![]() |
|
|
|
|
Change By:
|
Jan Haderka
(16/Apr/13 9:42 AM)
|
|
Description:
|
Changed magnolia.properties as described under
http://wiki.magnolia-cms.com/display/WIKI/Rescue+Security+Support
Log
See attached log
file
shows that RescueSecuritySupport is indeed used:
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:50 -- Using RescueSecuritySupport !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:50 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:50 -- Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !
WARN info.magnolia.cms.security.PermissionUtil 10.04.2013 11:51:50 -- no permissions found
for
[info
details
.
magnolia.cms.security.RescueSecuritySupport$RescueUser@5ede6cfc]
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:51 -- Using RescueSecuritySupport, will instantiate MgnlRoleManager, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:56 -- Using RescueSecuritySupport, will force authentication with a fake system user, please fix your configuration !
WARN info.magnolia.cms.security.RescueSecuritySupport 10.04.2013 11:51:56 -- Using RescueSecuritySupport, will instantiate RescueUserManager, please fix your configuration !
Trying to login with superuser/superuser results in the following error:
java.lang.RuntimeException: javax.security.auth.login.FailedLoginException: Passwords do not match
info.magnolia.cms.security.RescueSecuritySupport.authenticate(RescueSecuritySupport.java:106)
info.magnolia.cms.security.auth.login.LoginHandlerBase.authenticate(LoginHandlerBase.java:47)
info.magnolia.cms.security.auth.login.FormLogin.handle(FormLogin.java:76)
info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:66)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.UnicodeNormalizationFilter.doFilter(UnicodeNormalizationFilter.java:90)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:91)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
root cause
javax.security.auth.login.FailedLoginException: Passwords do not match
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.matchPassword(JCRAuthenticationModule.java:189)
info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.validateUser(JCRAuthenticationModule.java:119)
info.magnolia.jaas.sp.AbstractLoginModule.login(AbstractLoginModule.java:201)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:616)
javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
javax.security.auth.login.LoginContext.login(LoginContext.java:594)
info.magnolia.cms.security.RescueSecuritySupport.authenticate(RescueSecuritySupport.java:99)
info.magnolia.cms.security.auth.login.LoginHandlerBase.authenticate(LoginHandlerBase.java:47)
info.magnolia.cms.security.auth.login.FormLogin.handle(FormLogin.java:76)
info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:66)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.UnicodeNormalizationFilter.doFilter(UnicodeNormalizationFilter.java:90)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:91)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
At best this is a confusing message, since it is supposed to use UserManager.SYSTEM_PSWD (i.e. "superuser"), which was definitely entered.
Or maybe the RescueSecuritySupport is just not working in 4.5.8, which would be bad.
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <
[email protected]>
----------------------------------------------------------------
