Geek Answers Handbook

Captcha servlet raises java.lang.IllegalStateException: PWC3999: cannot create session after response has been received

I am creating a CAPTCHA input using SimpleCaptcha and doing a Captcha input validation. I created a captcha tab with the following codes.

HTML code:

<form action="submit_proceed.do" method="post"> <img src="captchaImg" /><input type="text" name="captcha" value=""><br /> <input type="submit" value="Submit" name="submit" /> </form>

JavaServlet Code:

 import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.List; import java.util.Iterator; import nl.captcha.Captcha; protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); List errorMsgs = new LinkedList(); try{ // Validate Captcha HttpSession session = request.getSession(true); String userCaptcha = request.getParameter("captcha"); Captcha captcha = (Captcha) session.getAttribute(Captcha.NAME); if (!captcha.isCorrect(userCaptcha)) { errorMsgs.add("Please input the correct Captcha value."); } } catch (RuntimeException e) { errorMsgs.add("An unexpected error: " + e.getMessage()); RequestDispatcher view = request.getRequestDispatcher("/error.view"); view.forward(request, response); }

However, I kept getting this error:

 StandardWrapperValve[Captcha]: PWC1406: Servlet.service() for servlet Captcha threw exception java.lang.IllegalStateException: PWC3999: Cannot create a session after the response has been committed

How to create a session on my servlet? How can I solve this problem?

Many thanks.

+7
servlets session captcha glassfish simplecaptcha
source share
6 answers

Unable to create a session after receiving a response

The exception message is pretty clear. There are funds from an illegal state. You can no longer set / change response headers when the answer is already made. The response is executed when headers are already sent to the client side. This is a point with no return .

The response will be executed whenever the output stream has been flushed (in) directly. This can happen if you write more than 2K of the answer (depending on the server configuration), or did flush() manually or made a call to sendRedirect() .

Whenever a session is to be created, the server needs to set a cookie in the response header so that it can identify a specific client and associate it with an HttpSession instance in server memory. But this is not possible if the answer has already been made, so this is an exception.

Back to the root cause of this problem:

Servlet.service () for Captcha servlet throws an exception

This is caused by this servlet problem with servlet-name of Captcha . You need to check / debug the entire request and response chain to see which servlets / filters are all called, and which one could pass the response before the Captcha servlet could create the session. I can not help you in more detail, because this information is not in your topic.

At least in the code example below, I see that you call response.getWriter() unnecessarily . I'm not sure what the real world code looks like, you may have split some lines, but most likely you are actually writing to it, and this may be the main cause of the problem. If you write too much or make a flash on it, then the reponing will be completed. Do not write the response inside the servlet, which should be the controller. There you usually use JSP. Or if this is for debugging purposes, use stdout ( System.out.println() ) or Logger .

+16
source share

The violation code is in nl.captcha.servlet.SimpleCaptchaServlet Servlet. If you change it to StickyCaptcha , the problem will disappear, but in particular the following insult lines in Servlet SimpleCaptcha.

 CaptchaServletUtil.writeImage(resp, captcha.getImage()); req.getSession().setAttribute(NAME, captcha);

In fact, the code writes the image file in response (which is usually larger than the default 2k).

So for now, you can use StickyCaptcha or check the code and fix the problem.

+2
source share

Move this line:

 HttpSession session = request.getSession(true);

- The first instruction in the doPost method.

 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(true); response.setContentType("text/html;charset=UTF-8"); //... }

This should help.

+1
source share

It seems you have already sent the header to the client before processing the message. If you are creating a session, the server must send the session identifier to the client. This is usually done by sending a cookie. I suppose you are checking your code to see if you are processing the actions before sending anything back to the client.

0
source share

create a session by adding this javax.servlet.http.HttpSession session = request.getSession ();

 try{ javax.servlet.http.HttpSession session = request.getSession(); // Validate Captcha String userCaptcha = request.getParameter("captcha"); Captcha captcha = (Captcha) session.getAttribute(Captcha.NAME); if (!captcha.isCorrect(userCaptcha)) { errorMsgs.add("Please input the correct Captcha value."); } } catch (RuntimeException e) { ... }
0
source share

This line

  (Captcha) session.getAttribute(Captcha.NAME);

implies that the session must exist before this particular request is processed, so I am wondering if there is any kind of initialization that you must complete before submitting the original form. This should be indicated by the framework you are using.

For example, you might have an initial serlvet, which

  creates the image, figures out the value of Capcha.Name creates the session session.setAttribute(Capcha.NAME, theName) emit the html (or forward() to a JSP)

You can do it all in JSP, or you can port your servlet to one.

Are there any examples of using this trap that you could explore?

0
source share

More articles:


All Articles