KasunG *has* (been) *volunteered* :D On Mon, May 28, 2012 at 11:09 PM, Thilina Buddhika <[email protected]>wrote:
> This issue is not really related to the server URL, rather to the tenant > aware FE URL of the login page. This used to work earlier, but this was not > tested recently with the introduction of SSO. > > This should be a trivial fix. If anyone like to learn these stuff, I am > happy to help. :) > > Thanks, > Thilina > > > On Mon, May 28, 2012 at 11:05 PM, Afkham Azeez <[email protected]> wrote: > >> Server URL is used for FE-BE separation. All FEs talks to BEs via URLs >> they construct using Server URL. So you can run an FE separately & connect >> to different BEs. Of course, the BE services required by the FEs should be >> available in the BEs pointed to by the Server URL. Connecting to an ESB BE >> using an AppServer FE will cause issues since all BE admin services >> required by the AS FE are not there in the ESB viz-a-viz. >> >> Try starting two AS instances, and logging in from the FE in one AS >> instance to the BE of another instance. That should work. >> >> >> On Mon, May 28, 2012 at 11:00 PM, Kasun Gajasinghe <[email protected]>wrote: >> >>> >>> Isn't this modifiable Server URL functionality actually broken? I tried >>> few tests, and different products behaved differently when I tried to login >>> from one server's management console to server's back-end. >>> >>> I tested this by starting up two servers ESB, and AppServer in ports >>> 9444, and 9449 respectively. Then, I entered the ESB's Server URL ( >>> https://localhost:9444/services/) in AppServer, and tried to log in >>> with correct credentials. But it *couldn't log in*. It showed me the >>> error [1] which is the same error you get when a wrong username/password is >>> entered. The server log is at [2] >>> >>> Then I tried to login to AppServer from ESB. Which resulted in a >>> different behavior. I *was *able to login, not to AppServer but to ESB >>> itself!! As shown in the screenshot, it signed in as "*Signed-in as:* >>> [email protected]:*9449*" but the server is actually running in port >>> 9444. I can't perform any admin operation specific to ESB there either, as >>> shown by the screenshot. >>> >>> Then I set a random port (say 9000) as Server URL in ESB, then it said a >>> wrong username/password is entered! >>> >>> These are quite random behavior. Does the server url is actually meant >>> to use for things like this? I'm confused. >>> >>> >>> [1] The user name or password you entered is incorrect. Please try again >>> [2] >>> osgi> [2012-05-28 22:48:19,743] WARN - AuthenticationHandler Illegal >>> access attempt at [2012-05-28 22:48:19,0743] from IP address 10.111.2.92 : >>> Service is LoggedUserInfoAdmin >>> [2012-05-28 22:48:19,745] ERROR - AxisEngine Access Denied. Please login >>> first. >>> org.apache.axis2.AxisFault: Access Denied. Please login first. >>> at >>> org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.authenticate(AuthenticationHandler.java:83) >>> at >>> org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.invoke(AuthenticationHandler.java:61) >>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262) >>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168) >>> at >>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) >>> at >>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) >>> at >>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:199) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >>> at >>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) >>> at >>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) >>> at >>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >>> at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:164) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>> at >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240) >>> at >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164) >>> at >>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462) >>> at >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) >>> at >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) >>> at >>> org.wso2.carbon.server.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:154) >>> at org.wso2.carbon.server.TomcatServer$1.invoke(TomcatServer.java:254) >>> at >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563) >>> at >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>> at >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:399) >>> at >>> org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:396) >>> at >>> org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:356) >>> at >>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1534) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >>> at java.lang.Thread.run(Thread.java:662) >>> >>> >>> Thanks, >>> --KasunG >>> >>> >>> On Mon, May 28, 2012 at 10:31 PM, Thilina Buddhika <[email protected]>wrote: >>> >>>> Hi Azeez, >>>> >>>> Dimuthu and I had a chat on this. >>>> >>>> This is a known issue. Ideally if you have "https://localhost:9443*/t/ >>>> azeez.org*/carbon/admin/login.jsp " as the page URL you should be able >>>> to log in using just tenant username(without full qualified username) and >>>> password. >>>> >>>> Also after you signed out as tenant user, if you log in as a super >>>> tenant user, then it will try to redirect you to the tenant-dashboard page. >>>> >>>> These two are known issues that need to fixed. >>>> >>>> Thanks, >>>> Thilina >>>> >>>> >>>> On Mon, May 28, 2012 at 10:24 PM, Afkham Azeez <[email protected]> wrote: >>>> >>>>> I first signed in as [email protected], and then signed out. Next I >>>>> wanted to sign in as admin/admin. But I kept getting the login failed >>>>> message. >>>>> >>>>> When I checked the URL in the browser it was, https://localhost:9443* >>>>> /t/azeez.org* >>>>> /carbon/admin/login.jsp?loginStatus=false&errorCode=invalid.credentials >>>>> >>>>> I think some filter or the CarbonSecuredHttpContext is appending the >>>>> tenant to the URL which results in this error. After removing the tenant >>>>> part from the URL, I was able to login as admin/admin >>>>> >>>>> -- >>>>> *Afkham Azeez* >>>>> Director of Architecture; WSO2, Inc.; http://wso2.com >>>>> Member; Apache Software Foundation; http://www.apache.org/ >>>>> * <http://www.apache.org/>** >>>>> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >>>>> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >>>>> twitter: >>>>> **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >>>>> * >>>>> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >>>>> * >>>>> * >>>>> *Lean . Enterprise . Middleware* >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thilina Buddhika >>>> Associate Technical Lead >>>> WSO2 Inc. ; http://wso2.com >>>> lean . enterprise . middleware >>>> >>>> phone : +94 77 44 88 727 >>>> blog : http://blog.thilinamb.com >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> *Kasun Gajasinghe* >>> Software Engineer; >>> Development Technologies Team, WSO2 Inc.; http://wso2.com , >>> *email: **kasung AT spamfree wso2.com** cell: **+94 (77) 678-0813* >>> *linked-in: *http://lk.linkedin.com/in/gajasinghe* >>> * >>> *blog: **http://blog.kasunbg.org* <http://blog.kasunbg.org>* >>> twitter: **http://twitter.com/kasunbg* <http://twitter.com/kasunbg>* >>> * >>> >>> >> >> >> -- >> *Afkham Azeez* >> Director of Architecture; WSO2, Inc.; http://wso2.com >> Member; Apache Software Foundation; http://www.apache.org/ >> * <http://www.apache.org/>** >> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >> * >> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >> * >> * >> *Lean . Enterprise . Middleware* >> >> > > > -- > Thilina Buddhika > Associate Technical Lead > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 77 44 88 727 > blog : http://blog.thilinamb.com > -- *Afkham Azeez* Director of Architecture; WSO2, Inc.; http://wso2.com Member; Apache Software Foundation; http://www.apache.org/ * <http://www.apache.org/>** email: **[email protected]* <[email protected]>* cell: +94 77 3320919 blog: **http://blog.afkham.org* <http://blog.afkham.org>* twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> * linked-in: **http://lk.linkedin.com/in/afkhamazeez* * * *Lean . Enterprise . Middleware*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
