i have Async Web Services in Jersey, with a Spring Security, and all run into Tomcat Container.
I have this problem, when i start Tomcat all works, i can call my API and i have the response. The problem is when i'm not call nothing for example 1 hour and after i try to call one API i have this error:
(SaveContextOnUpdateOrErrorResponseWrapper.java:148) - Skip saving SecurityContext since saving on response commited is disabled
Why? is Tomcat config problem? or Spring config problem?
My Tomcat config is:
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<Connector SSLEnabled="true"
clientAuth="true" keystoreFile="/home/antonio/Documenti/keystore/server.jks"
keystorePass="secret" maxThreads="200" port="8443"
protocol="HTTP/1.1" scheme="https" secure="true"
sslProtocol="TLS"
truststoreFile="/home/antonio/Documenti/keystore/servertruststore.jks"
truststorePass="secret"/>
Example for API:
@Path("/getA")
@POST
@ManagedAsync
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public void lists(RequestData dataRequest,@Suspended final AsyncResponse response) throws JSONException {
service = (ServicesSt) ctx.getAttribute(services);
jdbcStudent = (PersonJDBCTemplate) ctx.getAttribute(dbStudent);
response.setTimeout(15, TimeUnit.SECONDS);
ListenableFuture<Result<Exam>> listsEx = service
.getTestsInterfaceAsync(dataRequest.getToken(),jdbcStudent);
Futures.addCallback(listsEx, new FutureCallback<Result<Exam>>() {
public void onSuccess(Result<Exam> tests) {
response.resume(tests);
}
My Security config is:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://ift.tt/GArMu6"
xmlns:xsi="http://ift.tt/ra1lAU" xmlns:security="http://ift.tt/1c8inpe"
xsi:schemaLocation="http://ift.tt/GArMu6 http://ift.tt/1jdM0fG
http://ift.tt/1c8inpe http://ift.tt/1epvZ6L">
<!-- To allow public access by default and to set authentication mode to
basic login/password -->
<security:global-method-security secured-annotations="enabled"/>
<security:http auto-config="true" >
<security:http-basic/>
<security:intercept-url pattern="/**" access="ROLE_DUMMY" requires-channel="https"/>
</security:http>
<!-- To delegate authorization to method calls rather than to urls -->
<!-- (Thus, we don't need to set any url-interceptor in this conf)
<security:global-method-security
pre-post-annotations="enabled" />-->
<!-- To create user/password with roles -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:user-service>
<security:user authorities="ROLE_DUMMY" name="user"
password="pass" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
Aucun commentaire:
Enregistrer un commentaire