help to understand ERROR in JSP/apache

831269

Hello,
I have to fix a problem in an application written using Apache(TomCaT), Java/JSP and MySQL, deloped to act like a calendar in the intranet web (I didnt develope it so here is the main problem).
I didnt develope it and I am new about this framework so I really need some help..I cant understand the errore where it comes from..

There is a index.jsp where the authentication proccess start.
I cant understand the last step where is written:
response.sendRedirect("Authenticate.cawa")
I know that is used to redirect to the page "Authenticate.cawa" but the thing is that I cant find in the web server apache any file named "Authenticate.cawa". Is this part of a library java imported maybe ?

anyway the error message that it appears in the browser is:

"2011-01-13 14:07:33 StandardWrapperValve[Authenticate]: Servlet.service() for servlet Authenticate threw exception
java.lang.NullPointerException"

You can see the full jpg in attachment.

It seems an authentication problem but I cant figure out where it comes from....
The application stopped to work when a worker undeployed the application from the tomcat manager. We did the deploy again but it didnt work. Now we keep getting that message.

The company changed the servers used as firewall, echange, DNS moving from Windows Server 2003 to Windows Server 2008.

the full code of the first page parsed by the browser and used to authenticate is:

<%@ page contentType="text/html; charset=iso-8859-1" language="java" %>
<%@ page import="sun.misc.BASE64Encoder" %>
<%@ page import="java.io.*" %>
<%@ page import="org.apache.log4j.Logger" %>

<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", -1); //prevents caching at the proxy server
%>

<%@ include file="/common/dbserver.jsp" %>

<%
Logger log = Logger.getLogger("index");
%>

<%
String s = "";
String s1 = "";
String auth = request.getHeader("Authorization");

if (auth == null) {
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
response.sendRedirect("prova.it");
return;
}

if (auth.startsWith("NTLM ")) {
byte[] msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;

if (msg[8] == 1) {
off = 18;

byte z = 0;
byte[] msg1 =
{(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S',
(byte)'S', (byte)'P', z,
(byte)2, z, z, z, z, z, z, z,
(byte)40, z, z, z, (byte)1, (byte)130, z, z,
z, (byte)2, (byte)2, (byte)2, z, z, z, z, //
z, z, z, z, z, z, z, z};
//
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim());
return;
} else if (msg[8] == 3) {
off = 30;
length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
s = new String(msg, offset, length);
//out.println(s + " ");
} else return;

length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
s = new String(msg, offset, length);
//out.println(s + " ");
length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
s = new String(msg, offset, length);
for (int i=0; i<s.length(); i++) {
int pippo = (int)s.charAt(i);
if (pippo > 0) s1 = s1 + s.charAt(i);
}
}
log.info("-->" + s1);
session.setAttribute("utente", s1);
response.sendRedirect("Authenticate.cawa");
%>

Opal

Maybe this "Authenticate.cawa" is an apache web server redirect entry or sth else? If it hasn't been found among app files I would search in such location.

jschellSomeoneStoleMyAlias

servlets run on the server.

There will be a log file on the server which should give a stack trace.

The application stopped to work when a worker undeployed the application from the tomcat manager.
The company changed the servers used as firewall, echange, DNS moving from Windows Server 2003 to Windows Server 2008.

Bad idea.

You change one thing at a time. Only one thing.