Camunda Login Issue


#1

I am using Camunda v7.11.1. I have integrated the instance with our Enterprise AD. I am facing an issue which happens sporadically where users get logged in and get logged out immediately.

Checking the tomcat log, I see the error

03-Sep-2019 10:51:16.345 SEVERE [http-nio-8080-exec-8] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [Engine Api] in context with path [/camunda] threw exception
java.lang.IllegalStateException: Cannot create a session after the response has been committed

Some users after multiple tried are able to log in finally but many times it just keeps failing. Also for some users the issue does not occur at all.

There doesn’t seem to be a pattern for the failure. Any pointers on what is the issue is much appreciated!

Adding futher log contents

03-Sep-2019 10:49:55.266 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘listeners.SessionListener’
03-Sep-2019 10:49:55.267 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘async.AsyncStockContextListene
r’
03-Sep-2019 10:49:55.267 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘websocket.drawboard.DrawboardC
ontextListener’
03-Sep-2019 10:49:55.268 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Sending application start events
03-Sep-2019 10:49:55.268 INFO [main] org.apache.catalina.core.ApplicationContext.log ContextListener: contextInitialized()
03-Sep-2019 10:49:55.268 INFO [main] org.apache.catalina.core.ApplicationContext.log SessionListener: contextInitialized()
03-Sep-2019 10:49:55.268 INFO [main] org.apache.catalina.core.ApplicationContext.log ContextListener: attributeAdded(‘StockTicker’, ‘async.Stockticker@19cce6
b9’)
03-Sep-2019 10:49:55.270 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filters
03-Sep-2019 10:49:55.270 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Compression Filter’
03-Sep-2019 10:49:55.270 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Request Dumper Filter’
03-Sep-2019 10:49:55.271 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Tomcat WebSocket (JSR356) Filter’
03-Sep-2019 10:49:55.271 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Timing Filter’
03-Sep-2019 10:49:56.311 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Sending application start events
03-Sep-2019 10:49:56.312 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filters
03-Sep-2019 10:49:56.312 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Tomcat WebSocket (JSR356) Filter’
03-Sep-2019 10:49:58.539 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.engine.rest.im
pl.FetchAndLockContextListener’
03-Sep-2019 10:49:58.540 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Sending application start events
03-Sep-2019 10:49:58.544 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filters
03-Sep-2019 10:49:58.545 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘org.jboss.resteasy.plugins.server.servlet.Filter3
0Dispatcher’
03-Sep-2019 10:49:58.632 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Tomcat WebSocket (JSR356) Filter’
03-Sep-2019 10:49:58.632 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘EmptyBodyFilter’
03-Sep-2019 10:49:58.632 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘CacheControlFilter’
03-Sep-2019 10:49:59.831 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.cockpit.impl.w
eb.bootstrap.CockpitContainerBootstrap’
03-Sep-2019 10:49:59.831 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.admin.impl.web
.bootstrap.AdminContainerBootstrap’
03-Sep-2019 10:49:59.831 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.tasklist.impl.
web.bootstrap.TasklistContainerBootstrap’
03-Sep-2019 10:49:59.831 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.welcome.impl.w
eb.bootstrap.WelcomeContainerBootstrap’
03-Sep-2019 10:49:59.832 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Configuring event listener class ‘org.camunda.bpm.webapp.impl.se
curity.filter.util.HttpSessionMutexListener’
03-Sep-2019 10:49:59.832 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Sending application start events
03-Sep-2019 10:49:59.842 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filters
03-Sep-2019 10:49:59.842 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Engines Filter’
03-Sep-2019 10:49:59.842 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Tomcat WebSocket (JSR356) Filter’
03-Sep-2019 10:49:59.842 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘CsrfPreventionFilter’
03-Sep-2019 10:49:59.843 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘SecurityFilter’
03-Sep-2019 10:49:59.999 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Authentication Filter’
03-Sep-2019 10:50:00.000 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘EmptyBodyFilter’
03-Sep-2019 10:50:00.000 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘HttpHeaderSecurity’
03-Sep-2019 10:50:00.001 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘CacheControlFilter’
03-Sep-2019 10:50:00.979 FINE [main] org.apache.catalina.core.StandardContext.listenerStart Sending application start events
03-Sep-2019 10:50:00.980 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filters
03-Sep-2019 10:50:00.980 FINE [main] org.apache.catalina.core.StandardContext.filterStart Starting filter ‘Tomcat WebSocket (JSR356) Filter’
03-Sep-2019 10:51:16.345 SEVERE [http-nio-8080-exec-8] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [Engine Api] in context with path [/camunda] threw exception
java.lang.IllegalStateException: Cannot create a session after the response has been committed
at org.apache.catalina.connector.Request.doGetSession(Request.java:2983)
at org.apache.catalina.connector.Request.getSession(Request.java:2416)
at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:908)
at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:920)
at org.camunda.bpm.webapp.impl.security.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1747)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)


#2

Could someone from @camunda perhaps suggest a resolution?


#3

describe your setup:
is it a clustered setup?
your database type?

etc,


#4

Hi @Niall

It is not a clustered setup. We have a single node instance. We use MySQL v8.0.16 for the Process Engine. Also integrated with the enterprise ad/ldap for user authentication.

I noticed that if the users(who face this kick-out issue) try to log into the ‘Welcome’ app instead of the ‘Tasklist’ app, there seems to be no issues. However I’m not certain if this is also intermittent.


#5

It might be related to csrf prevention, check out the discussion here: startProcessInstanceByKey on Rest API PostMapping.

Cheers,
Stefan


#6

Hi @stefanzilske

I do not think so. We do not use a custom url. This occurs when trying to login to the Camunda Tasklist app. Also users do not seem to be facing the issue when logging into the Welcome app and then navigating to the Tasklist app.


#7

Hi @Niall,

Any pointers on what the issue might be?


#8

Are you using the LDAP plugin or the engine’s own tables?


#9

Hi @Niall,

I am using the bpm-platform.xml file to set the properties using the LdapIdentityProviderPlugin as described in the Camunda documentation


#10

Hi @Niall
Could you provide your inputs