In a nutshell: sometimes we're seeing the "HTTP Status 500" Apache Tomcat Error Report page when a browser has been sitting idle on a page for longer than the timeout (whereas it's supposed to send them to a "you have been logged out page" when we get an object from their session and see if a value in it is null). It's that typical page where the root cause of the JasperException is this:
javax.servlet.ServletException at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536) at org.apache.jsp.CreateShipment_jsp._jspService(CreateShipment_jsp.java:1197) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
Background: We have some new Linux web servers behind a load balancer, and when the load balancing wasn't configured correctly, sometimes a user who had logged into the site would click a link and then be sent to a page informing them they were not logged in (because the Tomcat with their session was on a different machine, and our app was configured to send them to a logged-out page when no session was detected).
We got the load balancing fixed, but we noticed that when we went back to a page that had been open in the browser for an hour or two and clicked a link, it didn't behave as expected. Typically, if the session is nonexistent due to a timeout (30 minutes) or just because it never existed on that machine, it always kicks them out by doing a sendRedirect to our app's "you are not logged in" page if certain info we check for isn't present in the session it's trying to access. So, any ideas on why we sometimes see it send them to this Tomcat 500 Error report page instead?
The logs have the same Exception info as that Apache/Tomcat Error Report (I'll put part of that at the bottom of this post). Here's what's going on...I can reproduce the error by just logging into the site, letting the browser just sit on that page, and then restarting Tomcat (so that the session is definitely gone). From there, I've tried clicking on navigation links in the site. Sometimes proper behavior is exhibited (you get taken to a "you are not logged in" page), and sometimes we get that whole Apache/Tomcat HTTP 500 Error report page (which doesn't look good to visitors!).
In looking at just two of the JSPs that I'm trying to access, it seems like they have the same code at the top of each. Here's one:
And here's the other:
That PageFunctions.jsp is just to check and see if they're logged in, and it looks like this:
When I try to click the link to the page that calls setProperty on prefs, everything works fine, and catalina.out has "Trying to redirect because validateUserData returns false" in it. catalina.out reports the same printlin for the problem page as well, so we're getting to the same place (response.sendRedirect), but for some reason it doesn't work for one of the JSPs. However, as you'll see in the output from the exception report down at the bottom, the line throwing the exception is the following one at the bottom of the auto-generated JSP page:
How do I debug this? Again, that line above is 1202 mentioned in the exception report down below. Here's the relevant bits from the exception report: