Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 8.0.0.GA-CR1, 8.0.0.GA
Affects Version/s: None
Component/s: Clustering, Security, Undertow
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Target Release:

8.0.0.GA
Target Version:

8.0.0.GA

SFDC Cases Counter:
SFDC Cases Links:

Description

Scenario is there are two servers forming HA cluster and distributable applications deployed using the same Undertow application security domian (FORM, SSO). And exception intermittently (1:50) happens when one of servers is killed. Exception is (most probably) thrown on stopping server.


 ERROR [org.wildfly.security] (default task-1) ELY06013: Failed to invalidate local session: java.lang.IllegalStateException
    at org.wildfly.clustering.web.undertow@28.0.0.Beta1-SNAPSHOT//org.wildfly.clustering.web.undertow.session.SimpleSessionConfig.clearSession(SimpleSessionConfig.java:47)
    at org.wildfly.clustering.web.undertow@28.0.0.Beta1-SNAPSHOT//org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:283)
    at org.wildfly.security.elytron-web.undertow-server@3.0.0.Final//org.wildfly.elytron.web.undertow.server.ElytronHttpExchange$3.invalidate(ElytronHttpExchange.java:503)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.util.sso.DefaultSingleSignOnSession.invalidateLocalSession(DefaultSingleSignOnSession.java:233)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.util.sso.DefaultSingleSignOnSession.logout(DefaultSingleSignOnSession.java:216)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.util.sso.SingleSignOnServerMechanismFactory$1.evaluateRequest(SingleSignOnServerMechanismFactory.java:103)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.auth.server.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:85)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:325)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$800(HttpAuthenticator.java:300)
    at org.wildfly.security.elytron-base@2.0.0.Final//org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:94)
    at org.wildfly.security.elytron-web.undertow-server@3.0.0.Final//org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:107)

When I look at stacktrace that flow is in code where exception is always thrown. So seems to me that it is bug, that flow get here. https://github.com/wildfly/wildfly/blob/main/clustering/web/undertow/src/main/java/org/wildfly/clustering/web/undertow/session/SimpleSessionConfig.java#L47

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

log.txt
89 kB
2023/01/27 7:33 AM
stacktrace.txt
7 kB
2023/01/27 7:33 AM

Issue Links

clones

WFLY-17569 ELY06013: Failed to invalidate local session: java.lang.IllegalStateException

Closed

is cloned by

JBEAP-24362 [GSS](7.4.z) web session invalidation outside of a request gets IllegalStateException

Verified

Activity

People

Assignee:: Paul Ferraro

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2023/01/27 7:33 AM

Updated:: 2023/12/19 4:29 PM

Resolved:: 2023/11/23 10:43 AM