[jira] Created: (GERONIMO-5547) Geronimo_3.0_trunk can't change the password for all users and register new user

Mon, 23 Aug 2010 19:54:39 -0700 

Geronimo_3.0_trunk can't  change the password for all users and register new 
user
---------------------------------------------------------------------------------

                 Key: GERONIMO-5547
                 URL: https://issues.apache.org/jira/browse/GERONIMO-5547
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: security
    Affects Versions: 3.0
         Environment: OS:Windows XP SP3 
Java Version: 1.6.0_20
Server:Geronimo 3.0-SNAPSHOT
            Reporter: Zhen Zhang
            Priority: Critical
             Fix For: 3.0


DO NOT start server at first !
setps to recur:
1.  cd  [GERONIMO HOME]\var\security\ 
2. open "users.properties" and change the password of "system"
3. save the change and startup the Geronimo server
4. open "http://localhost:8080/console";
5. login with User name "system" and your new password ,but you can't access to 
the admin console
6. cd  [GERONIMO HOME]\var\security\ ,then open  "users.properties", you will 
see your new password is not encode

Geronimo log info:
2010-08-24 10:45:42,343 ERROR [AbstractEncryption] Unable to decrypt
java.io.EOFException
        at 
java.io.ObjectInputStream$PeekInputStream.readFully(ObjectInputStream.java:2281)
        at 
java.io.ObjectInputStream$BlockDataInputStream.readShort(ObjectInputStream.java:2750)
        at 
java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:781)
        at java.io.ObjectInputStream.<init>(ObjectInputStream.java:280)
        at 
org.apache.geronimo.crypto.AbstractEncryption.decrypt(AbstractEncryption.java:76)
        at 
org.apache.geronimo.crypto.EncryptionManager.decrypt(EncryptionManager.java:108)
        at 
org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:203)
        at 
org.apache.felix.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at 
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
        at java.security.AccessController.doPrivileged(Native Method)
        at 
javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
        at 
org.apache.geronimo.security.ContextManager.login(ContextManager.java:93)
        at 
org.apache.geronimo.tomcat.security.impl.GeronimoLoginService.login(GeronimoLoginService.java:62)
        at 
org.apache.geronimo.tomcat.security.impl.GeronimoLoginService.login(GeronimoLoginService.java:53)
        at 
org.apache.geronimo.tomcat.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:153)
        at 
org.apache.geronimo.tomcat.security.SecurityValve.invoke(SecurityValve.java:62)
        at 
org.apache.geronimo.tomcat.security.jacc.JACCSecurityValve.invoke(JACCSecurityValve.java:54)
        at 
org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:700)
        at 
org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
        at 
org.apache.geronimo.tomcat.valve.ProtectedTargetValve.invoke(ProtectedTargetValve.java:53)
        at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:146)
        at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:108)
        at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
        at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:402)
        at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:254)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:267)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:245)
        at 
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:260)
        at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:241)
        at 
org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:371)
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:619)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to