Uploaded image for project: 'LAMS Development'
  1. LAMS Development
  2. LDEV-2771

Logging back to LAMS sometimes causes an exception

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.4
    • Fix Version/s: 2.4
    • Component/s: General
    • Labels:
      None
    • Environment:
      Firefox 9, Chrome 16

      Description

      Steps to reproduce:
      1. Log in as user A
      2. Log out
      3. Log in as user B

      *Sometimes* this causes an exception starting with:
      -----------------
      2012-01-06 10:54:24,809 FATAL [CustomStrutsExceptionHandler] fatal System exception: [java.lang.NullPointerException] :null
      java.lang.NullPointerException
      at org.lamsfoundation.lams.web.IndexAction.execute(IndexAction.java:103)
      -----------------

      It is caused by missing userDTO from session.
      It seems that LAMS is trying to access the old session where after log out no user data is stored anymore.

        Activity

        Hide
        ernieg Ernie Ghiglione added a comment -
        Tested and closed!
        Show
        ernieg Ernie Ghiglione added a comment - Tested and closed!
        Hide
        marcin Marcin Cieslak added a comment -
        Single Sing On class was either creating SSO session and cookie when they were missing
        or removing them if they existed but didn't contain necessary credentials.
        This was the case when user was unsuccessfully trying to log into LAMS.
        If he finally provided correct authentication data when SSO cookie was missing, he was properly redirected to welcome page. If he tried that when SSO cookie was present, the provided SSO session was reused even though it did not contain necessary data, leading to described error.
        The issue was fixed by preventing SSO class from deregistering already existing session, so a single SSO ID is used for all authentication attempts.

        There was also a little clean up when removing SSO cookie in SessionManager class.
        Show
        marcin Marcin Cieslak added a comment - Single Sing On class was either creating SSO session and cookie when they were missing or removing them if they existed but didn't contain necessary credentials. This was the case when user was unsuccessfully trying to log into LAMS. If he finally provided correct authentication data when SSO cookie was missing, he was properly redirected to welcome page. If he tried that when SSO cookie was present, the provided SSO session was reused even though it did not contain necessary data, leading to described error. The issue was fixed by preventing SSO class from deregistering already existing session, so a single SSO ID is used for all authentication attempts. There was also a little clean up when removing SSO cookie in SessionManager class.
        Hide
        ernieg Ernie Ghiglione added a comment -
        Marcin,

        I think i have managed to reproduce this properly:

        1) Go to login page and enter an incorrect username and passwork and click login
        2) LAMS will complain and the URL will be http://137.111.246.19:8080/lams/j_security_check
        3) now login with a proper username and passwd and you get:

        java.lang.NullPointerException: Unknown runtime exception! Show detail


        Glad we found this because it looks nasty!
        Show
        ernieg Ernie Ghiglione added a comment - Marcin, I think i have managed to reproduce this properly: 1) Go to login page and enter an incorrect username and passwork and click login 2) LAMS will complain and the URL will be http://137.111.246.19:8080/lams/j_security_check 3) now login with a proper username and passwd and you get: java.lang.NullPointerException: Unknown runtime exception! Show detail Glad we found this because it looks nasty!
        Hide
        marcin Marcin Cieslak added a comment -
        I remember working on something similar (?) here: LDEV-2719
        Changes were done also for LAMS 2.4, so if it is a cookie problem, it must be something new.
        Show
        marcin Marcin Cieslak added a comment - I remember working on something similar (?) here: LDEV-2719 Changes were done also for LAMS 2.4, so if it is a cookie problem, it must be something new.
        Hide
        ernieg Ernie Ghiglione added a comment -
        Marcin,

        Yesterday with Andrey we were going crazy about something similar... but it ended up being an issue with cookies.

        I think this is what is happening (but I'm not 100% sure). As we use the same server over and over to test and some times we don't logout just restart the server, the browser keeps accumulating cookies and sometimes when you try to do something where there's info retrieved from a session/session-map, then things start to go bad.

        Next time you face this, have a look at the cookies, clear them out and then login again and test whether you still have that problem.


        If this is the case, then what we can discuss some way to invalidate/delete all cookies when a new one is created? (don't know if this will be possible though)
        Show
        ernieg Ernie Ghiglione added a comment - Marcin, Yesterday with Andrey we were going crazy about something similar... but it ended up being an issue with cookies. I think this is what is happening (but I'm not 100% sure). As we use the same server over and over to test and some times we don't logout just restart the server, the browser keeps accumulating cookies and sometimes when you try to do something where there's info retrieved from a session/session-map, then things start to go bad. Next time you face this, have a look at the cookies, clear them out and then login again and test whether you still have that problem. If this is the case, then what we can discuss some way to invalidate/delete all cookies when a new one is created? (don't know if this will be possible though)

          People

          • Assignee:
            marcin Marcin Cieslak
            Reporter:
            marcin Marcin Cieslak
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development