https://bz.apache.org/bugzilla/show_bug.cgi?id=66676
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #3 from Mark Thomas <ma...@apache.org> ---
(In reply to Georg F. from comment #2)
> Hey Mark,
>
> thanks for looking into it.
> I think the problem still exists in the latest 10.1.x branch on GitHub.
>
> Let me explain the problem step by step from the code on GitHub:
> * When the WebSocket is closed the WebSocket tries to send the close
> message via
> https://github.com/apache/tomcat/blob/
> 8b1833f75bfce59a05791dede5eb9904b51da3da/java/org/apache/tomcat/websocket/
> WsSession.java#L718
There are two code paths to this line.
The path via WsSession.doClose() will have set WsSession.state to
OUTPUT_CLOSING.
The path via WsSession.onClose() will have set WsSession.state to CLOSING.
> * This in turn will try to send the message parts via
> https://github.com/apache/tomcat/blob/
> b9a8bd4fdaf31b0cc08cc72f95c802d35bb885f2/java/org/apache/tomcat/websocket/
> WsRemoteEndpointImplBase.java#L311
No further change in WsSession.state occurs to this point.
> * Unfortunately this may fail for whatever reason which then ends up in
> closing the session via
> https://github.com/apache/tomcat/blob/
> b9a8bd4fdaf31b0cc08cc72f95c802d35bb885f2/java/org/apache/tomcat/websocket/
> WsRemoteEndpointImplBase.java#L322
No further change in WsSession.state occurs to this point.
> * The problem is now that the session now got to a "CLOSED" state
How? when WsSession.doClose() is called the state check on line 568 will cause
the method to return immediately with no further change in WsSession.state
https://github.com/apache/tomcat/blob/8b1833f75bfce59a05791dede5eb9904b51da3da/java/org/apache/tomcat/websocket/WsSession.java#L568
>, but when
> returning from these methods we end up in
> https://github.com/apache/tomcat/blob/
> 8b1833f75bfce59a05791dede5eb9904b51da3da/java/org/apache/tomcat/websocket/
> WsSession.java#L734 which tries to get the user principal on the closed
> session which is forbidden.
?
> * And so another exception is thrown which overrules the previous one and
> shows this confusing message.
>
> I hope that helps.
Sorry, it doesn't yet. Following that code path described I don't see how
WsSession.getUserPrincipal() can fail the checkState() test and trigger the
exception.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
