Quantcast

NPE in nexus plugin at subject.logout()

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

NPE in nexus plugin at subject.logout()

PeterB
I am running Nexus 2.7.2 in Tomcat (6.0.37). I have a plugin that receives external events on a separate thread and performs actions on via nexus internal interfaces. To be able to perform these actions I must login to nexus. This works fine when the thread is started at startup (NexusStartEvent recieved). When I reconfigure the parameters via the GUI I need to recreate my thread and then I get a NPE next time I logout.

The problem is that I get a WebSubject at login (after reconfigure) even though I am not executing a servlet request. Can I somehow influence the sercurity manager to give me a plain Subject? Or do you see any other way out of this?

My workaround it to create an extra thread at startup which only purpose is to create the thread for receiving event. This seems overly complicated but works.


Exception in thread "Thread-52" java.lang.NullPointerException
        at org.apache.catalina.connector.Request.setAttribute(Request.java:1509)
        at org.apache.catalina.connector.RequestFacade.setAttribute(RequestFacade.java:503)
        at javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
        at javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
        at javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
        at javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
        at org.apache.shiro.web.mgt.DefaultWebSecurityManager.removeRequestIdentity(DefaultWebSecurityManager.java:249)
        at org.apache.shiro.web.mgt.DefaultWebSecurityManager.beforeLogout(DefaultWebSecurityManager.java:241)
        at org.apache.shiro.mgt.DefaultSecurityManager.logout(DefaultSecurityManager.java:545)
        at org.apache.shiro.nexus.NexusWebSecurityManager.logout(NexusWebSecurityManager.java:47)
        at org.apache.shiro.subject.support.DelegatingSubject.logout(DelegatingSubject.java:363)
        at com.my.MyEventInspector$TestThread.run(MyEventInspector.java:53)
        at java.lang.Thread.run(Thread.java:722)

A simplified example to illustrate the exception above:

@Component(role = EventInspector.class, hint = "MyEventInspector")
public class MyEventInspector implements EventInspector {
    @Requirement
    private SecuritySystem securitySystem;
   
    @Override
    public boolean accepts(final Event<?> evt) {
        return evt instanceof NexusStartedEvent || evt instanceof ConfigurationSaveEvent;
    }
   
    @Override
    public void inspect(final Event<?> evt) {
       if (evt instanceof NexusStartedEvent) {
            runWithThread(); // Works
        } else if (evt instanceof ConfigurationSaveEvent) {
            runWithThread(); // Causes NPE
        }
    }
   
    private void runWithThread(){
      Thread thread = new Thread(new TestThread(securitySystem));
      thread.start();
  }
   
    private static class TestThread
    implements Runnable {
        private final SecuritySystem securitySystem;

        public TestThread(SecuritySystem securitySystem){
            this.securitySystem = securitySystem;
        }
        @Override
        public void run() {
           
            Subject subject;
            try {
                subject = securitySystem.login(new UsernamePasswordToken("nexus", "nexus"));
                subject.logout();
            } catch (AuthenticationException e) {
            }
        }
    }
}
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: NPE in nexus plugin at subject.logout()

Jason Dillon-3
Does your plugin function in the official nexus-oss distribution?

http://www.sonatype.org/downloads/nexus-2.7.2-bundle.zip
http://www.sonatype.org/downloads/nexus-2.7.2-bundle.tar.gz

The WAR format is not officially supported and is being deprecated.

—jason

On September 4, 2014 at 3:08:50 AM, PeterB ([hidden email]) wrote:

I am running Nexus 2.7.2 in Tomcat (6.0.37). I have a plugin that receives
external events on a separate thread and performs actions on via nexus
internal interfaces. To be able to perform these actions I must login to
nexus. This works fine when the thread is started at startup
(NexusStartEvent recieved). When I reconfigure the parameters via the GUI I
need to recreate my thread and then I get a NPE next time I logout.

The problem is that I get a WebSubject at login (after reconfigure) even
though I am not executing a servlet request. Can I somehow influence the
sercurity manager to give me a plain Subject? Or do you see any other way
out of this?

My workaround it to create an extra thread at startup which only purpose is
to create the thread for receiving event. This seems overly complicated but
works.


Exception in thread "Thread-52" java.lang.NullPointerException
at
org.apache.catalina.connector.Request.setAttribute(Request.java:1509)
at
org.apache.catalina.connector.RequestFacade.setAttribute(RequestFacade.java:503)
at
javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
at
javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
at
javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
at
javax.servlet.ServletRequestWrapper.setAttribute(ServletRequestWrapper.java:284)
at
org.apache.shiro.web.mgt.DefaultWebSecurityManager.removeRequestIdentity(DefaultWebSecurityManager.java:249)
at
org.apache.shiro.web.mgt.DefaultWebSecurityManager.beforeLogout(DefaultWebSecurityManager.java:241)
at
org.apache.shiro.mgt.DefaultSecurityManager.logout(DefaultSecurityManager.java:545)
at
org.apache.shiro.nexus.NexusWebSecurityManager.logout(NexusWebSecurityManager.java:47)
at
org.apache.shiro.subject.support.DelegatingSubject.logout(DelegatingSubject.java:363)
at com.my.MyEventInspector$TestThread.run(MyEventInspector.java:53)
at java.lang.Thread.run(Thread.java:722)

A simplified example to illustrate the exception above:

@Component(role = EventInspector.class, hint = "MyEventInspector")
public class MyEventInspector implements EventInspector {
@Requirement
private SecuritySystem securitySystem;

@Override
public boolean accepts(final Event<?> evt) {
return evt instanceof NexusStartedEvent || evt instanceof
ConfigurationSaveEvent;
}

@Override
public void inspect(final Event<?> evt) {
if (evt instanceof NexusStartedEvent) {
runWithThread(); // Works
} else if (evt instanceof ConfigurationSaveEvent) {
runWithThread(); // Causes NPE
}
}

private void runWithThread(){
Thread thread = new Thread(new TestThread(securitySystem));
thread.start();
}

private static class TestThread
implements Runnable {
private final SecuritySystem securitySystem;

public TestThread(SecuritySystem securitySystem){
this.securitySystem = securitySystem;
}
@Override
public void run() {

Subject subject;
try {
subject = securitySystem.login(new
UsernamePasswordToken("nexus", "nexus"));
subject.logout();
} catch (AuthenticationException e) {
}
}
}
}



--
View this message in context: http://maven.40175.n5.nabble.com/NPE-in-nexus-plugin-at-subject-logout-tp5803785.html
Sent from the Nexus Maven Repository Manager Dev List mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: NPE in nexus plugin at subject.logout()

PeterB
Yes it behaves well using the normal (non WAR) distribution.

Bad news that WAR format is being deprecated. I think our IT department liked it for deploying Nexus.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: NPE in nexus plugin at subject.logout()

Jason Dillon-3
FTR part of the many reasons why we are not supporting the WAR and deprecating it are issues like what you have reported.

Hopefully your IT folks will enjoy the new admin features in the NX 3 distribution and that might make up for lack of a WAR ;-)

—jason



On September 4, 2014 at 10:41:24 PM, PeterB ([hidden email]) wrote:

Yes it behaves well using the normal (non WAR) distribution.

Bad news that WAR format is being deprecated. I think our IT department
liked it for deploying Nexus.





--
View this message in context: http://maven.40175.n5.nabble.com/NPE-in-nexus-plugin-at-subject-logout-tp5803785p5803867.html
Sent from the Nexus Maven Repository Manager Dev List mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...