[
https://issues.apache.org/jira/browse/JSPWIKI-836?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jürgen Weber updated JSPWIKI-836:
---------------------------------
Attachment: jspwiki-custom.properties
> container-managed authorization broken
> --------------------------------------
>
> Key: JSPWIKI-836
> URL: https://issues.apache.org/jira/browse/JSPWIKI-836
> Project: JSPWiki
> Issue Type: Bug
> Components: Authentication & Authorization
> Affects Versions: 2.10
> Environment: tomcat-7.0.52, Oracle Java 1.7.0_51, Ubuntu 13.10
> Reporter: Jürgen Weber
> Priority: Critical
> Attachments: jspwiki-custom.properties
>
>
> I did a fresh installation of JSPWiki 2.10.0 on apache-tomcat-7.0.52 (Java 7)
> and enabled container-managed authorization in web.xml
> When I try to log into the wiki, the login screen reappears forever.
> User and role in tomcat-users.xml seem to be fine, when I try the Tomcat
> security sample (to which I added the Authenticated role) at
> http://ubuntu:8080/examples/jsp/security/protected/index.jsp
> the user has the role:
> You are logged in as remote user wiki in session
> ACD11187E8CF5E70FD05C88D77F36F46
> Your user principal name is wiki
> You have been granted role Authenticated
> But the wiki refuses to accept the user (this container-managed authorization
> setup used to work with 2.8.4)
> I am not sure what actually went wrong, there is nothing in the logs, might
> be that the user could not be gotten from the container, might be, that the
> policy (which I did not touch) is wrong, or that web.xml could not be parsed.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
