[seam-issues] [JBoss JIRA] Commented: (SEAMSECURITY-25) Cannot login into idmconsole application

Wed, 02 Feb 2011 13:42:25 -0800 

    [ 
https://issues.jboss.org/browse/SEAMSECURITY-25?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12579679#comment-12579679
 ] 

Richard Barabe commented on SEAMSECURITY-25:
--------------------------------------------

In short there were 2 problems.
First, org.jboss.seam.security.IdentityImpl#lookupAuthenticator wasn't doing 
what was stated in the javadoc : 
{quote}
1. If the user has specified an authenticatorName property, use it to
locate and return the Authenticator with that name
2. If the authenticatorName hasn't been specified, and the user has provided
their own custom Authenticator, return that one
3. If the user hasn't provided a custom Authenticator, return IdmAuthenticator
and attempt to use the identity management API to authenticate
{quote}
Only statement #1 was represented in code.

Second, org.jboss.seam.security.management.IdmAuthenticator#authenticate was 
always setting status to AuthenticationStatus.FAILURE, even in case of success. 
 Also, that method didn't call BaseAuthenticator.setUser(User) when 
authentication succeeded.  That cause IdentityImpl#isLoggedIn() to always 
return false.

After these corrections, I could log into idmconsole with user "demo", password 
"demo".  Login/logout and password change worked as expected, but I was not 
able to delete or edit users.  Note that groups and role types 
creation/deletion seemed to work properly.

> Cannot login into idmconsole application
> ----------------------------------------
>
>                 Key: SEAMSECURITY-25
>                 URL: https://issues.jboss.org/browse/SEAMSECURITY-25
>             Project: Seam Security
>          Issue Type: Bug
>    Affects Versions: 3.0.0.Beta1
>            Reporter: Martin Gencur
>         Attachments: fix_SEAMSECURITY-25.patch
>
>
> The application gets successfully deployed. When I try to log in with 
> demo/demo credentials, the JBossAS console throws the following exception:
> 16:14:46,907 INFO  
> [org.hibernate.validator.engine.resolver.DefaultTraversableResolver] 
> Instantiated an instance of 
> org.hibernate.validator.engine.resolver.JPATraversableResolver.
> 16:14:46,923 ERROR [org.jboss.seam.security.IdentityImpl] Login failed: 
> org.jboss.seam.security.AuthenticationException: An Authenticator could be 
> located
>       at 
> org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:287) 
> [:3.0.0.Beta1]
>       at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:217) 
> [:3.0.0.Beta1]
>       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
> [:1.6.0_21]
>       at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
> [:1.6.0_21]
>       at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>  [:1.6.0_21]
>       at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_21]
>       at org.apache.el.parser.AstValue.invoke(AstValue.java:196) 
> [:6.0.0.Final]
>       at 
> org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) 
> [:6.0.0.Final]
>       at 
> org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
>  [:6.0.0.Final]
>       at 
> org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) 
> [:6.0.0.Final]
>       at 
> org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
>  [:6.0.0.Final]
>       at 
> org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) 
> [:6.0.0.Final]
>       at 
> com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102)
>  [:2.0.3-]
>       at 
> javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84)
>  [:2.0.3-]
>       at 
> com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98)
>  [:2.0.3-]
>       at javax.faces.component.UICommand.broadcast(UICommand.java:311) 
> [:2.0.3-]
>       at 
> javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) 
> [:2.0.3-]
>       at 
> javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) 
> [:2.0.3-]
>       at 
> com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77)
>  [:2.0.3-]
>       at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
>       at 
> com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) 
> [:2.0.3-]
>       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) 
> [:2.0.3-]
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
>  [:6.0.0.Final]
>       at 
> org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>  [:6.0.0.Final]
>       at 
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181)
>  [:6.0.0.Final]
>       at 
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285)
>  [:1.1.0.Final]
>       at 
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261)
>  [:1.1.0.Final]
>       at 
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88)
>  [:6.0.0.Final]
>       at 
> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) 
> [:6.0.0.Final]
>       at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
> [:6.0.0.Final]
>       at 
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>  [:6.0.0.Final]
>       at 
> org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53)
>  [:6.0.0.Final]
>       at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) 
> [:6.0.0.Final]
>       at 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) 
> [:6.0.0.Final]
>       at 
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654)
>  [:6.0.0.Final]
>       at 
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) 
> [:6.0.0.Final]
>       at java.lang.Thread.run(Thread.java:619) [:1.6.0_21]

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues

Reply via email to