[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] Error with shibboleth-idp and jetty
|
----- Original Message -----
> From: "Joakim Erdfelt" <joakim@xxxxxxxxxxx>
> To: "JETTY user mailing list" <jetty-users@xxxxxxxxxxx>
> Sent: Tuesday, May 23, 2017 4:20:58 AM
> Subject: Re: [jetty-users] Error with shibboleth-idp and jetty
>
> This is the source of your Apache Jasper warning ...
>
> 2017-04-20 05:50:06.059:WARN:oaj. EmbeddedServletOptions: qtp987405879-11:
> The scratchDir you specified: /tmp/jetty-0.0.0.0-443-idp. war-_idp-any-
> 6580006879402156844.dir/jsp is unusable.
>
> https://github.com/apache/tomcat85/blob/trunk/java/org/apache/jasper/EmbeddedServletOptions.java#L688-L691
>
> Your /tmp/jetty-0.0.0.0-443-idp. war-_idp-any- 6580006879402156844.dir/jsp
> path fails one of the following checks ....
>
>
> * must exist
> * is a directory
> * jetty user should be able to read from that directory
> * jetty user should be able to write to that directory
> Does this happen immediately? or after some time?
>
> If it happens after some time, then you likely have a process on your unix
> server that is periodically cleaning up the /tmp/ directory (which broke
> jetty).
>
Thank you for your reply.
The error happened after some days. Initially things were working fine.
After seeing this error, shibboleth-idp was restarted which in turn restarted the jetty server as well, the server comes up fine as can be seen in the logs below:
2017-04-21 09:29:14.347:INFO:oejs.Server:main: jetty-9.4.0.M0
2017-04-21 09:29:14.347:WARN:oejs.Server:main: THIS IS NOT A STABLE RELEASE! DO NOT USE IN PRODUCTION!
2017-04-21 09:29:14.347:WARN:oejs.Server:main: Download a stable release from http://download.eclipse.org/jetty/
2017-04-21 09:29:14.396:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///opt/shibboleth-idp/jetty-base/webapps/] at interval 1
2017-04-21 09:29:14.641:INFO:root:main: Warning: No org.apache.tomcat.JarScanner set in ServletContext. Falling back to default JarScanner implementation.
2017-04-21 09:29:14.837:INFO:oajs.TldScanner:main: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
2017-04-21 09:29:14.856:WARN:oejs.session:main: No workerName configured for DefaultSessionIdManager, using node0
2017-04-21 09:29:14.856:WARN:oejs.session:main: No SessionScavenger set, using defaults
2017-04-21 09:29:14.900:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@5383967b{/,file:///opt/shibboleth-idp/jetty-base/webapps/root/,AVAILABLE}{/root}
2017-04-21 09:29:22.723:INFO:/idp:main: No Spring WebApplicationInitializer types detected on classpath
2017-04-21 09:29:22.734:INFO:/idp:main: Warning: No org.apache.tomcat.JarScanner set in ServletContext. Falling back to default JarScanner implementation.
