r\n\tat org.springframework.webflow.engine.State.enter(State.java:194)\r\n\tat org.springframework.webflow.engine.Flow.start(Flow.java:535)\r\n\tat org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:366)\r\n\tat org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:225)\r\n\tat org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)\r\n\tat org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)\r\n\tat org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)\r\n\tat org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)\r\n\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)\r\n\tat org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)\r\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:621)\r\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:722)\r\n\tat org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128)\r\n\tat org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57)\r\n\tat org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)\r\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)\r\n\tat com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)\r\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)\r\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)\r\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)\r\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)\r\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)\r\n\tat org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)\r\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)\r\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)\r\n\tat org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)\r\n\tat org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)\r\n\tat org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)\r\n\tat java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)\r\n\tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)\r\n\tat java.lang.Thread.run(Thread.java:662)\r\nCaused by: java.lang.NullPointerException\r\n\tat org.jasig.cas.support.oauth.web.flow.OAuthAction.doExecute(OAuthAction.java:93)\r\n\tat org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)\r\n\tat org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)\r\n\t... 45 more\r\n"}
I'm the creator of the OAuth support for CAS. Google OAuth 1.0 support has been removed by Google. You have to switched to Google OAuth 2.0 support by using the Google2Provider class.