PDA

View Full Version : Exception when requesting a page with no access



codek
08-08-2007, 03:29 AM
Hi,

If I access a page e.g.

http://localhost:8080/pentaho/Home

When i've either logged out or been timed out, then this large exception appears in the server logs:

Is that normal? Seems unnecessary as the portal correctly redirects to the login page, and all seems ok...

It strikes me as something which could clutter up logs on a production system when it's not really a problem?

08:25:32,175 DEBUG [ExceptionTranslationFilter] Access is denied (user is anonym
ous); redirecting to authentication entry point
org.acegisecurity.AccessDeniedException: Access is denied
at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:
68)
at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocat
ion(AbstractSecurityInterceptor.java:276)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(Filt
erSecurityInterceptor.java:104)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(Fi
lterSecurityInterceptor.java:72)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTra
nslationFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter.doFilter(S
witchUserProcessingFilter.java:335)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at com.pentaho.security.SecurityStartupFilter.doFilter(SecurityStartupFi
lter.java:73)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFil
ter(AnonymousProcessingFilter.java:125)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(R
ememberMeProcessingFilter.java:135)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at com.pentaho.security.RequestParameterAuthenticationFilter.doFilter(Re
questParameterAuthenticationFilter.java:160)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicPr
ocessingFilter.java:178)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProces
singFilter.java:217)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:1
08)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at com.pentaho.security.HttpSessionReuseDetectionFilter.doFilter(HttpSes
sionReuseDetectionFilter.java:142)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilte
r(HttpSessionContextIntegrationFilter.java:193)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doF
ilter(SecurityContextHolderAwareRequestFilter.java:81)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(F
ilterChainProxy.java:274)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.jav
a:148)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.j
ava:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:173)
at org.pentaho.core.system.SystemStatusFilter.doFilter(SystemStatusFilte
r.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:173)
at org.pentaho.ui.servlet.SetCharacterEncodingFilter.doFilter(SetCharact
erEncodingFilter.java:112)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:432)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p
rocessConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo
int.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFol
lowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:684)
at java.lang.Thread.run(Thread.java:595)

mlowery
08-08-2007, 09:44 AM
If running within JBoss, edit server/default/conf/log4j.xml. Look for the following:



<category name="org.acegisecurity">
<priority value="DEBUG" />
</category>


Either remove this block or change the priority to INFO, WARN, or ERROR.

If you don't see such a block, then the root logger has been set to DEBUG.



<root>
<priority value="DEBUG" />
<appender-ref ref="CONSOLE"/>
<appender-ref ref="FILE"/>
</root>


If a priority has been set on the root logger, change it to something other than DEBUG.

codek
08-08-2007, 10:26 AM
Ah i see that works many thanks. I didnt realise that exceptions could be controllled by logging level.

FWIW we're running under tomcat without jboss and the file is in:

webapps\pentaho\WEB-INF\classes

and was the root section like so:

<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
<param name="Target" value="System.out"/>
<param name="Threshold" value="DEBUG"/>

I changed it to WARN.