The normal sven/pass user account is defined in shiro.ini, but when you configure the security module, then its the users set up through its seed data that you need to use. As Martin says, isis-module-security-admin/pass is the "root" account.
Once you've logged in, you might also noticed additional users... including, perhaps "sven". The security module can be configured either to run in delegated mode (for integration with an external service such as LDAP), or non-delegated mode. If in delegated mode then any attempt to login will automatically create that user. However, it will be created DISABLED, for safety; the idea being that the security administrator can then grant the appropriate role and enable. In 1.8.0-SNAPSHOT there's also a new service, UserRegistrationService, and the security module provides a mostly complete implementation of this in SecurityModuleAppUserRegistrationServiceAbstract. The idea is to allow users to be created programmatically. This is used by our new support for "self-registration", see [1] for more details. Dan [1] http://isis.apache.org/reference/services/user-registration-service.html On 6 February 2015 at 15:30, Martin Grigorov <[email protected]> wrote: > Hi, > > Login with isis-module-security-admin/pass and see the available users in > Security > All users menu > On Feb 6, 2015 5:22 PM, "James Agada" <[email protected]> wrote: > > > I followed the process here > > https://github.com/isisaddons/isis-module-security to setup the > security > > module sample application. I am however unable to logon with sven/pass. I > > also tried pass/pass but both cannot login. I get this error > > > > [exec] at java.lang.Thread.run(Thread.java:745) > > [exec] 15:08:02,023 [Native qtp1396261783-29 DEBUG] > > SELECT 'org.isisaddons.module.security.dom.user.ApplicationUser' AS > > > NUCLEUS_TYPE,"A0"."accountType","A0"."emailAddress","A0"."encryptedPassword","A0"."familyName","A0"."faxNumber","A0"."givenName","A0"."knownAs","A0"."phoneNumber","A0"."status","A0"."username","A0"."id","A0"."version" > > FROM "IsisSecurityApplicationUser" "A0" WHERE "A0"."username" = <'sven'> > > [exec] 15:08:02,041 [Native qtp1396261783-29 DEBUG] > > SELECT 'org.isisaddons.module.security.dom.role.ApplicationRole' AS > > NUCLEUS_TYPE,"A1"."description","A1"."name","A1"."id" FROM > > "IsisSecurityApplicationUserRoles" "A0" INNER JOIN > > "IsisSecurityApplicationRole" "A1" ON "A0"."roleId" = "A1"."id" WHERE > > "A0"."userId" = <1> > > [exec] 15:08:02,043 [Native qtp1396261783-29 DEBUG] > > SELECT DISTINCT > > 'org.isisaddons.module.security.dom.permission.ApplicationPermission' AS > > > NUCLEUS_TYPE,"A0"."featureFqn","A0"."featureType","A0"."mode","A0"."rule","A0"."id","A0"."version" > > FROM "IsisSecurityApplicationPermission" "A0" CROSS JOIN > > "IsisSecurityApplicationUser" "VAR_u" INNER JOIN > > "IsisSecurityApplicationUserRoles" "C0" ON "VAR_u"."id" = "C0"."userId" > > INNER JOIN "IsisSecurityApplicationRole" "D0" ON "C0"."roleId" = > "D0"."id" > > WHERE "D0"."id" = "A0"."roleId" AND "VAR_u"."username" = <'sven'> > > [exec] 15:08:02,045 [ShiroAuthenticatorOrAuthorizor > qtp1396261783-29 > > ERROR] Unable to authenticate > > [exec] org.apache.shiro.authc.DisabledAccountException > > [exec] at > > > org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:82) > > [exec] at > > > org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568) > > [exec] at > > > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) > > [exec] at > > > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) > > [exec] at > > > org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) > > [exec] at > > > org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) > > [exec] at > > > org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) > > [exec] at > > > org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) > > [exec] at > > > org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:141) > > [exec] at > > > org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:122) > > [exec] at > > > org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:80) > > [exec] at > > > org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:65) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:218) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:51) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:313) > > [exec] at > > org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1272) > > [exec] at > > org.apache.wicket.markup.html.form.Form.process(Form.java:938) > > [exec] at > > > org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100) > > [exec] at > > org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:770) > > [exec] at > > org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:703) > > [exec] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > > [exec] at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > [exec] at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > [exec] at java.lang.reflect.Method.invoke(Method.java:483) > > [exec] at > > > org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258) > > [exec] at > > > org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216) > > [exec] at > > > org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:243) > > [exec] at > > > org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:236) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:862) > > [exec] at > > > org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:261) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:218) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:289) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:259) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:201) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) > > [exec] at > > > org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) > > [exec] at > > > org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) > > [exec] at > > > org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) > > [exec] at > > > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479) > > [exec] at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119) > > [exec] at > > > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520) > > [exec] at > > > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940) > > [exec] at > > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409) > > [exec] at > > > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874) > > [exec] at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250) > > [exec] at > > > org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149) > > [exec] at > > > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110) > > [exec] at org.eclipse.jetty.server.Server.handle(Server.java:349) > > [exec] at > > > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441) > > [exec] at > > > org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:921) > > [exec] at > > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:784) > > [exec] at > > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:223) > > [exec] at > > > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:46) > > [exec] at > > > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:545) > > [exec] at > > > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:43) > > [exec] at > > > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598) > > [exec] at > > > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533) > > [exec] at