Anonymous | Login | Signup for a new account | 05-04-2024 04:36 PDT |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0006219 | [Resin] | minor | always | 03-12-19 12:02 | 03-19-19 14:53 | ||||
Reporter | ferg | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | Platform | |||||
Status | closed | OS | |||||||
Projection | none | OS Version | |||||||
ETA | none | Fixed in Version | Product Version | 4.0.62 | |||||
Product Build | |||||||||
Summary | 0006219: 500 with j_security_check and but no auth configuration | ||||||||
Description |
(rep by Steffan Busch) Although we don't have any auth-type configuration in our web-app / website, there will be a 500 Servlet Exception with the below Stack Trace whenever someone submits a /j_security_check request to our Resin-Pro 4.0.61 instance. For example this request: https://caucho.com/j_security_check [^] or https://caucho.com/non-existent-path/random/j_security_check [^] javax.servlet.ServletException: FormLoginServlet requires a form login auth-type configuration at 'Basic' in 'WebApp[production/webapp/www.caucho.com/ROOT]' at com.caucho.server.security.FormLoginServlet.getFormLogin(FormLoginServlet.java:195) at com.caucho.server.security.FormLoginServlet.service(FormLoginServlet.java:65) at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:109) at com.caucho.server.webapp.DispatchFilterChain.doFilter(DispatchFilterChain.java:131) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:304) at com.caucho.server.webapp.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:298) at com.caucho.server.webapp.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:116) at com.caucho.server.dispatch.ForwardFilterChain.doFilter(ForwardFilterChain.java:120) at com.caucho.server.rewrite.MatchFilterChain.doFilter(MatchFilterChain.java:98) at com.caucho.server.rewrite.MatchFilterChain.doFilter(MatchFilterChain.java:98) at com.caucho.server.httpcache.ProxyCacheFilterChain.doRequestCacheable(ProxyCacheFilterChain.java:252) at com.caucho.server.httpcache.ProxyCacheFilterChain.doFilter(ProxyCacheFilterChain.java:193) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:156) at com.caucho.server.httpcache.ProxyCacheFilterChain.doRequestCacheable(ProxyCacheFilterChain.java:252) at com.caucho.server.httpcache.ProxyCacheFilterChain.doFilter(ProxyCacheFilterChain.java:193) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:156) at com.caucho.server.webapp.AccessLogFilterChain.doFilter(AccessLogFilterChain.java:95) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:304) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:843) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:1393) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:1349) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:1333) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:1241) at com.caucho.network.listen.TcpSocketLink.handleAcceptTaskImpl(TcpSocketLink.java:1037) at com.caucho.network.listen.ConnectionTask.runThread(ConnectionTask.java:117) at com.caucho.network.listen.ConnectionTask.run(ConnectionTask.java:93) at com.caucho.network.listen.SocketLinkThreadLauncher.handleTasks(SocketLinkThreadLauncher.java:175) at com.caucho.network.listen.TcpSocketAcceptThread.run(TcpSocketAcceptThread.java:61) at com.caucho.env.thread2.ResinThread2.runTasks(ResinThread2.java:173) at com.caucho.env.thread2.ResinThread2.run(ResinThread2.java:118) These kind of /j_security_check requests are increasing the 500 count in Resin Admin's meters and it is also triggering the AnomalyAnalyzer for "Resin|Http|5xx WARNING". Is there any configuration tweak that can be performed to not have a 500 Servlet Exception? |
||||||||
Steps To Reproduce | |||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed. 27 unique queries executed. |