0

Javascript error

asked 2018-02-14 01:37:58 +0800

sousa1981 gravatar image sousa1981
573 4

In some browsers, we are having this error constantly. Can anyone give a clue why?

We are using latest ZK Version.

The server failed to process your request. Try again? (467: 467)

delete flag offensive retag edit

3 Answers

Sort by ยป oldest newest most voted
0

answered 2018-02-14 01:51:48 +0800

sousa1981 gravatar image sousa1981
573 4

Looks like the issue is similar http://forum.zkoss.org/question/9851/zk-and-mod_jk/

link publish delete flag offensive edit
0

answered 2018-02-14 19:12:31 +0800

cor3000 gravatar image cor3000
3690 1 7
ZK Team

error 467 usually happens when an ajax request arrives at server side without providing the required POST data such as desktop ID.

https://github.com/zkoss/zk/blob/80bab4002def60d3f3f97ca3bcb2c746c9fe4dbb/zk/src/org/zkoss/zk/au/http/DHtmlUpdateServlet.java#L535-L542

This sometimes happens if redirects don't include the request body. Or if incorrect requests are sent to the ajax servlet (/zkau), please check your network traffic for unexpected redirects or truncated requests.

A useful tool for capturing the network activity is e.g. Fiddler

If you can provide some information about which request/redirect sequence causes this error we might be able to help.

link publish delete flag offensive edit
0

answered 2018-02-16 17:27:30 +0800

sousa1981 gravatar image sousa1981
573 4

I was thinking that it is related to http://forum.zkoss.org/question/9851/zk-and-modjk/ but even when we removed modjk it is still under problem.

We are sure now that it has direct relation with the following code, which does NTLM Authentication and only in IE.

Is there any clue/tip for it? We are going to make small project so we can share it here.

    <filter>
        <filter-name>ntlmv2-auth</filter-name>
        <filter-class>filter.NtlmFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>ntlmv2-auth</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;

    LOG.info("Page|" + request.getRequestURL() + "|");

    // Type 1 NTLM requests from browser can (and should) always immediately
    // be replied to with an Type 2 NTLM response, no matter whether we're
    // yet logging in or whether it is much later in the session.

    HttpSession session = request.getSession();

    String authorization = request.getHeader("Authorization");

    NtlmUserAccount ntlmUserAccount = (NtlmUserAccount) session.getAttribute(NTLM_USER_ACCOUNT);

    if ((ntlmUserAccount == null || StringUtils.isBlank(ntlmUserAccount.getUserName())) && authorization != null && authorization.startsWith("NTLM")) {
        Cache cache = singletonManager.getCache(CACHE_NAME);
        byte[] src = Base64.decode(authorization.substring(5));

        if (src[8] == 1) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Create server challenge...");
            }

            byte[] serverChallenge = new byte[8];

            BigEndianCodec.putLong(serverChallenge, 0, SecureRandomUtil.nextLong());

            byte[] challengeMessage = ntlmManager.negotiate(src, serverChallenge);

            authorization = Base64.encode(challengeMessage);

            response.setContentLength(0);
            response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM " + authorization);
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            response.flushBuffer();

            synchronized (cache) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Cache server challenge for: " + request.getRemoteAddr());
                }
                Element element = new Element(request.getRemoteAddr(), serverChallenge);
                cache.put(element);
            }

            // Interrupt filter chain, send response. Browser will
            // immediately post a new request.

            return;
        }

        byte[] serverChallenge = null;
        synchronized (cache) {
            Element challengeHolder;
            try {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Get cached server challenge for: " + request.getRemoteAddr());
                }

                challengeHolder = cache.get(request.getRemoteAddr());
                serverChallenge = (byte[]) challengeHolder.getValue();
            } catch (CacheException e) {
                // Something went wrong - just log it and start again
                if (LOG.isWarnEnabled()) {
                    LOG.warn("No challenge found in cache for client: " + request.getRemoteAddr());
                }
            }
        }

        if (serverChallenge == null) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Start NTLM login...");
            }

            sendWwwAuthenticateResponse(response);

            return;
        }

        try {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Try authenticating user now...");
            }

            ntlmUserAccount = ntlmManager.authenticate(src, serverChallenge);

            if (LOG.isDebugEnabled()) {
                LOG.debug("Authentication was successful. Creating session.");
            }

            session.setAttribute(NTLM_USER_ACCOUNT, ntlmUserAccount);
        } catch (Exception e) {
            LOG.error("NTLM authentication failed: " + e, e);
        } finally {
            synchronized (cache) {
                cache.remove(request.getRemoteAddr());
            }
        }

        if (ntlmUserAccount == null) {
            // No NTLM user in session yet, or authentication failed
            sendWwwAuthenticateResponse(response);
            return;
        }

        if (LOG.isDebugEnabled()) {
            LOG.debug("NTLM remote user " + ntlmUserAccount.getUserName());
        }

        session.setAttribute(Constantes.LOGGED_USERNAME, ntlmUserAccount.getUserName());
    }

    if (ntlmUserAccount == null) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("No NTLM user set yet, begin authentication...");
        }

        sendWwwAuthenticateResponse(response);
        return;
    }

    if (LOG.isDebugEnabled()) {
        LOG.debug("NTLM user in session: " + ntlmUserAccount.getUserName());
    }

    HttpServletRequest filteredReq = null;
    if (!(request instanceof NtlmV2HttpRequestWrapper)) {
        // Wrap original request only once
        filteredReq = new NtlmV2HttpRequestWrapper(request, ntlmUserAccount.getUserName());
    }

    LOG.info("AFTER LOGGED_USERNAME|" + (session != null ? session.getAttribute(Constantes.LOGGED_USERNAME) : "") + "|");

    if (filteredReq != null) {
        filterChain.doFilter(filteredReq, res);
    } else {
        filterChain.doFilter(request, res);
    }
}

/**
 * @param response
 * @throws IOException
 */
private void sendWwwAuthenticateResponse(HttpServletResponse response) throws IOException {
    response.setContentLength(0);
    response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM");
    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    response.flushBuffer();
}
link publish delete flag offensive edit
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow
1 follower

RSS

Stats

Asked: 2018-02-14 01:37:58 +0800

Seen: 10 times

Last updated: Feb 16