The long and short of this is that I have an Interceptor that references a CFC stored in cache. Randomly, the interceptor will lose track of this CFC in cache and I will get an error message that the CFC cannot be found. This happens maybe only a couple of times a day and I’m not sure how to troubleshoot. The other interesting thing about it is that the error tends to be generated after a period of user inactivity (mostly at night). So, that’s the high level problem. The details of what I put together is this:
- I have an interceptor (‘AuthorizationInterceptor.cfc’) that allows me to secure access to handlers or handler events by adding an additional attribute called permissions at the component level or function level. For example:
- component permissions=’[“usermanagement”]’
- function securedAction() permissions=’[“permission1”]’{- My interceptor references another CFC called ‘Authorization.cfc’, its purpose is to read in the handlers metadata, collecting all the permissions info and storing it in its instance scope. Additionally this CFC has a method called ‘HasAuthroization(event,permissions)’ which will allow me to check if the user can access the given event by looking at the data stored in the instance scope.
- The main interception points used in my interceptor are ‘afterHandlerCreation’ and ‘preEvent’.
- ‘afterHandlerCreation’ allows me to get the handler after its created and pass it along to the ‘Authorization.cfc’
- ‘preEvent’ allows me to use the ‘Authorization.cfc’ to see if the user has authorization to the requested event- Some code
AuthorizationInterceptor.cfc - afterHandlerCreation
`
<---************************************************************************ ---> <---************************************************************************ ---> /* We are storing the permissions metadata in the coldbox cache. We can lookup the permissions settings for a handler or event from here and take the appropriate action */var ocm = getColdBoxOCM();
var authorization = ‘’;
if(!ocm.lookup(‘AuthorizationManager’)){
var authorization = getModel(‘Authorization’);
ocm.set(‘AuthorizationManager’,authorization);
}else{
var authorization = ocm.get(‘AuthorizationManager’);
}
authorization.addHandler(event,interceptData);
ocm.set(‘AuthorizationManager’,authorization);
return false;
`
AuthorizationInterceptor.cfc - preEvent
`
<---************************************************************************ ---> <---************************************************************************ ---> var authorization = getColdBoxOCM().get('AuthorizationManager'); var handlerExclusion = getProperty('handlerExclusion');var thisHandler = listDeleteAt(interceptData.processedEvent,listLen(interceptData.processedEvent,"."),".");
if(ArrayFindNoCase(handlerExclusion,thisHandler) eq 0){
var appuser = event.getValue(‘appuser’);
var is_authorized = authorization.HasAuthorization(event.getCurrentEvent(),appuser);
if(!is_authorized){
var handlerAction = event.getValue(‘app_properties’).notAuthorizedHandler;
setNextEvent(event.getValue(‘app_properties’).notAuthorizedHandler);
}
}
return false;
`
The line above highlighted in red is what is generating the error. The message is ‘Variable AUTHORIZATION is undefined.’.
I suspect at some point the cache is being cleared after a period of time and during the preEvent the ‘AuthorizationManager’ key is not in the cache anymore. I’m also thinking that the handlers and cachebox are not on the same cache clearing scheduling.
Can anyone help?
Thanks.
Brett