New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Websocket XHR fallbacks get IllegalStateException: Cannot create a session after the response has been committed upgrading to Boot 3.2.7 #14864
Comments
Thanks, @stnor, and sorry you are having trouble. I imagine that the SAML, JWT, and other pieces of configuration are unrelated. Would you be able to post a minimal GitHub sample that reproduces the issue? |
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed. |
I was able to recreate this locally a few times (it seems pretty rare) with:
I don't fully understand what it takes to get the error to occur, but it's related to Any ideas on how to proceed would be appreciated.
|
When I'm setting a breakpoint at But then I sometimes get another invocation a bit later... What would cause a this code to get initiated, not related to an http-request initiated by me? The |
Any ideas how the "Broken Pipe" related exceptions end up here @jzheaux? These "errors" are ineviatable for websockets given that people close their laptops etc. |
Describe the bug
I recently upgraded from Boot 2.7 to 3.2.7.
Since then I am getting a lot of
java.lang.IllegalStateException: Cannot create a session after the response has been committed
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:99)`
2024-04-08T10:39:14.519+02:00 E o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] threw exception
java.lang.IllegalStateException: Cannot create a session after the response has been committed`
It seems to be related to Websocket requests that fallback to XHR:
[08/Apr/2024:10:39:14 +0200] "POST /ws/684/0jl1hqqe/xhr_streaming?t=1712565509691 HTTP/1.1" 500 83 "***" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 50009522
I am using
requireExplicitSave = false
for the context andSessionCreationPolicy.ALWAYS
SecurityConfig:
The text was updated successfully, but these errors were encountered: