Reputation: 1051
Java Web Service HttpServletRequestWrapper Issue: IllegalStateException
I am currently developing a RESTful Webservice in Java using the Jersey library.
For security reasons, we want a custom authentication similar to Amazons Simple Storage Service. This requires, however, that I calculate an MD5 hash of the body (if there is any) to authenticate the request.
So far, I have used a custom Authenticator and Realm and plugged them into my context. Upon trying to calculate the hash I first used the request itself resulting in an IllegalStateException, since the body can only be read once.
After investigating the problem I tried to wrap the request inside a HttpServletRequestWrapper but hasn't been successful so far.
I am basically using a wrapper like the one shown here: http://forums.oracle.com/forums/thread.jspa?threadID=2156814&tstart=0
Inside my realm, where I do the authentication, I am first creating the wrapper like so:
MyRequestWrapper requestWrapper = new MyRequestWrapper(request);
then I am calculating the MD5 using the requestWrapper and finally forwarding it
request.getRequestDispatcher("/*").forward(requestWrapper, response);
The processing works fine but I get an error like this after that:
Servlet.service() for servlet Jersey REST Service threw exception
java.lang.IllegalStateException
at org.apache.catalina.connector.ResponseFacade.sendError(ResponseFacade.java:407)
at com.sun.jersey.spi.container.servlet.WebComponent$Writer.finish(WebComponent.java:285)
at com.sun.jersey.spi.container.ContainerResponse.write(ContainerResponse.java:241)
Note that there is no mentioning of the getReader or getInputStream being called before (like I got without using any wrapper at all).
Now I am sure I am doing something wrong here but I really don't know much about this and would be really glad if someone could help me out here :)
Best Regards, Lukas
Upvotes: 1
Views: 947
Answers (1)
Reputation: 1051
As stated in my comment to my question:
I was accessing getReader() from the request. Response I did not touch. However I found that the problem was forwarding the wrapper. I didn't explicitly state this in my question but I am using tomcat and tried to use the above code inside a valve. I am still interested in the question if this is also possible from a valve, since this fits better into the tomcat model. I have now moved to using a filter which is not so nice, but works
I found however that this solution is quite nice (using a filter) instead of a tomcat valve.
Upvotes: 1
Related Questions
- Java HttpServer Error: Access restriction: The type 'HttpServer' is not API
- javax.servlet.http.HttpServletResponse SC_TOO_MANY_REQUESTS
- Error "HttpServletRequest refers to the missing type String"
- HttpServletRequest cannot be resolved
- I am gettin error when I call Web Service (SSL)
- Get HttpServletRequest state in order to avoid IllegalStateException
- SOAP Request : Illegal Protocol https for HTTP URLConnection Factory
- RequestWrapper objects must extend ServletRequestWrapper or HttpServletRequestWrapper
- IllegalStateException: null in HttpServlet.service
- Java HttpsURLConnection SSLHandshakeException