Hey,
I have a rather problematic issue with App Engine when attempting to
post data to the server.
Firefox uses OPTIONS method to verify the data before sending it to
the server and this is causing the issue.
Everything works fine on localhost and the server receives the OPTIONS
request, returns 200 and everything goes fine.
But when I put it to production I get the following error when trying
to post data:
java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessDeclaredMembers)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:
355)
at
java.security.AccessController.checkPermission(AccessController.java:
567)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at
com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:
45)
at java.lang.SecurityManager.checkMemberAccess(Unknown Source)
at java.lang.Class.checkMemberAccess(Unknown Source)
at java.lang.Class.getDeclaredMethods(Unknown Source)
at
javax.servlet.http.HttpServlet.getAllDeclaredMethods(HttpServlet.java:
479)
at
javax.servlet.http.HttpServlet.getAllDeclaredMethods(HttpServlet.java:
478)
at
javax.servlet.http.HttpServlet.getAllDeclaredMethods(HttpServlet.java:
478)
at javax.servlet.http.HttpServlet.doOptions(HttpServlet.java:534)
at
org.springframework.web.servlet.FrameworkServlet.doOptions(FrameworkServlet.java:
594)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:
511)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1166)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:
109)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:
83)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:
97)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:
78)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:
187)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:
105)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:
79)
at org.springframework.security.web.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:
149)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:
237)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:
167)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1157)
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:
88)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:
76)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1157)
at
com.google.apphosting.utils.servlet.ParseBlobUploadFilter.doFilter(ParseBlobUploadFilter.java:
97)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1157)
at
com.google.apphosting.runtime.jetty.SaveSessionFilter.doFilter(SaveSessionFilter.java:
35)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1157)
at
com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:
43)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1157)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:
388)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:
216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:
182)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:
765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:
418)
at
com.google.apphosting.runtime.jetty.AppVersionHandlerMap.handle(AppVersionHandlerMap.java:
238)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:
152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:
542)
at org.mortbay.jetty.HttpConnection
$RequestHandler.headerComplete(HttpConnection.java:923)
at
com.google.apphosting.runtime.jetty.RpcRequestParser.parseAvailable(RpcRequestParser.java:
76)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at
com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:
135)
at
com.google.apphosting.runtime.JavaRuntime.handleRequest(JavaRuntime.java:
250)
at com.google.apphosting.base.RuntimePb$EvaluationRuntime
$6.handleBlockingRequest(RuntimePb.java:7115)
at com.google.apphosting.base.RuntimePb$EvaluationRuntime
$6.handleBlockingRequest(RuntimePb.java:7113)
at
com.google.net.rpc.impl.BlockingApplicationHandler.handleRequest(BlockingApplicationHandler.java:
24)
at com.google.net.rpc.impl.RpcUtil.runRpcInApplication(RpcUtil.java:
398)
at com.google.net.rpc.impl.Server$2.run(Server.java:852)
at
com.google.tracing.LocalTraceSpanRunnable.run(LocalTraceSpanRunnable.java:
56)
at
com.google.tracing.LocalTraceSpanBuilder.internalContinueSpan(LocalTraceSpanBuilder.java:
576)
at com.google.net.rpc.impl.Server.startRpc(Server.java:807)
at com.google.net.rpc.impl.Server.processRequest(Server.java:369)
at
com.google.net.rpc.impl.ServerConnection.messageReceived(ServerConnection.java:
442)
at
com.google.net.rpc.impl.RpcConnection.parseMessages(RpcConnection.java:
319)
at
com.google.net.rpc.impl.RpcConnection.dataReceived(RpcConnection.java:
290)
at com.google.net.async.Connection.handleReadEvent(Connection.java:
474)
at
com.google.net.async.EventDispatcher.processNetworkEvents(EventDispatcher.java:
831)
at
com.google.net.async.EventDispatcher.internalLoop(EventDispatcher.java:
207)
at com.google.net.async.EventDispatcher.loop(EventDispatcher.java:
103)
at
com.google.net.rpc.RpcService.runUntilServerShutdown(RpcService.java:
251)
at com.google.apphosting.runtime.JavaRuntime
$RpcRunnable.run(JavaRuntime.java:417)
at java.lang.Thread.run(Unknown Source)
I have the following on the server (using Spring 3.0.3 with Spring-
Security 3.0.3) to receive the request but it never reaches this on
production.
@RequestMapping(value = "/form.json", method = RequestMethod.OPTIONS)
public String options(
final HttpServletResponse resp, final
HttpServletRequest req) {
resp.setHeader("Access-Control-Allow-Origin", "*");
resp.setHeader("Access-Control-Allow-Methods", "POST");
resp.setHeader("Access-Control-Allow-Headers", "Origin,
X-Requested-
With, X-HTTP-Method-Override, Content-Type, Accept");
resp.setHeader("Access-Control-Max-Age", "216000");
return "";
}
Any ideas would be welcome.
--
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en.
