[jira] [Assigned] (GEODE-3857) Pulse login fails after unauthorized user credential is used for login

Jens Deppe (JIRA) Tue, 17 Oct 2017 12:39:26 -0700

     [ 
https://issues.apache.org/jira/browse/GEODE-3857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jens Deppe reassigned GEODE-3857:
---------------------------------

    Assignee: Jens Deppe

> Pulse login fails after unauthorized user credential is used for login
> ----------------------------------------------------------------------
>
>                 Key: GEODE-3857
>                 URL: https://issues.apache.org/jira/browse/GEODE-3857
>             Project: Geode
>          Issue Type: Bug
>          Components: pulse
>            Reporter: Jens Deppe
>            Assignee: Jens Deppe
>
> Test as follows:
> Start a locator with {{start locator --name=locator1 
> --J=-Dgemfire.security-manager=org.apache.geode.examples.SimpleSecurityManager}}
> Login to pulse with user/password `cluster/cluster`. Logout by clicking on 
> the logout link. Try and login again with the same credentials.
> The following stacktrace is displayed:
> {noformat}
> HTTP ERROR 500
> Problem accessing /pulse/login. Reason:
>     Server Error
> Caused by:
> java.lang.RuntimeException: Connection closed
>       at 
> org.apache.geode.tools.pulse.internal.security.GemFireAuthentication.populateAuthorities(GemFireAuthentication.java:77)
>       at 
> org.apache.geode.tools.pulse.internal.security.GemFireAuthenticationProvider.authenticate(GemFireAuthenticationProvider.java:61)
>       at 
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
>       at 
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
>       at 
> org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
>       at 
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>       at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
>       at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
>       at 
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
>       at 
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
>       at 
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
>       at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>       at 
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
>       at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
>       at 
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
>       at 
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
>       at 
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
>       at 
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
>       at 
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
>       at 
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
>       at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
>       at 
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
>       at 
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
>       at org.eclipse.jetty.server.Server.handle(Server.java:524)
>       at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319)
>       at 
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:253)
>       at 
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
>       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
>       at 
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
>       at 
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
>       at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
>       at java.lang.Thread.run(Thread.java:745)
> Caused by: java.io.IOException: Connection closed
>       at 
> javax.management.remote.rmi.RMIConnector.getMBeanServerConnection(RMIConnector.java:400)
>       at 
> javax.management.remote.rmi.RMIConnector.getMBeanServerConnection(RMIConnector.java:389)
>       at 
> org.apache.geode.tools.pulse.internal.security.GemFireAuthentication.populateAuthorities(GemFireAuthentication.java:65)
>       ... 44 more
> Caused by:
> java.io.IOException: Connection closed
>       at 
> javax.management.remote.rmi.RMIConnector.getMBeanServerConnection(RMIConnector.java:400)
>       at 
> javax.management.remote.rmi.RMIConnector.getMBeanServerConnection(RMIConnector.java:389)
>       at 
> org.apache.geode.tools.pulse.internal.security.GemFireAuthentication.populateAuthorities(GemFireAuthentication.java:65)
>       at 
> org.apache.geode.tools.pulse.internal.security.GemFireAuthenticationProvider.authenticate(GemFireAuthenticationProvider.java:61)
>       at 
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
>       at 
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
>       at 
> org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
>       at 
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>       at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
>       at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
>       at 
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>       at 
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
>       at 
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
>       at 
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
>       at 
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
>       at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>       at 
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
>       at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
>       at 
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
>       at 
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
>       at 
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
>       at 
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
>       at 
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
>       at 
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
>       at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
>       at 
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
>       at 
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
>       at org.eclipse.jetty.server.Server.handle(Server.java:524)
>       at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319)
>       at 
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:253)
>       at 
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
>       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
>       at 
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
>       at 
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
>       at 
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
>       at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
>       at java.lang.Thread.run(Thread.java:745)
> Powered by Jetty:// 9.3.10.v20160621
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (GEODE-3857) Pulse login fails after unauthorized user credential is used for login

Reply via email to