[MAGNOLIA-8028] CsrfTokenSecurityFilter throws java.lang.IllegalStateException on logout Created: 15/Aug/19  Updated: 10/Mar/21

Status: Accepted
Project: Magnolia
Component/s: None
Affects Version/s: 6.1, 6.1.1
Fix Version/s: None

Type: Bug Priority: Neutral
Reporter: Rishab Dhar Assignee: Unassigned
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:

 Description   

Steps to reproduce:

a) Deploy magnolia to custom context path (/thumbnail)

b) Login to the instance - http://localhost:8080/thumbnail/

c) Try logging out.

 

HTTP Status 500 – Internal Server ErrorType Exception ReportMessage Cannot create a session after the response has been committedDescription The server encountered an unexpected condition that prevented it from fulfilling the request.

Exception java.lang.IllegalStateException: Cannot create a session after the response has been committed org.apache.catalina.connector.Request.doGetSession(Request.java:2948) org.apache.catalina.connector.Request.getSession(Request.java:2390) org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:908) org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:920) info.magnolia.cms.security.CsrfTokenSecurityFilter.doFilter(CsrfTokenSecurityFilter.java:111) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:155) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:128) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:94) info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.module.site.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:119) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:127) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.security.CsrfTokenSecurityFilter.doFilter(CsrfTokenSecurityFilter.java:115) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) info.magnolia.cms.filters.MultipartRequestFilter.doFilter(MultipartRequestFilter.java:151) info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:155) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:128) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:65) info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:107) info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67) info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:110) info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:96)


 Comments   
Comment by Roman Kovařík [ 10/Mar/21 ]

rdhar Is this still the case?

Generated at Mon Feb 12 04:28:59 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.