Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
6.9.0
-
None
-
Tomcat
Description
Spring Security has a way of wrapping HTTP servlet requests seems to clash with the code in org.apache.wicket.protocol.ws.tomcat7.Tomcat7WebSocketFilter. The request has to be unwrapped before being cast to RequestFacade.
Before:
((RequestFacade) req).doUpgrade(tomcatWebSocket); // Crashes with class cast exception
Should be:
while (req instanceof HttpServletRequestWrapper) { req = (HttpServletRequest) ((HttpServletRequestWrapper) req).getRequest(); } ((RequestFacade) req).doUpgrade(tomcatWebSocket);
This happens when configuring Spring Security in the web.xml with:
<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>