java.lang.Thread.run(Thread.java:745) > > [exec] 16:11:34,738 [Native qtp1396261783-27 DEBUG] > > SELECT 'org.isisaddons.module.security.dom.user.ApplicationUser' AS > > > NUCLEUS_TYPE,"A0"."accountType","A0"."emailAddress","A0"."encryptedPassword","A0"."familyName","A0"."faxNumber","A0"."givenName","A0"."knownAs","A0"."phoneNumber","A0"."status","A0"."username","A0"."id","A0"."version" > > FROM "IsisSecurityApplicationUser" "A0" WHERE "A0"."username" = <'admin'> > > [exec] 16:11:34,743 [Native qtp1396261783-27 DEBUG] > > INSERT INTO "IsisSecurityApplicationUser" > > > ("encryptedPassword","tenancyId","knownAs","emailAddress","faxNumber","username","phoneNumber","accountType","givenName","status","familyName","version") > > VALUES > > > (<null>,<null>,<null>,<null>,<null>,<'admin'>,<null>,<'DELEGATED'>,<null>,<'DISABLED'>,<null>,<1>) > > [exec] 16:11:34,746 [Native qtp1396261783-27 DEBUG] > > SELECT 'org.isisaddons.module.security.dom.role.ApplicationRole' AS > > NUCLEUS_TYPE,"A1"."description","A1"."name","A1"."id" FROM > > "IsisSecurityApplicationUserRoles" "A0" INNER JOIN > > "IsisSecurityApplicationRole" "A1" ON "A0"."roleId" = "A1"."id" WHERE > > "A0"."userId" = <2> > > [exec] 16:11:34,749 [Native qtp1396261783-27 DEBUG] > > SELECT DISTINCT > > 'org.isisaddons.module.security.dom.permission.ApplicationPermission' AS > > > NUCLEUS_TYPE,"A0"."featureFqn","A0"."featureType","A0"."mode","A0"."rule","A0"."id","A0"."version" > > FROM "IsisSecurityApplicationPermission" "A0" CROSS JOIN > > "IsisSecurityApplicationUser" "VAR_u" INNER JOIN > > "IsisSecurityApplicationUserRoles" "C0" ON "VAR_u"."id" = "C0"."userId" > > INNER JOIN "IsisSecurityApplicationRole" "D0" ON "C0"."roleId" = > "D0"."id" > > WHERE "D0"."id" = "A0"."roleId" AND "VAR_u"."username" = <'admin'> > > [exec] 16:11:34,750 [ShiroAuthenticatorOrAuthorizor > qtp1396261783-27 > > ERROR] Unable to authenticate > > [exec] org.apache.shiro.authc.DisabledAccountException > > [exec] at > > > org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:82) > > [exec] at > > > org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568) > > [exec] at > > > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) > > [exec] at > > > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) > > [exec] at > > > org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) > > [exec] at > > > org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) > > [exec] at > > > org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) > > [exec] at > > > org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) > > [exec] at > > > org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:141) > > [exec] at > > > org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:122) > > [exec] at > > > org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:80) > > [exec] at > > > org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:65) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:218) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:51) > > [exec] at > > > org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:313) > > [exec] at > > org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1272) > > [exec] at > > org.apache.wicket.markup.html.form.Form.process(Form.java:938) > > [exec] at > > > org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100) > > [exec] at > > org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:770) > > [exec] at > > org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:703) > > [exec] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > > [exec] at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > [exec] at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > [exec] at java.lang.reflect.Method.invoke(Method.java:483) > > [exec] at > > > org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258) > > [exec] at > > > org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216) > > [exec] at > > > org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:243) > > [exec] at > > > org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:236) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:862) > > [exec] at > > > org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:261) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:218) > > [exec] at > > > org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:289) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:259) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:201) > > [exec] at > > > org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) > > [exec] at > > > org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) > > [exec] at > > > org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) > > [exec] at > > > org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) > > [exec] at > > > org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) > > [exec] at > > > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) > > [exec] at > > > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479) > > [exec] at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119) > > [exec] at > > > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520) > > [exec] at > > > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940) > > [exec] at > > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409) > > [exec] at > > > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874) > > [exec] at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117) > > [exec] at > > > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250) > > [exec] at > > > org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149) > > [exec] at > > > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110) > > [exec] at org.eclipse.jetty.server.Server.handle(Server.java:349) > > [exec] at > > > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441) > > [exec] at > > > org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:921) > > [exec] at > > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:784) > > [exec] at > > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:223) > > [exec] at > > > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:46) > > [exec] at > > > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:545) > > [exec] at > > > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:43) > > [exec] at > > > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598) > > [exec] at > > > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533) > > [exec] at java.lang.Thread.run(Thread.java:745) > > > > What am I doing wrong? What I really want to do is to add the security > > model to a simple archetype and go on from there. > > Rgds > > James Agada > > This email and any attachment thereto are confidential and priviledged. > if > > you have received it in error, please delete immediately and notify the > > sender. Do not disclose, copy, circulate or in any way use it. The > > information contained therein is for the address only, if you reply on > it, > > its at your own risk. Emails are not guaranteed to be secure or error > free, > > the message and any attachment could be intercepted, corrupted, lost, > > delayed, incomplete or ammended. Computer warehouse group and its > divisions > > do not accept liability for damage caused by this email or any > attachment. > > The message you tried to print is protected with Information Rights > > Management. You don't have the necessary user rights to print the > message. > > >
