Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

NPE: Cannot invoke "org.eclipse.jetty.server.Request.getAttribute(String)" because the return value of "org.eclipse.jetty.ee10.servlet.ServletApiRequest.getRequest()" is null #12518

Closed
cliviu opened this issue Nov 12, 2024 · 7 comments
Closed

NPE: Cannot invoke "org.eclipse.jetty.server.Request.getAttribute(String)" because the return value of "org.eclipse.jetty.ee10.servlet.ServletApiRequest.getRequest()" is null #12518

cliviu opened this issue Nov 12, 2024 · 7 comments
Labels
Question

Comments

@cliviu
Copy link

cliviu commented Nov 12, 2024
edited by lorban
Loading

Jetty Version:12.0.15

Jetty Environment: ee10

Java Version: OpenJDK Runtime Environment Temurin-17.0.13+11 (build 17.0.13+11)

Question

I am trying to integrate pac4j with Jetty 12. With Jetty 11 was working.

Now I get this nasty exception:

java.lang.NullPointerException: Cannot invoke "org.eclipse.jetty.server.Request.getAttribute(String)" because the return value of "org.eclipse.jetty.ee10.servlet.ServletApiRequest.getRequest()" is null
	at org.eclipse.jetty.ee10.servlet.ServletApiRequest.getAttribute(ServletApiRequest.java:837) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at jakarta.servlet.ServletRequestWrapper.getAttribute(ServletRequestWrapper.java:85) ~[jakarta.servlet-api-6.1.0.jar:6.1.0]
	at org.pac4j.jee.context.JEEContext.getRequestAttribute(JEEContext.java:55) ~[pac4j-jakartaee-6.0.2.jar:?]
	at org.pac4j.core.profile.ProfileManager.retrieveAll(ProfileManager.java:95) ~[pac4j-core-6.1.0.jar:6.1.0]
	at org.pac4j.core.profile.ProfileManager.getProfiles(ProfileManager.java:83) ~[pac4j-core-6.1.0.jar:6.1.0]
	at org.pac4j.core.profile.ProfileManager.isAuthenticated(ProfileManager.java:225) ~[pac4j-core-6.1.0.jar:6.1.0]
	.....
	at com.vaadin.flow.component.ComponentEventBus.fireEventForListener(ComponentEventBus.java:239) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.component.ComponentEventBus.handleDomEvent(ComponentEventBus.java:488) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.component.ComponentEventBus.lambda$addDomTrigger$dd1b7957$1(ComponentEventBus.java:298) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.internal.nodefeature.ElementListenerMap.lambda$fireEvent$2(ElementListenerMap.java:473) ~[flow-server-24.4.7.jar:24.4.7]
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596) ~[?:?]
	at com.vaadin.flow.internal.nodefeature.ElementListenerMap.fireEvent(ElementListenerMap.java:473) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.rpc.EventRpcHandler.handleNode(EventRpcHandler.java:62) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.rpc.AbstractRpcInvocationHandler.handle(AbstractRpcInvocationHandler.java:73) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.ServerRpcHandler.handleInvocationData(ServerRpcHandler.java:475) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.ServerRpcHandler.lambda$handleInvocations$5(ServerRpcHandler.java:456) ~[flow-server-24.4.7.jar:24.4.7]
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596) ~[?:?]
	at com.vaadin.flow.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:456) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:324) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:114) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:40) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1584) ~[flow-server-24.4.7.jar:24.4.7]
	at com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:398) ~[flow-server-24.4.7.jar:24.4.7]
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:723) ~[jakarta.servlet-api-6.1.0.jar:6.1.0]
	at org.eclipse.jetty.ee10.servlet.ServletHolder.handle(ServletHolder.java:736) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1614) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.websocket.servlet.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:195) ~[jetty-ee10-websocket-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletHandler$MappedServlet.handle(ServletHandler.java:1547) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletChannel.dispatch(ServletChannel.java:819) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletChannel.handle(ServletChannel.java:436) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.ServletHandler.handle(ServletHandler.java:464) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:575) ~[jetty-security-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.ee10.servlet.SessionHandler.handle(SessionHandler.java:717) ~[jetty-ee10-servlet-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHandler.java:1060) ~[jetty-server-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.server.Handler$Sequence.handle(Handler.java:805) ~[jetty-server-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.server.Server.handle(Server.java:182) ~[jetty-server-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker.run(HttpChannelState.java:662) ~[jetty-server-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpConnection.java:418) ~[jetty-server-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:322) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.ssl.SslConnection$SslEndPoint.onFillable(SslConnection.java:575) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:390) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:150) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[jetty-io-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:478) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:441) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:293) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:201) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:311) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:979) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1209) ~[jetty-util-12.0.15.jar:12.0.15]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1164) ~[jetty-util-12.0.15.jar:12.0.15]
	at java.base/java.lang.Thread.run(Thread.java:1583) [?:?]

Any clue about what I'm doing wrong?

Thanks!
@cliviu
Copy link
Author

cliviu commented Nov 12, 2024

Update: the problem came in with jetty 12.0.8. The last known version where the NPE does not appear is 12.0.7.
Does this ring maybe any bells?

@joakime
Copy link
Contributor

joakime commented Nov 12, 2024

That error message indicates that org.pac4j.jee.context.JEEContext.getRequestAttribute(JEEContext.java:55) attempted to access a Request Attribute for a HttpServletRequest object that has already been completed and been recycled.

@cliviu
Copy link
Author

cliviu commented Nov 12, 2024
edited
Loading

I have found that the change came in with this PR : #11518

48e4b80

@cliviu
Copy link
Author

cliviu commented Nov 12, 2024
edited
Loading

That error message indicates that org.pac4j.jee.context.JEEContext.getRequestAttribute(JEEContext.java:55) attempted to access a Request Attribute for a HttpServletRequest object that has already been completed and been recycled.

Oh, great. Do you have any hints for me? What can I do to get rid of the NPE? Besides sticking with 12.0.7?

@joakime
Copy link
Contributor

joakime commented Nov 12, 2024

@cliviu prior to release 12.0.8, there was a bug in AsyncContext events where the request object wasn't provided properly.
That's why you didn't see this issue before 12.0.8, there was nothing to access.

With 12.0.8 onwords, the behavior is correct to the Servlet spec.
The fix is for pac4j to not use HttpServletRequest or HttpServletResponse objects past the lifecycle of those objects.

@leleuj
Copy link

leleuj commented Nov 13, 2024

I can add a simple try/catch in this pac4j method to prevent the problem.

In that case, no request attribute should be retrieved, right?

See: pac4j/pac4j@d205795

The fix can be tested with pac4j v6.1.1-SNAPSHOT.

Maybe other methods require the same "protection".

@cliviu
Copy link
Author

cliviu commented Nov 13, 2024

I can add a simple try/catch in this pac4j method to prevent the problem.

In that case, no request attribute should be retrieved, right?

See: pac4j/pac4j@d205795

The fix can be tested with pac4j v6.1.1-SNAPSHOT.

Maybe other methods require the same "protection".

I'm not sure though if it will not hide using obsolete HttpServletRequest objects. Maybe it will be cleaner to take the fix back.
In my case was some wrong HttpServletRequest coming from my Vaadin request listeners used for initializing the org.pac4j.jee.context.JEEContext.

Thanks @leleuj and @joakime for help!

@cliviu cliviu closed this as completed Nov 13, 2024
@oskar-szwajkowski oskar-szwajkowski mentioned this issue Nov 28, 2024
Closed
3 tasks
@iamsanjay iamsanjay mentioned this issue Jan 17, 2025
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
Question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joakime @leleuj @cliviu