request-error description
description of the error:
environment:
Orion Application Server 1.5.2
Java1.4 Cocoon 2.0.3 Windows 2000 The resource requested was www.xxx.com/index.html without any request-parameters. We are using the UserManager which is integrated into Orion.
The file index.html can only be accessed by successfully authorized users. snippet from web.xml:
<login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/WEB-INF/Cocoon/german/login_start/login.xsp</form-login-page> <form-error-page>/WEB-INF/Cocoon/german/login_start/login_noMessage.xsp</form-error-page> </form-login-config> <realm-name>KAIBox</realm-name> </login-config> The login is successful for a valid username/password-combination. If the
login fails, there is the following error:
type fatal
message null description java.lang.NullPointerException sender org.apache.cocoon.servlet.CocoonServlet source Cocoon servlet stack-trace java.lang.NullPointerException at org.apache.cocoon.environment.http.HttpEnvironment.extractAction(HttpEnvironment.java:139) at org.apache.cocoon.environment.http.HttpEnvironment.(HttpEnvironment.java:110) at org.apache.cocoon.servlet.CocoonServlet.getEnvironment(CocoonServlet.java:1149) at org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:986) at javax.servlet.http.HttpServlet.service(HttpServlet.java:336) at com.evermind._cxb._abe(Unknown Source) at com.evermind._cxb._uec(Unknown Source) at com.evermind._cxb.forward(Unknown Source) at com.evermind._ctb.reject(Unknown Source) at com.evermind._ah._fod(Unknown Source) at com.evermind._ah._cwc(Unknown Source) at com.evermind._ah._dlc(Unknown Source) at com.evermind._ab._cwc(Unknown Source) at com.evermind._ah.getRequestDispatcher(Unknown Source) at com.aidossoftware.http.search.Controller.dispatch(Controller.java:154) at com.aidossoftware.http.search.Controller.processRequest(Controller.java:76) at com.aidossoftware.http.search.Controller.doPost(Controller.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:211) at javax.servlet.http.HttpServlet.service(HttpServlet.java:309) at javax.servlet.http.HttpServlet.service(HttpServlet.java:336) at com.evermind._cxb._abe(Unknown Source) at com.evermind._cxb._uec(Unknown Source) at com.evermind._io._twc(Unknown Source) at com.evermind._io._gc(Unknown Source) at com.evermind._if.run(Unknown Source) request-uri /release/WEB-INF/Cocoon/german/login_start/login_noMessage.xsp path-info WEB-INF/Cocoon/german/login_start/login_noMessage.xsp If you request index.html with a dummy-parameter(index.html?dummy=dummy) and give a wrong username/password-combination, there is no error and you get the correct site for a wrong login. The same error occurs anywhere within a web-application, if the session had a timeout and resources are requested without parameters. Is there any workaround for this problem?
Andrea Pöschel Andrea Pöschel
|