DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25835>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25835 Synchronization problem with RequestFilterValve Summary: Synchronization problem with RequestFilterValve Product: Tomcat 4 Version: 4.1.29 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Copied from the mailing list: I'm having some problems with using RemoteAddrValve to allow only certain addresses to access an Engine. I'm using tomcat 4.1.27 with jdk1.3.1 on Solaris. I've configured the following: <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="a.b.c.d"/> under the engine. I know I should have escaped the '.' (regexp) but it should work as is. I'm receiving once in every few thousands of requests the following error: 2003-12-26 11:26:51 CoyoteAdapter An exception or error occurred in the container during the request processing java.lang.StringIndexOutOfBoundsException: String index out of range: 11 at java.lang.String.charAt(String.java:511) at org.apache.regexp.StringCharacterIterator.charAt(StringCharacterIterator.java:90) at org.apache.regexp.RE.matchNodes(RE.java:1161) at org.apache.regexp.RE.matchAt(RE.java:1448) at org.apache.regexp.RE.match(RE.java:1540) at org.apache.regexp.RE.match(RE.java:1468) at org.apache.regexp.RE.match(RE.java:1561) at org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:335) at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:131) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:601) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619) at java.lang.Thread.run(Thread.java:479) Also, once in every few thousands of requests I'm receiving a 403 access denied error on a valid address (I can see that in the access log). After checking the RequestFilterValve class, I can see it saves the compiled regular expressions (RE) and reuses them to check every request. Looking at regexp documentations, it is explicitly stated that RE is not thread-safe. Am I missing something? It looks like under load, this valve fails. Also, I can see that the RequestFilterValve class didn't change in the 5.0.16 version either. Possible solution: Synchronizing the process method would be a bad idea (bottleneck for all requests) so it looks like there won't be any choice but to recreate the RE as local variables. There is also a possibility (ugly one) of serializing the array of RE to a byte array and de-serializing it in the process method. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
