[ https://issues.apache.org/jira/browse/JSPWIKI-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Juan Pablo Santos RodrÃguez updated JSPWIKI-841: ------------------------------------------------ Fix Version/s: (was: 2.10.2) 2.10.3 > Container Managed Security Not Working > -------------------------------------- > > Key: JSPWIKI-841 > URL: https://issues.apache.org/jira/browse/JSPWIKI-841 > Project: JSPWiki > Issue Type: Bug > Components: Authentication & Authorization > Affects Versions: 2.10 > Environment: Tomcat 7.0.42 > Java 1.7.0_51 > Windows 2008R2 > Reporter: Owen Farrell > Fix For: 2.10.3 > > Attachments: JSPWIKI-841.diff > > > In order to set up container-managed security, I've set set jspwiki.security > to 'off' and uncommented the security constraints defined in the deployment > descriptor. > However, by setting jspwiki.security to off, no AuthorizationManager > registers itself with the WikiEngine. As a result, all logins fail with the > following exception: > {quote} > INFO SecurityLog JSPWiki:/wiki/Edit.jsp - > WikiSecurityEvent.LOGIN_AUTHENTICATED > [source=org.apache.wiki.auth.AuthenticationManager@1c42c135, > princpal=org.apache.catalina.realm.GenericPrincipal ofarrell, > target=org.apache.wiki.WikiSession@1708e9ad] > WARN org.apache.wiki.WikiSession JSPWiki:/wiki/Edit.jsp - User profile > 'ofarrell' not found. This is normal for container-auth users who haven't set > up a profile yet. > org.apache.wiki.auth.WikiSecurityException: Authorizer did not initialize > properly. Check the logs. > at > org.apache.wiki.auth.AuthorizationManager.getAuthorizer(AuthorizationManager.java:336) > at > org.apache.wiki.auth.AuthenticationManager.login(AuthenticationManager.java:312) > at > org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:159) > {quote} -- This message was sent by Atlassian JIRA (v6.3.4#6332)