2017-04-21 09:29:22.974:INFO:oajs.TldScanner:main: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
2017-04-21 09:29:23.026:WARN:oejs.SecurityHandler:main: ServletContext@o.e.j.w.WebAppContext@5db45159{/idp,[file:///tmp/jetty-0.0.0.0-443-idp.war-_idp-any-4503664939735826572.dir/webinf/, jar:file:///opt/shibboleth-idp/war/idp.war!/],STARTING}{/opt/shibboleth-idp/war/idp.war} has uncovered http methods for path: /*
2017-04-21 09:29:23.291:INFO:/idp:main: Initializing Spring root WebApplicationContext
2017-04-21 09:29:31.291:INFO:/idp:main: Initializing Spring FrameworkServlet 'idp'
2017-04-21 09:29:32.483:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@5db45159{/idp,[file:///tmp/jetty-0.0.0.0-443-idp.war-_idp-any-4503664939735826572.dir/webinf/, jar:file:///opt/shibboleth-idp/war/idp.war!/],AVAILABLE}{/opt/shibboleth-idp/war/idp.war}
2017-04-21 09:29:32.495:INFO:oejs.AbstractNCSARequestLog:main: Opened /opt/shibboleth-idp/jetty-base/logs/2017_04_21.request.log
2017-04-21 09:29:32.549:INFO:oejus.SslContextFactory:main: x509=X509@214b342f(creek,h=[creek.eng.arb.redhat.com],w=[]) for SslContextFactory@5db0003d(file:///opt/shibboleth-idp/credentials/idp-backchannel.p12,null)
2017-04-21 09:29:32.572:INFO:oejs.AbstractConnector:main: Started ServerConnector@1c0c9c99{SSL,[ssl, http/1.1]}{0.0.0.0:443}
2017-04-21 09:29:32.573:INFO:oejs.Server:main: Started @19519ms
But again, as soon as I issue a request, I start getting the following errors:
java.lang.IllegalStateException: Not valid for write: id=node0wcbt9cl1f24p11zowsnp88kb0 not resident
at org.eclipse.jetty.server.session.Session.checkValidForWrite(Session.java:587)
at org.eclipse.jetty.server.session.Session.setAttribute(Session.java:722)
at org.eclipse.jetty.server.session.SessionHandler.newHttpSession(SessionHandler.java:796)
at org.eclipse.jetty.server.Request.getSession(Request.java:1520)
at org.eclipse.jetty.server.Request.getSession(Request.java:1493)
at net.shibboleth.idp.log.SLF4JMDCServletFilter.doFilter(SLF4JMDCServletFilter.java:66)
Is it still a problem with the /tmp directory getting wiped off?
Thanks,
Pritha
>
> Joakim Erdfelt / joakim@xxxxxxxxxxx
>
> On Fri, May 19, 2017 at 3:26 AM, Pritha Srivastava < prsrivas@xxxxxxxxxx >
> wrote:
>
>
> Hi,
>
> We have a setup that has a shibboleth-idp with a jetty server. Any requests
> to the shibboleth-idp is returning an error. I issued the following command:
>
> curl -kvL https://<hostname>/idp and instead of seeing the expected result, I
> see errors like:
>
> <html>
>
> http-equiv="Content-Type" content="text/html;charset=utf-8"/>
> Error 500 Server Error
>
> HTTP ERROR 500
> Problem accessing /idp/. Reason:
> <pre> Server Errorpre>Caused
> by:<pre>java.lang.IllegalStateException: Not valid for write:
> id=node0xzkusdg1igdt4hol48y607u66 not resident
> at
> org.eclipse.jetty.server.session.Session.checkValidForWrite(Session.java:587)
> at
> org.eclipse.jetty.server.session.Session.setAttribute(Session.java:722)
>
>
> Looking at some older logs, I could see an error, after which similar errors
> started appearing:
>
> 2017-04-20 05:50:06.059:WARN:oaj.EmbeddedServletOptions:qtp987405879-11:
> The scratchDir you specified:
> /tmp/jetty-0.0.0.0-443-idp.war-_idp-any-6580006879402156844.dir/jsp is
> unusable.
> 2017-04-20 05:50:09.289:WARN:/idp:qtp987405879-11: unavailable
> java.lang.ClassNotFoundException:
> org.apache.jsp.WEB_002dINF.jsp.metadata_jsp
> at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
> at org.apache.jasper.servlet.JasperLoader.loadClass(JasperLoader.java:131)
> at org.apache.jasper.servlet.JasperLoader.loadClass(JasperLoader.java:62)
>
>
> I have checked permissions for the scratch directory, and they seem to be
> fine. I have also restarted shibboleth-idp several times, but that doesn't
> seem to solve the problem.
> Everytime I issue a request to the idp, I get back the same error as above
>
> Does anyone have any idea as to what has gone wrong and what can be done to
> solve this issue? (Maybe, rebuild the WAR file?)
>
> Thanks in advance,
> Pritha
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users