request-error description
 
description of the error:
 
environment:
 
Orion Application Server 1.5.2
Java1.4
Cocoon 2.0.3
Windows 2000
 

The resource requested was www.xxx.com/index.html without any request-parameters.
 
We are using the UserManager which is integrated into Orion.
The file index.html can only be accessed by successfully authorized users.
 
snippet from web.xml:
<login-config>
 <auth-method>FORM</auth-method>
 <form-login-config>
  <form-login-page>/WEB-INF/Cocoon/german/login_start/login.xsp</form-login-page>
  <form-error-page>/WEB-INF/Cocoon/german/login_start/login_noMessage.xsp</form-error-page>
 </form-login-config>
 <realm-name>KAIBox</realm-name>
</login-config>
 
The login is successful for a valid username/password-combination. If the login fails, there is the following error:
 
type fatal
message null
description java.lang.NullPointerException
sender org.apache.cocoon.servlet.CocoonServlet
source Cocoon servlet
stack-trace
java.lang.NullPointerException
 at org.apache.cocoon.environment.http.HttpEnvironment.extractAction(HttpEnvironment.java:139)
 at org.apache.cocoon.environment.http.HttpEnvironment.(HttpEnvironment.java:110)
 at org.apache.cocoon.servlet.CocoonServlet.getEnvironment(CocoonServlet.java:1149)
 at org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:986)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
 at com.evermind._cxb._abe(Unknown Source)
 at com.evermind._cxb._uec(Unknown Source)
 at com.evermind._cxb.forward(Unknown Source)
 at com.evermind._ctb.reject(Unknown Source)
 at com.evermind._ah._fod(Unknown Source)
 at com.evermind._ah._cwc(Unknown Source)
 at com.evermind._ah._dlc(Unknown Source)
 at com.evermind._ab._cwc(Unknown Source)
 at com.evermind._ah.getRequestDispatcher(Unknown Source)
 at com.aidossoftware.http.search.Controller.dispatch(Controller.java:154)
 at com.aidossoftware.http.search.Controller.processRequest(Controller.java:76)
 at com.aidossoftware.http.search.Controller.doPost(Controller.java:101)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:211)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:309)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
 at com.evermind._cxb._abe(Unknown Source)
 at com.evermind._cxb._uec(Unknown Source)
 at com.evermind._io._twc(Unknown Source)
 at com.evermind._io._gc(Unknown Source)
 at com.evermind._if.run(Unknown Source)
request-uri
/release/WEB-INF/Cocoon/german/login_start/login_noMessage.xsp
path-info
WEB-INF/Cocoon/german/login_start/login_noMessage.xsp
 

If you request index.html with a dummy-parameter(index.html?dummy=dummy) and give a wrong username/password-combination, there is no error and you get the correct site for a wrong login.
The same error occurs anywhere within a web-application, if the session had a timeout and resources are requested without parameters.
 
Is there any workaround for this problem?
 

Andrea Pöschel
 
Andrea Pöschel

Reply via email to