Users of Symantec Encryption Management Server with Web Email Protection (formerly PGP Universal Server with Web Messenger) may see an HTTP Status 500 error message when logging into their mailbox.
HTTP Status 500 - Cannot call sendRedirect() after the response has been committed
Exception from /var/log/tomcat/localhost.YYYY-MM-DD.log:
java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:483)
at org.owasp.csrfguard.http.InterceptRedirectResponse.sendRedirect(InterceptRedirectResponse.java:56)
at org.owasp.csrfguard.action.Redirect.execute(Redirect.java:48)
at org.owasp.csrfguard.CsrfGuard.isValidRequest(CsrfGuard.java:373)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:78)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at com.pgp.web.ResponseHeaderFilter.doFilter(ResponseHeaderFilter.java:43)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at com.pgp.boom.filter.BoomInvalidateSessionFilter.doFilter(BoomInvalidateSessionFilter.java:25)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Upgrade to Symantec Encryption Management Server 3.3.2 MP3. If you still receive the error after upgrading, restart tomcat on all cluster members:
If you do not have access to the command line you will need to restart the server. Restarting services from the admin interface does not restart tomcat.
If restarting tomcat does not resolve this issue, please carry out this workaround from TECH149248 on all cluster members:
Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product. Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.
Applies To