Not able to submit request On IE in GateIn portal

Question

I have a GateIn portal based application, where I am submitting a offline form (a HTML form, submitted using javascript).

I am POSTing my form submit to a Servlet. The Servlet checks whether user is logged in. If user is not logged then it redirects the user to login page, parses the form data and save it in session and shows the login page. From the login page user put credentials and submit it. In login portlet the saved session data is not available

The same thing is working in mozilla.

Servlet from where redirection to login Page is made:

protected void doPost(HttpServletRequest aoRequest, HttpServletResponse aoResponse) throws ServletException, IOException
{
  MOLOGWRAPPER.info("SPEFormServiceServlet doPost start");
  Map<String, Object> loHMForm = null;
  String lsIsOffline = null;
  String lsServiceName = null;
  String lsApplicantId = null;
  lsIsOffline = (String) aoRequest.getParameter("Offline");
  String lsTimeStamp = null;
  long loTimeStamp;
  String lsContentPath = this.getServletConfig().getServletContext().getRealPath("");
  if (null != aoRequest.getParameter("formAction") && "fromLogin".equalsIgnoreCase(aoRequest.getParameter("formAction")))
  {
    loHMForm = (Map<String, Object>) aoRequest.getSession().getAttribute("OfflineData");
  }
  //MOLOGWRAPPER.info("LoHM after login in servlet "+loHMForm);
  String msUserId = null;
  if (null != aoRequest.getUserPrincipal())
    msUserId = aoRequest.getUserPrincipal().getName();
  HttpSession moSession = aoRequest.getSession();
  try
  {
    if (null != aoRequest.getParameter("serviceName"))
    {
      lsServiceName = aoRequest.getParameter("serviceName").trim();
    }
    lsApplicantId = aoRequest.getParameter("applicantId");
    // Getting unique time stamp for per user per service
    if (null != aoRequest.getParameter("timestamp"))
    {
      lsTimeStamp = aoRequest.getParameter("timestamp").trim();
      loTimeStamp = Long.parseLong(aoRequest.getParameter("timestamp"));
    } else
    {
      loTimeStamp = (new Date()).getTime();
      lsTimeStamp = String.valueOf(loTimeStamp);
      aoRequest.setAttribute("TMAttachment", lsTimeStamp);
    }
    if (null != lsIsOffline && lsIsOffline.equals("Y"))
    {
      if (null == msUserId)
      {
        try
        {
          MOLOGWRAPPER.info("SPEFormServiceServlet in logout block msUserId:" + msUserId);
          MOLOGWRAPPER.info("SPEFormServiceServlet in logout block SessionID:" + aoRequest.getSession().getId());
          aoRequest.logout();
        } catch (ServletException e)
        {
          e.printStackTrace();
        }
        aoRequest.getSession().setAttribute("OfflineData", loHMForm);
        aoRequest.setAttribute("OfflineData", loHMForm);
        aoResponse.sendRedirect(aoRequest.getScheme() + "://" + aoRequest.getServerName() + ":" + aoRequest.getServerPort() + "/portal/portal/Login?offlineFlag=y&FromForm=y&sp_serviceName=" + lsServiceName);
        return;
      }
    }
  } catch (Exception e)
  {

  }
}

Login Portlet:

• doView:

public void doView(RenderRequest aoRequest, RenderResponse aoResponse)
    throws PortletException, IOException
{

  RenderRequestImpl renderRequest = (RenderRequestImpl) aoRequest;
  HttpServletRequestWrapper httpReq = renderRequest.getRealRequest();
  String serviceName = httpReq.getParameter("sp_serviceName");
  aoRequest.setAttribute("sp_serviceName", serviceName);
  String offlineFlag = httpReq.getParameter("offlineFlag");
  aoRequest.setAttribute("sp_offlineFlag", offlineFlag);
  String fromFrom = httpReq.getParameter("FromForm");
  aoRequest.setAttribute("FromForm", fromFrom);

  PortletSession moSession = aoRequest.getPortletSession();

  if (null != httpReq.getParameter("FromForm") && "Y".equalsIgnoreCase(fromFrom))
  {
    moSession.setAttribute("OfflineData",
        httpReq.getSession().getAttribute("OfflineData"),
        PortletSession.APPLICATION_SCOPE);
  }

  lscsrfVal = RandomStringUtils.randomAlphanumeric(40);
  moSession.setAttribute("csrfVal", lscsrfVal);
  aoRequest.setAttribute("csrfVal", lscsrfVal);
  logger.info("lscsrfVal :: " + lscsrfVal);
  logger.info("moSession : Doview id :: " + moSession.getId());
}

• processAction:

public void processAction(ActionRequest aoRequest, ActionResponse aoResponse)
    throws PortletException
{

