Servoy Forum

Hello,

We are using Servoy 5.2.16 and recently encountered a scenario when using the Smart Client where FileServerPlugin throws an error.

This happens when a Smart Client network connection has been interrupted for a period of time and reconnects once network connectivity is restored. The application does seem to reconnect OK and does appear to work as normal with the exception of now not being able to stream files. The end user does not notice any difference until they attempt to upload/download a file.

When this is attempted, the following Java console log error is shown and the file streaming dialogue hangs:

ERROR - Debug - Throwable
java.lang.SecurityException: Rejected unauthenticated access
at com.servoy.extensions.plugins.file.FileServerPlugin.securityCheck(Unknown Source)

Closing down the Smart Client & logging back in restores full functionality. Note that this only seems to occur after losing the connection for a few minutes. If the connection is lost momentarily or for a short period, then it all seems to work as expected.

It seems that internally, the reconnected client authentication check that this plugin performs with the application server fails. Is there an internal timeout that occurs causing a previously authenticated client to lose its authenticated status?

Does anybody have any ideas about this issue?

Best regards,

Mark

Yes, the file plugin server component is only accepting files uploads/downloads from valid clients.
Meaning the clientID is passed with all calls to it and verified against the registered clients.
A timeout occur after 30 minutes by default (configurable in the Tomcat sever/conf/web.xml file).

It seems that somehow the client is still passing its old clientID to the server component but this clientID has been invalidated.

Hi Patrick,

Thanks for your helpful response. Your explanation sounds correct.

Does anybody know whether this has been resolved in Servoy versions 6 or 7?

This issue also occurs in one of the other plugins, the MailServer.java plugin. We noticed that the same error is raised when the connection has been disrupted, resumed and an email is initiated. The work around for that is to set mail.server.allowUnauthenticatedRMIAccess to true. This is not possible with the file plugin and is only a temporary work around rather than a solution.

Additionally, this problem was identified by users using laptop hibernation with active connections to the application server. From an end user point of view, at least the file upload/download not working is obvious for the end user, but the email not being sent is not so apparent.

Any input on this would be appreciated.

Mark

In Servoy 5.2, I'm afraid there's no workaround for the file plugin.
In Servoy 6.1+, you can bypass the security check for the file server plugin service by adding 'servoy.FileServerService' to the server property 'servoy.application_server.trustedRemotePlugins'.
Just be aware that when doing so any RMI client (which could potentially be any Java client with knowledge of the Open sources of the plugin) will have uploads/downloads capabilities on your server, meaning a potential security breach...

Did you file a case for this?
If not, please do - it sounds like a bug.

Hi Andrei,

I have now filed a case for this (SVY-5184).

Thanks,

Mark

This problem was already fixed in Servoy 6.1 and higher.

It is now backported to 5.2.17, 6.0.10.

Rob