search

google-code-export / wro4j

Automatically exported from code.google.com/p/wro4j
1 stars 1 forks source link

DisableCache clears the Model before the ResourceAuthorizationManager access it #871

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
2014-04-29 11:17:44,955 DEBUG [ro.isdc.wro.cache.CacheValue] - <Gzipping the 
content....>
2014-04-29 11:17:44,962 DEBUG 
[ro.isdc.wro.model.resource.processor.support.CssUrlInspector] - <Matched 
group: url('../img/kroger-logo.gif')>
2014-04-29 11:17:44,962 DEBUG 
[ro.isdc.wro.model.resource.processor.support.CssUrlInspector] - <No @import 
detected>
2014-04-29 11:17:44,963 DEBUG 
[ro.isdc.wro.model.resource.processor.support.CssUrlInspector] - 
<originalDeclaration: url('../img/kroger-logo.gif')>
2014-04-29 11:17:44,963 DEBUG 
[ro.isdc.wro.model.resource.processor.support.CssUrlInspector] - <originalUrl: 
../img/kroger-logo.gif>
2014-04-29 11:17:44,966 DEBUG 
[ro.isdc.wro.model.resource.processor.support.ImageUrlRewriter] - <cssUri: 
classpath:META-INF/resources/css/kroger-bootstrap-styles.css, imageUrl 
../img/kroger-logo.gif>
2014-04-29 11:17:44,967 DEBUG 
[ro.isdc.wro.model.resource.processor.support.ImageUrlRewriter] - 
<computedImageLocation: classpath:META-INF/resources/img/kroger-logo.gif>
2014-04-29 11:17:44,967 DEBUG 
[ro.isdc.wro.model.resource.processor.impl.css.AbstractCssUrlRewritingProcessor]
 - <replaced old Url: [../img/kroger-logo.gif] with: 
[/Thymeleaf/wro/kroger-bootstrap-styles.css?wroAPI=wroResources&id=classpath:MET
A-INF/resources/img/kroger-logo.gif].>
2014-04-29 11:17:44,967 DEBUG 
[ro.isdc.wro.model.resource.processor.impl.css.CssUrlRewritingProcessor] - 
<adding allowed url: classpath:META-INF/resources/img/kroger-logo.gif>
2014-04-29 11:17:44,968 DEBUG 
[ro.isdc.wro.model.resource.support.DefaultResourceAuthorizationManager] - 
<authorize: classpath:META-INF/resources/img/kroger-logo.gif>

