Hi Glen, I attached my patch to JIRA. https://issues.apache.org/jira/browse/ROL-2058
2015/01/11 1:09、Glen Mazza <[email protected]> のメール: > Patch welcome. :) > > Glen > > On Sat, Jan 10, 2015 at 10:36 AM, kyle <[email protected]> wrote: > >> I think I found the cause. UIAction#setSalt(String) is being invoked with >> old salt value (maybe it comes from POST parameter). simply deleting >> UIAction#setSalt(String) solved the problem on my workspace. now I'm seeing >> a new salt value at every hitting of "Save as draft". >> >> 2015/01/10 22:49、kyle <[email protected]> のメール: >> >>> Hello Glen, >>> >>> Thanks for the response. >>> >>> I think it appears that my previous email was not clear. in my >> environment, the clock won't restart when I hit save as draft. the clock >> start ticking at the first time I visit the editing page, it never stops so >> I can't stay in the editing page over 60 minutes. to restart the clock (to >> get a new salt), I need 2 steps - move to other page and get back to the >> editing page. do you mean I should doing so? >>> >>> 2015/01/10 22:22、Glen <[email protected]> wrote: >>> >>>> Hi Kyle, while it probably could be handled more elegantly, your >> writing would not normally be lost, as you can just hit the back key from >> your browser to get back to your text. 60 minutes is pretty generous and >> the clock restarts everytime you hit save draft as you periodically should >> be doing anyway. We haven't the resources to try to implement google doc >> style editing within blog entries, at any rate for long term editing you >> can use your favorite desktop editor and then just copy and paste the html >> into the roller blog edit field and then publish it. >>>> >>>> Yes this happens with other containers like Tomcat. >>>> >>>> Glen >>>> >>>> -----Original Message----- >>>> From: "kyle" <[email protected]> >>>> Sent: 1/10/2015 7:57 AM >>>> To: "[email protected]" <[email protected]> >>>> Subject: Salt stays same in entryEdit page - is it by design? >>>> >>>> Hello, I'm running Roller 5.1.1 on WildFly 8.2.0.Final. >>>> >>>> Recently I got into a problem which is getting status code 500 >>>> by "javax.servlet.ServletException: Security Violation." >>>> at editing page 1 or 2 times per day. >>>> it occurs when I push save as draft button. >>>> >>>> I'm looking into this problem now, >>>> then I found that the salt value in the editing page stays same >>>> while I'm writing content and pushing save button sometimes. >>>> I mean this element in the form: >>>> <input type="hidden" name="salt" value="8l4wTyF0LBKuhJLJ5zvU" >> id="entry_salt"/> >>>> >>>> I turned on DEBUG logs, then I can see the problem more clearly. >>>> >>>> DEBUG 2015-01-10 20:52:28,267 SaltCache:put - PUT 8l4wTyF0LBKuhJLJ5zvU >>>> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU >>>> DEBUG 2015-01-10 20:52:37,924 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU >>>> ...snip... >>>> DEBUG 2015-01-10 21:51:49,744 SaltCache:get - HIT 8l4wTyF0LBKuhJLJ5zvU >>>> DEBUG 2015-01-10 21:53:14,173 ExpiringLRUCacheImpl:get - EXPIRED >> [8l4wTyF0LBKuhJLJ5zvU] >>>> DEBUG 2015-01-10 21:53:14,173 SaltCache:get - MISS 8l4wTyF0LBKuhJLJ5zvU >>>> >>>> And, after some investigating I found that >>>> all salts will be expired in 60 minutes after creation. >>>> thus, I can't stay at editing page over 60 minutes. >>>> If I overstayed, then I can't save my draft anymore >>>> and got "Security Violation". >>>> >>>> Is it expected behavior? >>>> or it might be a WildFly specific problem? >>>> >>>> Also I posted about the problem: >>>> >> http://www.nailedtothex.org/roller/kyle/entry/debugging-roller-s-salt-processing >>>> >>>> Thanks. >>> >>> >> >>
