Solved

jsp session handling

Posted on 2003-12-11
4
30,792 Views
Last Modified: 2011-04-14
hello,
    I having lot of trouble login in at the same time. here is the scenario.
    When I login here is the flow of events
    Jsp---> sends commend to servlet --> calls Business Objects --> calls DAO's --> talks to the SSO and the local database for authentication..
   This is an J2EE application residing under ATG Dynamo server. But we are not using any of the ATG session handling.. We have our own session handling classes defined to manage sessions.
   Here is the problem.. Basically I noticed two problems.
 1)  When two Users tried to login at the same time. Only one user will able to login and the second user was shown the blank page with the message

java.lang.IllegalStateException: Redirect not allowed; response is already committed.
        at atg.servlet.DynamoHttpServletResponse.sendRedirect(DynamoHttpServletResponse.java:943)
        at com.attws.mms.TSDSecurity.controller.BaseController.dispatch(BaseController.java:397)
        at com.attws.mms.TSDSecurity.controller.BaseController.doPost(BaseController.java:502)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
                                                                 at com.attws.mms.TSDSecurity.controller.BaseController.service(BaseController.java:417)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                                                                 at atg.servlet.container.WebApplication.dispatchServlet(WebApplication.java:1188)
        at atg.servlet.container.WebApplication.dispatchServlet(WebApplication.java:1035)
        at atg.servlet.container.FilterChainImpl.dispatchServlet(FilterChainImpl.java:320)
        at atg.servlet.container.NullFilterChain.doFilter(NullFilterChain.java:116)
        at atg.servlet.container.FilterChainImpl.execute(FilterChainImpl.java:219)
        at atg.servlet.container.WebApplication.dispatchServlet(WebApplication.java:1007)
        at atg.servlet.container.WebApplication.dispatchRequest(WebApplication.java:642)
        at atg.servlet.container.WebApplication.dispatchRequest(WebApplication.java:503)
        at atg.servlet.pipeline.WebApplicationDispatcherPipelineServlet.service(WebApplicationDispatcherPipelineServlet.java:66)
                                                                                                                          at atg.servlet.pipeline.PipelineableServletImpl.
passRequest(PipelineableServletImpl.java:115)
        at atg.servlet.security.ThreadUserBinderServlet.service(ThreadUserBinderServlet.java:90)
        at atg.servlet.pipeline.PipelineableServletImpl.passRequest(PipelineableServletImpl.java:115)
        at atg.servlet.security.FormLoginPipelineServlet.service(FormLoginPipelineServlet.java:156)
        at atg.servlet.pipeline.PipelineableServletImpl.passRequest(PipelineableServletImpl.java:115)
        at atg.userprofiling.AccessControlServlet.service(AccessControlServlet.java:558)
        at atg.servlet.pipeline.PipelineableServletImpl.passRequest(PipelineableServletImpl.java:115)
        at atg.userprofiling.PageEventTriggerPipelineServlet.service(PageEventTriggerPipelineServlet.java:168)

When you refresh the page you will be able to see the page comming

  2) We logged in as different users at the same time. A blank page with the above message comes up and then when I refresh for my wonder both of us are getting the same user info.. This does not happen always.. But still this happend couple of times. I know for sure this could be something to do with session handling. But I dont have any control on sessionManager class files.I dont know What I can do to handle this happening. Is there anything that I can try from JSP page like making sure we always have a unique session throughout the session? I'm using redirect everywhere... Please let me know if you need more information

Please help me out with the solution.
0
Comment
Question by:ragtan
4 Comments
 
LVL 9

Accepted Solution

by:
vzilka earned 250 total points
ID: 9923683
It seems that you have a synchronization problem with your session handling.
1. Your JSP calls the same servlet instance somehow, or sends it an incorrect version of the request/response objects. Can you paste the JSP code?
2. Looks like the same problem as 1.
0
 
LVL 2

Expert Comment

by:anthony_castillon
ID: 9923695
On no. 1, the exception will occur if the response has already be flushed/sent prior to calling the sendRedirect().  If the session handling classes were done correctly, different threads should have been created to handle various sessions.  There shouldn't be any session issues there.  The problem then may be in your session handling mechanism.  Why not just use the built-in session handling mechanism of your server?  That's what these tools are for, so that you can do away with such tasks and instead concentrate with building your application.
0
 
LVL 14

Expert Comment

by:kennethxu
ID: 9925472
can we have a loot at this servlet in full: BaseController.java:397?
0
 
LVL 30

Expert Comment

by:Mayank S
ID: 9926258
Does your Servlet, by any chance, implement the SingleThreadModel?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
tomcat users xml 7 104
java beans and EJBs 5 185
using if condition without JSTL 2 104
equalIsNot  challenge 43 132
Often, people trade privacy and security for convenience. However in today's concrete jungle, this is an extremely foolish decision considering the vast amount of technologies being used against consumer interest. First off, I won't waste any time e…
Scenario: Your operations manager has discovered an anomaly in your security system. The business will start to suffer within 15 minutes if it is a major IT incident. What should she do? We have 6 recommendations for managing major incidents (https:…
A short film showing how OnPage and Connectwise integration works.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now