Form based authentication configuration issue

Fri, 12 Mar 2021 03:31:14 -0800

I tried to configure form based authentication for a certain subtree under /content.
So I added the path in the felix console the Sling Form Based Authentication Handler configuration, providing the absolute path /content/a/b, being the admin user. 
But saving the changed configuration resulted in this error:

HTTP ERROR 500
Problem accessing /system/console/configMgr/org.apache.sling.auth.form.FormAuthenticationHandler. Reason: 

    Server Error

Caused by:
org.apache.sling.api.auth.NoAuthenticationHandlerException
    at org.apache.sling.auth.core.impl.SlingAuthenticator.login(SlingAuthenticator.java:588)     at org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider2.authenticate(SlingWebConsoleSecurityProvider2.java:91)     at org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:103)     at org.apache.felix.http.base.internal.service.ServletContextImpl.handleSecurity(ServletContextImpl.java:406)     at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:58)     at org.apache.felix.http.base.internal.dispatch.Dispatcher$1.doFilter(Dispatcher.java:146)     at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager$2.doFilter(WhiteboardManager.java:1014)     at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:97)
Note that at that point in time, the Apache Sling Form Based Authentication Handlerorg.apache.sling.auth.form bundle (V 1.0.12) was active.
And, the changed record got actually written to file /sling/config/org/apache/sling/auth/form/FormAuthenticationHandler.config : 

:org.apache.felix.configadmin.revision:=L"1"^M
form.auth.name="sling.formauth"^M
form.auth.storage="cookie"^M
form.auth.timeout=I"30"^M
form.credentials.name="sling.formauth"^M
form.default.cookie.domain=""^M
form.login.form="/system/sling/form/login"^M
form.onexpire.login=B"false"^M
form.token.fastseed=B"false"^M
form.token.file="cookie-tokens.bin"^M
jaas.controlFlag="sufficient"^M
jaas.ranking=I"1000"^M
jaas.realmName="jackrabbit.oak"^M
path=[ \^M
  "/content/a/b", \^M
  ]^M
preferReasonCode=B"false"^M
service.pid="org.apache.sling.auth.form.FormAuthenticationHandler"^M
service.ranking=I"0"^M
useInclude=B"false"^M


But the login page (/system/sling/login.html) returned with Http status 403:
The requested URL /system/sling/login.html resulted in an error in org.apache.sling.auth.core.impl.LoginServlet. 
Request Progress:

      0 TIMER_START{Request Processing}
      3 COMMENT timer_end format is {<elapsed microseconds>,<timer name>} <optional message> 
     13 LOG Method=GET, PathInfo=null
     14 TIMER_START{handleSecurity}
   1277 TIMER_END{1260,handleSecurity} authenticator org.apache.sling.auth.core.impl.SlingAuthenticator@232f04d8 returns true 
   2061 TIMER_START{ResourceResolution}
   2254 TIMER_END{189,ResourceResolution} URI=/system/sling/login.html resolves to Resource=ServletResource, servlet=org.apache.sling.auth.core.impl.LoginServlet, path=/system/sling/login    2273 LOG Resource Path Info: SlingRequestPathInfo: path='/system/sling/login', selectorString='null', extension='html', suffix='null' 
   2274 TIMER_START{ServletResolution}
   2282 TIMER_START{resolveServlet(/system/sling/login)}
   2306 TIMER_END{23,resolveServlet(/system/sling/login)} Using servlet org.apache.sling.auth.core.impl.LoginServlet    2311 TIMER_END{36,ServletResolution} URI=/system/sling/login.html handled by Servlet=org.apache.sling.auth.core.impl.LoginServlet 
   2328 LOG Applying Requestfilters
   2339 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter
   2347 LOG Calling filter: org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter 
   2355 LOG Applying Componentfilters
   2370 TIMER_START{org.apache.sling.auth.core.impl.LoginServlet#0}
   2753 LOG Applying Error filters
   2758 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter
   2769 TIMER_START{handleError:status=403}
   3509 TIMER_END{736,handleError:status=403} Using handler org.apache.sling.servlets.resolver.internal.defaults.DefaultErrorHandlerServlet    4880 TIMER_END{4878,Request Processing} Dumping SlingRequestProgressTracker Entries
The login page only returns back to normal after completely removing (manually) the three path lines in FormAuthenticationHandler.config. So there seems to be a problem with the path entry. 

What goes wrong here?

Thanks,
Juerg

Reply via email to