-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ClassCastException with non-async Servlet + async Filter + HttpServletRequestWrapper #4141
Comments
Are you running with Java 11 and JPMS / Modules mode? |
@joakime no - plain unpack of http://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/ |
plain unpack of jetty-home is run-less. it has no start options configured. $ cd /path/to/my-jetty.base
$ java -jar /path/to/jetty-home/start.jar --list-config |
docker exec -ti musing_knuth java -jar /app/start.jar --list-config:
|
No red flags in that output. But you do have a yellow flag. Create a separate jetty.base directory from your jetty.home directory. I see you are using docker, you should continue to keep jetty.home and jetty.base separate. The official docker image at https:/appropriate/docker-jetty/blob/master/9.4-jre11/Dockerfile |
Do you have a demo webapp that can replicate this? |
Also, do you have a longer stacktrace for that error? |
Does it really matter with separate home&base? I'll only run a single app anyways - and it has worked for many years until 9.4.21. Unfortunately it is closed source. Full stack:
|
Do you have any jetty jars in your webapp's |
Nope:
|
So Spring Security has a That abstract class is being defined as an anonymous class within Spring Security's When the Jetty The only way I can replicate your Same jetty-home version. Going to try a few other things to attempt to replicate. |
There we go! I was able to replicate in a test case.
It triggers when all of the following is true.
It's an easy enough fix. (and now we have a testcase for it) |
Opened PR #4143 |
@davidkarlsen if you need a work around for this problem in 9.4.21, you can simple define a noop filter that applies only to your servlet and mark the filter as not-async. This will avoid the bad case in ServletHolder. |
Thanks! That was fast 😊 |
…tion-request-async Fixes #4141 - Servlet not async + async Filter + wrapped request
Fixed in Jetty 9.4.22.v20191022 |
After upgrading jetty from 9.4.20 -> 9.4.21
I am seeing:
in both cases I am running java 12 + spring security 5.1.6
The text was updated successfully, but these errors were encountered: