ServletValidator, -noserver and logs

[Sami Jaber]

Hi,

I'm experiencing a few problems with the way ServletValidator works.

My webapp is very common, I have a war providing a web.xml. This web.xml contains a Forms login authentication following this approach :

<web-app>

  <security-constraint>

<web-resource-collection>

<web-resource-name>Protected Page</web-resource-name>

<url-pattern>/*</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>*</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>FORM</auth-method>

<realm-name>myRealm</realm-name>

<form-login-config>

<form-login-page>/TestSample.jsp</form-login-page>

<form-error-page>/error.jsp</form-error-page>

</form-login-config>

</login-config>

</web-app>

When I launch this webapp in hosted mode, the trace doesn't provide any clear info, it says : 

javax.servlet.UnavailableException: Configuration problem

at org.mortbay.jetty.webapp.WebXmlConfiguration.initialize(WebXmlConfiguration.java:298)

at org.mortbay.jetty.webapp.WebXmlConfiguration.configure(WebXmlConfiguration.java:222)

at com.dng.test.ServletValidator.create(ServletValidator.java:68)

at com.dng.test.ServletValidator.create(ServletValidator.java:51)

at com.dng.test.MonTest.main(MonTest.java:15)

With no way to get around (even -logLevel SPAM does not do the trick)

Anyway. I tried to find out a solution skipping jetty web.xml validation and started the dev mode with -noserver and configuring an external tomcat instance.

When I re-started the devmode, jetty is no more started but I still get the ServletValidator running (which is not what I would expect, if I bypass jetty I don't want to use its web.xml validator,specifically when Tomcat validates the same file).

So, I took ServletValidator class and suppressed the line that consume the real message (this is not a "spammy logs" :-)) :

static {

 // Suppress spammy Jetty log initialization.

 //System.setProperty("org.mortbay.log.class", JettyNullLogger.class.getName());  

}

Now the exception is pretty clear, I have a problem with my realm-name (which is normal, I use Tomcat with specific properties file):

2009-10-26 11:52:30.134::WARN:  Configuration problem at <login-config>

<auth-method>FORM</auth-method>

<realm-name>myRealm</realm-name>

<form-login-config>

<form-login-page>/TestSample.jsp</form-login-page>

<form-error-page>/error.jsp</form-error-page>

</form-login-config>

</login-config>

java.lang.NullPointerException

at org.mortbay.jetty.webapp.WebXmlConfiguration.initLoginConfig(WebXmlConfiguration.java:883)

at org.mortbay.jetty.webapp.WebXmlConfiguration.initWebXmlElement(WebXmlConfiguration.java:359)

at org.mortbay.jetty.webapp.WebXmlConfiguration.initialize(WebXmlConfiguration.java:289)

at org.mortbay.jetty.webapp.WebXmlConfiguration.configure(WebXmlConfiguration.java:222)

So, my questions are :

1) Why is it required to validate web.xml with jetty validator when we run in -noserver mode ?

2) Why JettyNullLogger is applied by default in this static non-configurable bloc ? In my case, I did not get the real error ...

Thanks for your help

Sami

[Scott Blum]

On Mon, Oct 26, 2009 at 7:21 AM, Sami Jaber <sami....@gmail.com> wrote:

So, my questions are :

1) Why is it required to validate web.xml with jetty validator when we run in -noserver mode ?

Looks like either an oversight, or else we left it in thinking it'd be net more helpful than harmful.

 

2) Why JettyNullLogger is applied by default in this static non-configurable bloc ? In my case, I did not get the real error ...

IIRC, static initialization of any Jetty classes causes spam to go to stdout if you haven't preconfigured some logging.  In this case, we'd ideally want to swap in an appropriate logger for errors before we do something that could fail, but it'd require a little experimentation, which it sounds like you may be well setup to do. ;)

Patches would be welcome for both of these.

Scott