Skip to content

Cross Context Dispatch with Async does not honor context #13144

New issue
New issue
Closed
#13145
Closed
Cross Context Dispatch with Async does not honor context#13144
#13145
Assignees
gregwjoakimejanbartel
Labels
BugFor general bugs on Jetty sideSponsoredThis issue affects a user with a commercial support agreement
@joakime

Description

@joakime
joakime
opened on May 16, 2025

Jetty version(s)
12.0.21

Jetty Environment
ee9 / ee8 (but could be present in others too)

Description
When a cross-context dispatch occurs, and the dispatched to endpoint uses an AsyncContext.dispatch(), then the resulting dispatch has the wrong state, and dispatches to the previous context.

Example:

We have 2 contexts involved.

  1. Context root /
    • has a Filter that performs cross-context-dispatch.
  2. Context service /service
    • has an Servlet /alt/* that uses AsyncContext and performs a dispatch()

The order of events.

  1. Context root / receives a request.
  2. The filter on Context root / gets a ServletContext from /service
  3. The filter gets a RequestDispatcher from /service to a path /service/alt/` context.
  4. The filter performs a RequestDispatcher.forward() to this /service endpoint
  5. The /service/alt/* servlet receives the FORWARD request.
  6. The /service/alt/* servlet establishes an AsyncContext, waits for a timeout, and then performs a dispatch()
  7. (Where problem occurs) - this dispatch goes to the root / context.

There are two problems observed (could be more).

First in the jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/Dispatcher.java

The call to protected void forward(ServletRequest request, ServletResponse response, DispatcherType dispatch) throws ServletException, IOException has a finally block that resets several Request settings, like the HttpURI, this results in bad HttpServletRequest.getRequestURL on the dispatch.

Next is the jetty-ee9/jetty-ee9-servlet/src/main/java/org/eclipse/jetty/ee9/servlet/ServletHandler.java

In the call to public void doScope(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException, there is a finally block that resets the old scope using baseRequest.setUserIdentityScope(oldScope), this sets the Context back to the original context, which results in the AsyncContext.dispatch() calling the original context, not the dispatched to context, like what is expected (and how the behavior works in Jetty 11/10/9).

Metadata

Metadata

Assignees

Labels

BugFor general bugs on Jetty sideSponsoredThis issue affects a user with a commercial support agreement

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions