User hijacking problem that occurs along with number format exception
問題
This will generally occur if you are using some form of custom authentication.
What happens:
1. User 'A' logged into their crucible account.
2. User 'B' logged into their crucible account on another PC.
3. when user 'A' refresh their browser (or send new HTTP request), their account changes to user 'B' or other account.
The following error always occurs in the log when this happens:
2009-03-31 10:57:43,867 ERROR [btpool0-71] org.mortbay.log sun.reflect.GeneratedMethodAccessor991-invoke - EXCEPTION
java.lang.NumberFormatException: uC
at org.mortbay.util.TypeUtil.parseInt(TypeUtil.java:345)
at org.mortbay.util.URIUtil.decodePath(URIUtil.java:197)
at org.mortbay.jetty.Request.getCookies(Request.java:416)
at org.mortbay.jetty.servlet.SessionHandler.setRequestedId(SessionHandler.java:225)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:135)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:206)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
原因
The NumberFormatException is an error with Jetty's cookie processing and is a symptom of this issue. FE-1369 has been raised on the Atlassian bug tracking system to upgrade the version of jetty bundled with Fisheye.
ソリューション
Upgrade to a later Fisheye version to take advantage of the fixes of FE-1369.
最終更新日 2018 年 7 月 31 日
Powered by Confluence and Scroll Viewport.