[WICKET-5266] Issue with TomcatWebSocketFilter and Spring Security - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 6.9.0
Fix Version/s: 6.10.0, 7.0.0-M1
Component/s: wicket-native-websocket
Labels:
None
Environment:
Tomcat

Description

Spring Security has a way of wrapping HTTP servlet requests seems to clash with the code in org.apache.wicket.protocol.ws.tomcat7.Tomcat7WebSocketFilter. The request has to be unwrapped before being cast to RequestFacade.

Before:

		((RequestFacade) req).doUpgrade(tomcatWebSocket); // Crashes with class cast exception

Should be:

		while (req instanceof HttpServletRequestWrapper) {
			req = (HttpServletRequest) ((HttpServletRequestWrapper) req).getRequest();
		}
		((RequestFacade) req).doUpgrade(tomcatWebSocket);

This happens when configuring Spring Security in the web.xml with:

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class&gt;org.springframework.web.filter.DelegatingFilterProxy</filter-class&gt;
	</filter>
	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

Attachments

Activity

People

Assignee:: Martin Tzvetanov Grigorov

Reporter:: Christophe Levesque

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Jul/13 04:35

Updated:: 11/Jul/13 18:59

Resolved:: 11/Jul/13 12:06