  PortletSession moSession = aoRequest.getPortletSession();
  logger.info("moSession : Process Action id :: " + moSession.getId());
  logger.info("csrfVal == " + moSession.getAttribute("csrfVal"));
  HttpServletRequest req = Util.getPortalRequestContext().getRequest();
  HttpSession moHttpSession = req.getSession();
  moHttpSession.getAttribute("csrfVal");
  logger.info("moHttpSession : Process Action id :: " + moHttpSession.getId());
  logger.info("moHttpSession : Process Action OfflineData ::"
      + moHttpSession.getAttribute("OfflineData"));

  if (null != moSession.getAttribute("csrfVal")
      && null != aoRequest.getParameter("sp_csrf")
      && aoRequest.getParameter("sp_csrf").equals(moSession.getAttribute("csrfVal")))
  {
    logger.info("request is valid");
    moSession.removeAttribute("csrfVal");
  } else
  {
    moSession.setAttribute("csrfValErr", "true");
    logger.info("request is invalid :: Redirect to Login");
    return;
  }
}

Logs:

15:37:41,387 INFO  [com.abc.sp.action.SPEFormServiceServlet] (ajp-/127.0.0.1:8009-1) SPEFormServiceServlet in logout block msUserId:null
15:37:41,387 INFO  [com.abc.sp.action.SPEFormServiceServlet] (ajp-/127.0.0.1:8009-1) SPEFormServiceServlet in logout block SessionID:k4dIpdc1Dqiadh4ZMCGTQaeN

15:37:44,418 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : doView : start
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) lscsrfVal :: PLlmfohMhtPBkO2Qt7HAQAMQsdaAg5qsEWCII8aP
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moSession : Doview id :: NC9VLsKmqKPuev2AA304RMTU
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : doView : end

15:38:07,471 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : processAction : Start
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moSession : Process Action id :: o8t09QtNv7-fpR0hcP7uXs1g
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) csrfVal == null
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moHttpSession : Process Action id :: o8t09QtNv7-fpR0hcP7uXs1g
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moHttpSession : Process Action OfflineData :: null
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) request is invalid :: Redirect to Login                

EDIT

doView Method with HttpServletRequest httpReq=Util.getPortalRequestContext().getRequest();

public void doView(RenderRequest aoRequest, RenderResponse aoResponse)
            throws PortletException, IOException {
        HttpServletRequest httpReq=Util.getPortalRequestContext().getRequest();
        HttpSession moHttpSession =httpReq.getSession();
        String serviceName=httpReq.getParameter("sp_serviceName");
        aoRequest.setAttribute("sp_serviceName", serviceName);
        String offlineFlag=httpReq.getParameter("offlineFlag");
        aoRequest.setAttribute("sp_offlineFlag", offlineFlag);
        String fromFrom=httpReq.getParameter("FromForm");
        aoRequest.setAttribute("FromForm", fromFrom);
        PortletSession moSession = aoRequest.getPortletSession();
        if(null!=httpReq.getParameter("FromForm") && "Y".equalsIgnoreCase(fromFrom)){
            moSession.setAttribute("OfflineData", httpReq.getSession().getAttribute("OfflineData"), PortletSession.APPLICATION_SCOPE);
        }

        lscsrfVal =  RandomStringUtils.randomAlphanumeric(40);
        moSession.setAttribute("csrfVal",lscsrfVal);
        aoRequest.setAttribute("csrfVal",lscsrfVal);
        MOLOGWRAPPER.info("lscsrfVal :: "+lscsrfVal);
        MOLOGWRAPPER.info("moSession : Doview id :: "+moSession.getId());

    }

Logs: in doView:

11:56:05,636 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) SPUserActionPortlet : doView : start
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) lscsrfVal :: TsUGvRcevcuSeo4a7daqhl2bjU6lJf9Cg6MNLgYn
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) moSession : Doview id :: 7jxf2nzyatjdxYgoMYYGHKyj
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) SPUserActionPortlet : doView : end

Logs: in processAction:

11:56:37,526 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moSession : Process Action id :: -r96FXye5MlDW+xsEjUgKbzV
11:56:37,527 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) csrfVal == null
11:56:37,527 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moHttpSession : Process Action id :: -r96FXye5MlDW+xsEjUgKbzV
11:56:37,528 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moHttpSession : Process Action OfflineData :: null

Answer 1

The portlet specification (JSR-168 and JSR-286) states the portlet lifecycle, and it should flow as below:

init -> processAction -> render -> destroy

The doView method is executed when the portal container fires the render process and the portal is in view mode. Thus this method is invoked after the processAction method. So try to reverse the wheel and set your session attributes inside the processAction method and not in the doView one.