0 Replies Latest reply on Jan 10, 2011 3:27 PM by 829938

    WebLogic 9.2.1 Session problems

    829938
      Hi We are on weblogic 9.2.1

      Our problem is that we have 2 ear files deployed, one of them with session persistence to Oracle DB.
      When we redirect from the one (with session persistence on) to the other one, we get the following error:


      ####<Jan 10, 2011 15:22:30.0262 CET> <Error> <HTTP Session> <sktpens01por01> <SktEnsPorServer1> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1294669350262> <BEA-100060> <An unexpected error occurred while retriev
      ing the session for Web application: weblogic.servlet.internal.WebAppServletContext@306809fc - appName: 'security-front-application-ear-1.5', name: '/front/security/application', context-path: '/front/security/application'.
      java.lang.ClassCastException: cannot assign instance of dk.skat.ip.logging.vo.TellsForLoggerVo to field Forretningsmodel.typer.Dato.tellsForLoggerVo of type dk.skat.ip.logging.vo.TellsForLoggerVo in instance of Forretningsmodel.typer.Dato
      at java.io.ObjectStreamClass$FieldReflector.setObjFieldValues(ObjectStreamClass.java:2004)
      at java.io.ObjectStreamClass.setObjFieldValues(ObjectStreamClass.java:1184)
      at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1916)
      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1834)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1719)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1305)
      at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1910)
      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1834)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1719)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1305)
      at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1910)
      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1834)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1719)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1305)
      at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1910)
      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1834)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1719)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1305)
      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:348)
      at java.util.Hashtable.readObject(Hashtable.java:844)
      at sun.reflect.GeneratedMethodAccessor600.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:946)
      at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1812)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1719)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1305)
      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:348)
      at weblogic.servlet.internal.session.JDBCSessionData.deSerializeAttributes(JDBCSessionData.java:549)
      at weblogic.servlet.internal.session.JDBCSessionData.dbRefresh(JDBCSessionData.java:355)
      at weblogic.servlet.internal.session.JDBCSessionData.getFromDB(JDBCSessionData.java:96)
      at weblogic.servlet.internal.session.JDBCSessionContext.getSessionInternal(JDBCSessionContext.java:175)
      at weblogic.servlet.internal.session.SessionData.reuseSessionId(SessionData.java:186)
      at weblogic.servlet.internal.session.SessionData.<init>(SessionData.java:118)
      at weblogic.servlet.internal.session.MemorySessionData.<init>(MemorySessionData.java:9)
      at weblogic.servlet.internal.session.MemorySessionContext.getNewSession(MemorySessionContext.java:28)
      at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.getNewSession(ServletRequestImpl.java:2523)
      at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.getSessionInternal(ServletRequestImpl.java:2108)
      at weblogic.servlet.internal.ServletRequestImpl$SessionHelper.getSession(ServletRequestImpl.java:2072)
      at weblogic.servlet.internal.ServletRequestImpl.getSession(ServletRequestImpl.java:1204)
      at weblogic.servlet.security.internal.SecurityModule$SessionRetrievalAction.run(SecurityModule.java:554)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
      at weblogic.servlet.security.internal.SecurityModule.getUserSession(SecurityModule.java:445)
      at weblogic.servlet.security.internal.SecurityModule.login(SecurityModule.java:288)
      at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:93)
      at weblogic.servlet.security.internal.SecurityModule.checkAccess(SecurityModule.java:107)
      at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1939) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1909)
      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1359)
      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
      >
      ####<Jan 10, 2011 15:22:30.0269 CET> <Error> <HTTP> <sktpens01por01> <SktEnsPorServer1> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1294669350269> <BEA-101020> <[weblogic.servlet.internal.WebAppServletContext@30
      6809fc - appName: 'security-front-application-ear-1.5', name: '/front/security/application', context-path: '/front/security/application'] Servlet failed with Exception
      java.lang.IllegalStateException: Failed to retrieve session: cannot assign instance of dk.skat.ip.logging.vo.TellsForLoggerVo to field Forretningsmodel.typer.Dato.tellsForLoggerVo of type dk.skat.ip.logging.vo.TellsForLoggerVo in instance of Forretningsmodel.typer.Dato
      at weblogic.servlet.security.internal.SecurityModule.getUserSession(SecurityModule.java:449)
      at weblogic.servlet.security.internal.SecurityModule.login(SecurityModule.java:288)
      at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:92)
      at weblogic.servlet.security.internal.SecurityModule.checkAccess(SecurityModule.java:107)
      at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1939) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1909)
      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1359) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)>


      It seems that the other application 'security-front-application-ear-1.5' is trying to recreate the session from the first one, and fails! It shouldn't as sessions should not be able to be carried over between applications (J2EE limitation).
      The class Forretningsmodel.typer.Dato is not on the classpath of the second application nor should it be. dk.skat.ip.logging.vo.TellsForLoggerVo is though on the classpath of both.
      Both applications logs the user in using the WebLogic Security Framework (the log in to the other application is performed using token based authentication).

      Any help is wanted!

      Thanks,

      Nikolaj Brinch Jørgensen

      Edited by: user8901937 on 2011-01-10 07:27