[
https://issues.apache.org/jira/browse/TOMEE-4595?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Markus Jung resolved TOMEE-4595.
--------------------------------
Resolution: Fixed
> OpenIdAuthenticationMechanism tokenAutoRefresh expression eval fails randomly
> -----------------------------------------------------------------------------
>
> Key: TOMEE-4595
> URL: https://issues.apache.org/jira/browse/TOMEE-4595
> Project: TomEE
> Issue Type: Bug
> Affects Versions: 10.1.4
> Reporter: Markus Jung
> Assignee: Markus Jung
> Priority: Major
> Fix For: 10.1.5
>
>
> Looks like a race condition, happens on random faces resource requests that
> are being sent by the browser in parallel
> Some examples
>
> {code:java}
> [ERROR] Exception Processing
> [/jakarta.faces.resource/font-awesome/7.1.0/css/all.min-jsf.css.xhtml]
> jakarta.el.PropertyNotFoundException: ELResolver cannot handle a null base
> Object with identifier [...]
> at org.apache.el.parser.AstIdentifier.getValue (AstIdentifier.java:116)
> at org.apache.el.parser.AstValue.getValue (AstValue.java:134)
> at org.apache.el.parser.AstEqual.getValue (AstEqual.java:34)
> at org.apache.el.ValueExpressionImpl.getValue
> (ValueExpressionImpl.java:150)
> at jakarta.el.ELProcessor.getValue (ELProcessor.java:62)
> at org.apache.tomee.security.TomEEELInvocationHandler.eval
> (TomEEELInvocationHandler.java:149)
> at org.apache.tomee.security.TomEEELInvocationHandler.invoke
> (TomEEELInvocationHandler.java:78)
> at jdk.proxy4.$Proxy109.tokenAutoRefresh (Unknown Source)
> at
> org.apache.tomee.security.http.openid.OpenIdAuthenticationMechanismDefinitionDelegate.tokenAutoRefresh
> (OpenIdAuthenticationMechanismDefinitionDelegate.java:179)
> at
> org.apache.webbeans.custom.OpenIdAuthenticationMechanismDefinition$$OwbNormalScopeProxy10520296620.tokenAutoRefresh
>
> (jakarta/security/enterprise/authentication/mechanism/http/OpenIdAuthenticationMechanismDefinition.java)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.handleExpiredTokens
> (OpenIdAuthenticationMechanism.java:152)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.validateRequest
> (OpenIdAuthenticationMechanism.java:110)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism.validateRequest
> (DefaultAuthenticationMechanism.java:43)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/DefaultAuthenticationMechanism.java)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthModule.validateRequest
> (TomEESecurityServerAuthModule.java:106)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthContext.validateRequest
> (TomEESecurityServerAuthContext.java:50)
> at org.apache.catalina.authenticator.AuthenticatorBase.authenticateJaspic
> (AuthenticatorBase.java:813)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke
> (AuthenticatorBase.java:574)
> at org.apache.catalina.core.StandardHostValve.invoke
> (StandardHostValve.java:113)
> at
> org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke
> (OpenEJBSecurityListener.java:97)
> at org.apache.catalina.valves.ErrorReportValve.invoke
> (ErrorReportValve.java:83)
> at org.apache.catalina.core.StandardEngineValve.invoke
> (StandardEngineValve.java:72)
> at org.apache.catalina.connector.CoyoteAdapter.service
> (CoyoteAdapter.java:342)
> at org.apache.coyote.http11.Http11Processor.service
> (Http11Processor.java:399)
> at org.apache.coyote.AbstractProcessorLight.process
> (AbstractProcessorLight.java:63)
> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process
> (AbstractProtocol.java:903)
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun
> (NioEndpoint.java:1775)
> at org.apache.tomcat.util.net.SocketProcessorBase.run
> (SocketProcessorBase.java:52)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker
> (ThreadPoolExecutor.java:973)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run
> (ThreadPoolExecutor.java:491)
> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run
> (TaskThread.java:63)
> at java.lang.Thread.run (Thread.java:1474)
> [ERROR] Exception Processing
> [/jakarta.faces.resource/font-awesome/7.1.0/css/v4-shims.min-jsf.css.xhtml]
> jakarta.el.PropertyNotFoundException: Property [...] not found on type [...]
