svn commit: r1132749 - /ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Author: jleroux
Date: Mon Jun  6 20:26:35 2011
New Revision: 1132749

URL: http://svn.apache.org/viewvc?rev=1132749&view=rev
Log:
Closes "Login out on a cluster handled by DeltaManager causes a NPE" https://issues.apache.org/jira/browse/OFBIZ-4289

It works locally but not on clusters. You simply get a NPE.

Problem
    When we logout we cross an issue due to Tomcat sessions persistence.
    Because we set distributable to true, to allow sessions failover,
    and use and DeltaManager for replication.
    Delegator and other main Classes (notably Dispatcher) are not serialized in OFBiz. This is the origin of the problem

Tried solutions
By default DeltaManager save active sessions on disk. It uses a private String variable pathname for that (default to "SESSIONS.ser"). You can set it to null, to avoid session persistence, using a context.xml file in the WEB-INF folder with content like below. But I tried it in webtools app on staging qs001 (only) and it did not work (with distributable set to false). And we have no other means to set it from OFBiz (OOTB).

<Context>
     <Manager className="org.apache.catalina.session.DeltatManager" pathname="">
     </Manager>
</Context>


Modified:
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=1132749&r1=1132748&r2=1132749&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Mon Jun  6 20:26:35 2011
@@ -39,6 +39,8 @@ import javolution.util.FastList;
 import javolution.util.FastMap;
 
 import org.ofbiz.base.component.ComponentConfig;
+import org.ofbiz.base.container.ContainerConfig;
+import org.ofbiz.base.container.ContainerException;
 import org.ofbiz.base.util.Debug;
 import org.ofbiz.base.util.GeneralException;
 import org.ofbiz.base.util.KeyStoreUtil;
@@ -435,7 +437,7 @@ public class LoginWorker {
         if (ModelService.RESPOND_SUCCESS.equals(result.get(ModelService.RESPONSE_MESSAGE))) {
             if (setupNewDelegatorEtc) {
                 // now set the delegator and dispatcher in a bunch of places just in case they were changed
-                setWebContextObjects(request, response, delegator, dispatcher);
+                setWebContextObjects(request, response, delegator, dispatcher, true);
             }
             
             // check to see if a password change is required for the user
@@ -466,33 +468,46 @@ public class LoginWorker {
         }
     }
     
-    private static void setWebContextObjects(HttpServletRequest request, HttpServletResponse response, Delegator delegator, LocalDispatcher dispatcher) {
+    /*         persistSerialized is set at false in the context of a cluster when using (at least) DeltaManager.
+            Because we have no easy ways to set DeltaManager.pathname to null from OFBiz
+           So persistSerialized is set to true when login out. This prevent a NPE due to non serialized objects put in session*/
+    private static void setWebContextObjects(HttpServletRequest request, HttpServletResponse response, Delegator delegator, LocalDispatcher dispatcher, Boolean persistSerialized) {
         HttpSession session = request.getSession();
         
         // NOTE: we do NOT want to set this in the servletContet, only in the request and session
         session.setAttribute("delegatorName", delegator.getDelegatorName());
         
         request.setAttribute("delegator", delegator);
-        session.setAttribute("delegator", delegator);
+        if (!persistSerialized) {
+            session.setAttribute("delegator", null);
+        } else {
+            session.setAttribute("delegator", delegator);
+        }
         
         request.setAttribute("dispatcher", dispatcher);
-        session.setAttribute("dispatcher", dispatcher);
-        
-        // we also need to setup the security and authz objects since they are dependent on the delegator
-        try {
-            Security security = SecurityFactory.getInstance(delegator);
-            request.setAttribute("security", security);
-            session.setAttribute("security", security);
-        } catch (SecurityConfigurationException e) {
-            Debug.logError(e, module);
+        if (!persistSerialized) {
+            session.setAttribute("dispatcher", null);
+        } else {
+            session.setAttribute("dispatcher", dispatcher);
         }
         
-        try {
-            Authorization authz = AuthorizationFactory.getInstance(delegator);
-            request.setAttribute("authz", authz);
-            session.setAttribute("authz", authz);
-        } catch (SecurityConfigurationException e) {
-            Debug.logError(e, module);
+        if (persistSerialized) {
+            // we also need to setup the security and authz objects since they are dependent on the delegator
+            try {
+                Security security = SecurityFactory.getInstance(delegator);
+                request.setAttribute("security", security);
+                session.setAttribute("security", security);
+            } catch (SecurityConfigurationException e) {
+                Debug.logError(e, module);
+            }
+            
+            try {
+                Authorization authz = AuthorizationFactory.getInstance(delegator);
+                request.setAttribute("authz", authz);
+                session.setAttribute("authz", authz);
+            } catch (SecurityConfigurationException e) {
+                Debug.logError(e, module);
+            }
         }
         
         // get rid of the visit info since it was pointing to the previous database, and get a new one
@@ -628,7 +643,22 @@ public class LoginWorker {
 
             delegator = DelegatorFactory.getDelegator(delegatorName);
             LocalDispatcher dispatcher = ContextFilter.makeWebappDispatcher(session.getServletContext(), delegator);
-            setWebContextObjects(request, response, delegator, dispatcher);
+            // get the container configuration          
+            String ofbizHome = System.getProperty("ofbiz.home");
+            String configFile = ofbizHome + "/framework/base/config/ofbiz-containers.xml";
+            ContainerConfig.Container cc = null;
+            String mgrClassName = null;
+            try {
+                cc = ContainerConfig.getContainer("catalina-container", configFile);
+                mgrClassName = ContainerConfig.getPropertyValue(cc, "manager-class", "org.apache.catalina.ha.session.DeltaManager");
+            } catch (ContainerException e) {
+                Debug.logError(e, "No catalina-container configuration found in container config!");
+            }
+            if ("org.apache.catalina.ha.session.DeltaManager".equals(mgrClassName)) {
+                setWebContextObjects(request, response, delegator, dispatcher, false);
+            } else {
+                setWebContextObjects(request, response, delegator, dispatcher, true);
+            }
         }
         
         // DON'T save the cart, causes too many problems: if (shoppingCart != null) session.setAttribute("shoppingCart", new WebShoppingCart(shoppingCart, session));
@@ -942,7 +972,7 @@ public class LoginWorker {
             if (!oldDelegatorName.equals(userLogin.getDelegator().getDelegatorName())) {
                 delegator = DelegatorFactory.getDelegator(userLogin.getDelegator().getDelegatorName());
                 dispatcher = ContextFilter.makeWebappDispatcher(servletContext, delegator);
-                setWebContextObjects(request, response, delegator, dispatcher);
+                setWebContextObjects(request, response, delegator, dispatcher, true);
             }
             // found userLogin, do the external login...