2014-04-29 11:17:45,127 DEBUG [ro.isdc.wro.http.WroFilter] - <Disable Cache is 
true. Destroying model...>
2014-04-29 11:17:45,128 DEBUG 
[ro.isdc.wro.model.factory.DefaultWroModelFactoryDecorator] - <Destroy model>
2014-04-29 11:17:45,128 DEBUG 
[ro.isdc.wro.model.resource.support.DefaultResourceAuthorizationManager] - 
<clear.>
2014-04-29 11:17:45,128 DEBUG 
[ro.isdc.wro.model.resource.support.DefaultResourceAuthorizationManager] - 
<clear.>
2014-04-29 11:17:45,619 DEBUG [ro.isdc.wro.http.WroFilter] - <processing wro 
request: /Thymeleaf/wro/kroger-bootstrap-styles.css>
2014-04-29 11:17:45,620 DEBUG 
[ro.isdc.wro.http.handler.ResourceProxyRequestHandler] - <[FAIL] Unauthorized 
proxy resource: classpath:META-INF/resources/img/kroger-logo.gif>
2014-04-29 11:17:45,620 DEBUG [ro.isdc.wro.WroRuntimeException] - <Unauthorized 
resource request detected: classpath:META-INF/resources/img/kroger-logo.gif>
2014-04-29 11:17:45,623 DEBUG [ro.isdc.wro.http.WroFilter] - <processing wro 
request: /Thymeleaf/wro/kroger-bootstrap-styles.css>
2014-04-29 11:17:45,624 DEBUG 
[ro.isdc.wro.http.handler.ResourceProxyRequestHandler] - <[FAIL] Unauthorized 
proxy resource: 
classpath:META-INF/resources/fonts/fontawesome-webfont.woff?v=4.0.3>
2014-04-29 11:17:45,624 DEBUG [ro.isdc.wro.WroRuntimeException] - <Unauthorized 
resource request detected: 
classpath:META-INF/resources/fonts/fontawesome-webfont.woff?v=4.0.3>
2014-04-29 11:17:45,625 DEBUG [ro.isdc.wro.http.WroFilter] - <Exception occured>
ro.isdc.wro.http.support.UnauthorizedRequestException: Unauthorized resource 
request detected: classpath:META-INF/resources/img/kroger-logo.gif
    at ro.isdc.wro.http.handler.ResourceProxyRequestHandler.verifyAccess(ResourceProxyRequestHandler.java:128) ~[wro4j-core-1.7.5.jar:1.7.5]
    at ro.isdc.wro.http.handler.ResourceProxyRequestHandler.handle(ResourceProxyRequestHandler.java:69) ~[wro4j-core-1.7.5.jar:1.7.5]
    at ro.isdc.wro.http.handler.LazyRequestHandlerDecorator.handle(LazyRequestHandlerDecorator.java:46) ~[wro4j-core-1.7.5.jar:1.7.5]
    at ro.isdc.wro.http.WroFilter.handledWithRequestHandler(WroFilter.java:328) ~[wro4j-core-1.7.5.jar:1.7.5]
    at ro.isdc.wro.http.WroFilter.doFilter(WroFilter.java:289) ~[wro4j-core-1.7.5.jar:1.7.5]
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) [catalina.jar:7.0.42.A]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.authentication.switchuser.SwitchUserFilter.doFilter(SwitchUserFilter.java:181) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at com.kroger.commons.security.siteminder.SiteMinderAuthenticationProcessingFilter$RedirectDetectFilterChain.doFilter(SiteMinderAuthenticationProcessingFilter.java:155) [kroger-security-3.0.0.jar:na]
    at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:94) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at com.kroger.commons.security.siteminder.SiteMinderAuthenticationProcessingFilter.doFilter(SiteMinderAuthenticationProcessingFilter.java:126) [kroger-security-3.0.0.jar:na]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:94) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:85) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:108) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:108) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) [spring-security-web-3.2.1.RELEASE.jar:3.2.1.RELEASE]
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) [spring-web-4.0.2.RELEASE.jar:4.0.2.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardContextValve.__invoke(StandardContextValve.java:123) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java) [catalina.jar:7.0.42.A]
    at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:45) [tomee-catalina-1.6.0.jar:1.6.0]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardHostValve.__invoke(StandardHostValve.java:171) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java) [catalina.jar:7.0.42.A]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) [catalina.jar:7.0.42.A]
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953) [catalina.jar:7.0.42.A]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) [catalina.jar:7.0.42.A]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) [catalina.jar:7.0.42.A]
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023) [tomcat-coyote.jar:7.0.42.A]
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) [tomcat-coyote.jar:7.0.42.A]
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312) [tomcat-coyote.jar:7.0.42.A]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_51]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_51]
    at java.lang.Thread.run(Thread.java:744) [na:1.7.0_51]

Original issue reported on code.google.com by ndr...@gmail.com on 29 Apr 2014 at 3:30

GoogleCodeExporter commented 9 years ago 
I'm aware about this issue. I will probably remove disableCache option as 
alternative to fixing it, mostly because there are other mechanisms to 
invalidate outdated cached values: ex: resourceWatcherUpdatePeriod 
configuration.

Original comment by alex.obj...@gmail.com on 29 Apr 2014 at 3:34

GoogleCodeExporter commented 9 years ago 
The disableCache property was removed because of unwanted side-effects. Also, 
it can be easily replaced with one of the following:
* resourceWatcherUpdatePeriod=10
* cacheUpdatePeriod=10
* modelUpdatePeriod=10
* Create a custom cache strategy implementation which performs noop.

Original comment by alex.obj...@gmail.com on 2 Jun 2014 at 8:42