[ovirt-devel] HTTP 500 on expired session request

Yevgeny Zaspitsky yzaspits at redhat.com
Thu Apr 24 12:20:58 UTC 2014


Below is the error I get with HTTP code 500 when I sent a request from a 
client to REST-API that was left open and the server was restarted.

Evidently the session is expired, but why do we return HTTP 500? Is this 
a server internal error?
IMHO one of 400 codes is more appropriate for that error. E.g. 401 
(Unauthorized) or 440 (Login Timeout according to 
http://en.wikipedia.org/wiki/List_of_HTTP_status_codes).

*type* Exception report

*message*

*description* _The server encountered an internal error () that 
prevented it from fulfilling this request._

*exception*

org.jboss.resteasy.spi.UnhandledException: 
java.lang.IllegalStateException: setAttribute: Session already 
invalidated 
org.jboss.resteasy.core.SynchronousDispatcher.handleException(SynchronousDispatcher.java:245) 
org.jboss.resteasy.core.SynchronousDispatcher.handleInvokerException(SynchronousDispatcher.java:190) 
org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:540) 
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:502) 
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:119) 
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208) 
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) 
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) 
javax.servlet.http.HttpServlet.service(HttpServlet.java:847) 
org.ovirt.engine.core.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:80) 


*root cause*

java.lang.IllegalStateException: setAttribute: Session already 
invalidated 
org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1289) 
org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1254) 
org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130) 
org.ovirt.engine.api.common.security.auth.SessionUtils.setEngineSessionId(SessionUtils.java:74) 
org.ovirt.engine.api.common.security.auth.Challenger.executeBasicAuthentication(Challenger.java:194) 
org.ovirt.engine.api.common.security.auth.Challenger.preProcess(Challenger.java:116) 
org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:247) 
org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:222)

  * English - detected
  * English
  * Hebrew
  * Russian

  * English
  * Hebrew
  * Russian

<javascript:void(0);>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20140424/1c0b95c9/attachment.html>


More information about the Devel mailing list