> at jakarta.el.BeanELResolver$BeanProperties.get (BeanELResolver.java:261)
> at jakarta.el.BeanELResolver.property (BeanELResolver.java:330)
> at jakarta.el.BeanELResolver.getValue (BeanELResolver.java:99)
> at jakarta.el.CompositeELResolver.getValue (CompositeELResolver.java:109)
> at org.apache.el.parser.AstValue.getValue (AstValue.java:161)
> at org.apache.el.parser.AstEqual.getValue (AstEqual.java:34)
> at org.apache.el.ValueExpressionImpl.getValue
> (ValueExpressionImpl.java:150)
> at jakarta.el.ELProcessor.getValue (ELProcessor.java:62)
> at org.apache.tomee.security.TomEEELInvocationHandler.eval
> (TomEEELInvocationHandler.java:149)
> at org.apache.tomee.security.TomEEELInvocationHandler.invoke
> (TomEEELInvocationHandler.java:78)
> at jdk.proxy4.$Proxy109.tokenAutoRefresh (Unknown Source)
> at
> org.apache.tomee.security.http.openid.OpenIdAuthenticationMechanismDefinitionDelegate.tokenAutoRefresh
> (OpenIdAuthenticationMechanismDefinitionDelegate.java:179)
> at
> org.apache.webbeans.custom.OpenIdAuthenticationMechanismDefinition$$OwbNormalScopeProxy10520296620.tokenAutoRefresh
>
> (jakarta/security/enterprise/authentication/mechanism/http/OpenIdAuthenticationMechanismDefinition.java)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.handleExpiredTokens
> (OpenIdAuthenticationMechanism.java:138)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.validateRequest
> (OpenIdAuthenticationMechanism.java:110)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism.validateRequest
> (DefaultAuthenticationMechanism.java:43)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/DefaultAuthenticationMechanism.java)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthModule.validateRequest
> (TomEESecurityServerAuthModule.java:106)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthContext.validateRequest
> (TomEESecurityServerAuthContext.java:50)
> at org.apache.catalina.authenticator.AuthenticatorBase.authenticateJaspic
> (AuthenticatorBase.java:813)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke
> (AuthenticatorBase.java:574)
> at org.apache.catalina.core.StandardHostValve.invoke
> (StandardHostValve.java:113)
> at
> org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke
> (OpenEJBSecurityListener.java:97)
> at org.apache.catalina.valves.ErrorReportValve.invoke
> (ErrorReportValve.java:83)
> at org.apache.catalina.core.StandardEngineValve.invoke
> (StandardEngineValve.java:72)
> at org.apache.catalina.connector.CoyoteAdapter.service
> (CoyoteAdapter.java:342)
> at org.apache.coyote.http11.Http11Processor.service
> (Http11Processor.java:399)
> at org.apache.coyote.AbstractProcessorLight.process
> (AbstractProcessorLight.java:63)
> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process
> (AbstractProtocol.java:903)
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun
> (NioEndpoint.java:1775)
> at org.apache.tomcat.util.net.SocketProcessorBase.run
> (SocketProcessorBase.java:52)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker
> (ThreadPoolExecutor.java:973)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run
> (ThreadPoolExecutor.java:491)
> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run
> (TaskThread.java:63)
> at java.lang.Thread.run (Thread.java:1474)
> [ERROR] Exception Processing
> [/jakarta.faces.resource/jquery/jquery-plugins.js.xhtml]
> jakarta.el.PropertyNotFoundException: ELResolver cannot handle a null base
> Object with identifier [...]
> at org.apache.el.parser.AstIdentifier.getValue (AstIdentifier.java:116)
> at org.apache.el.parser.AstValue.getValue (AstValue.java:134)
> at org.apache.el.parser.AstEqual.getValue (AstEqual.java:34)
> at org.apache.el.ValueExpressionImpl.getValue
> (ValueExpressionImpl.java:150)
> at jakarta.el.ELProcessor.getValue (ELProcessor.java:62)
> at org.apache.tomee.security.TomEEELInvocationHandler.eval
> (TomEEELInvocationHandler.java:149)
> at org.apache.tomee.security.TomEEELInvocationHandler.invoke
> (TomEEELInvocationHandler.java:78)
> at jdk.proxy4.$Proxy109.tokenAutoRefresh (Unknown Source)
> at
> org.apache.tomee.security.http.openid.OpenIdAuthenticationMechanismDefinitionDelegate.tokenAutoRefresh
> (OpenIdAuthenticationMechanismDefinitionDelegate.java:179)
> at
> org.apache.webbeans.custom.OpenIdAuthenticationMechanismDefinition$$OwbNormalScopeProxy10520296620.tokenAutoRefresh
>
> (jakarta/security/enterprise/authentication/mechanism/http/OpenIdAuthenticationMechanismDefinition.java)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.handleExpiredTokens
> (OpenIdAuthenticationMechanism.java:152)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism.validateRequest
> (OpenIdAuthenticationMechanism.java:110)
> at
> org.apache.tomee.security.cdi.OpenIdAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism.validateRequest
> (DefaultAuthenticationMechanism.java:43)
> at
> org.apache.tomee.security.cdi.DefaultAuthenticationMechanism$$OwbNormalScopeProxy0.validateRequest
> (org/apache/tomee/security/cdi/DefaultAuthenticationMechanism.java)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthModule.validateRequest
> (TomEESecurityServerAuthModule.java:106)
> at
> org.apache.tomee.security.provider.TomEESecurityServerAuthContext.validateRequest
> (TomEESecurityServerAuthContext.java:50)
> at org.apache.catalina.authenticator.AuthenticatorBase.authenticateJaspic
> (AuthenticatorBase.java:813)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke
> (AuthenticatorBase.java:574)
> at org.apache.catalina.core.StandardHostValve.invoke
> (StandardHostValve.java:113)
> at
> org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke
> (OpenEJBSecurityListener.java:97)
> at org.apache.catalina.valves.ErrorReportValve.invoke
> (ErrorReportValve.java:83)
> at org.apache.catalina.core.StandardEngineValve.invoke
> (StandardEngineValve.java:72)
> at org.apache.catalina.connector.CoyoteAdapter.service
> (CoyoteAdapter.java:342)
> at org.apache.coyote.http11.Http11Processor.service
> (Http11Processor.java:399)
> at org.apache.coyote.AbstractProcessorLight.process
> (AbstractProcessorLight.java:63)
> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process
> (AbstractProtocol.java:903)
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun
> (NioEndpoint.java:1775)
> at org.apache.tomcat.util.net.SocketProcessorBase.run
> (SocketProcessorBase.java:52)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker
> (ThreadPoolExecutor.java:973)
> at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run
> (ThreadPoolExecutor.java:491)
> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run
> (TaskThread.java:63)
> at java.lang.Thread.run (Thread.java:1474){code}
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
