Details
-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: 3.0.0.Beta1
-
Fix Version/s: 3.0.0.Beta2
-
Labels:None
Description
The application gets successfully deployed. When I try to log in with demo/demo credentials, the JBossAS console throws the following exception:
16:14:46,907 INFO [org.hibernate.validator.engine.resolver.DefaultTraversableResolver] Instantiated an instance of org.hibernate.validator.engine.resolver.JPATraversableResolver.
16:14:46,923 ERROR [org.jboss.seam.security.IdentityImpl] Login failed: org.jboss.seam.security.AuthenticationException: An Authenticator could be located
at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:287) [:3.0.0.Beta1]
at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:217) [:3.0.0.Beta1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_21]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_21]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_21]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_21]
at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [:6.0.0.Final]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102) [:2.0.3-]
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84) [:2.0.3-]
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98) [:2.0.3-]
at javax.faces.component.UICommand.broadcast(UICommand.java:311) [:2.0.3-]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) [:2.0.3-]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) [:2.0.3-]
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77) [:2.0.3-]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) [:2.0.3-]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) [:2.0.3-]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [:6.0.0.Final]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [:6.0.0.Final]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [:6.0.0.Final]
at java.lang.Thread.run(Thread.java:619) [:1.6.0_21]
Gliffy Diagrams
Activity
- All
- Comments
- Work Log
- History
- Activity
- Links Hierarchy
In short there were 2 problems.
First, org.jboss.seam.security.IdentityImpl#lookupAuthenticator wasn't doing what was stated in the javadoc :
1. If the user has specified an authenticatorName property, use it to
locate and return the Authenticator with that name
2. If the authenticatorName hasn't been specified, and the user has provided
their own custom Authenticator, return that one
3. If the user hasn't provided a custom Authenticator, return IdmAuthenticator
and attempt to use the identity management API to authenticate
Only statement #1 was represented in code.
Second, org.jboss.seam.security.management.IdmAuthenticator#authenticate was always setting status to AuthenticationStatus.FAILURE, even in case of success. Also, that method didn't call BaseAuthenticator.setUser(User) when authentication succeeded. That cause IdentityImpl#isLoggedIn() to always return false.
After these corrections, I could log into idmconsole with user "demo", password "demo". Login/logout and password change worked as expected, but I was not able to delete or edit users. Note that groups and role types creation/deletion seemed to work properly.
Richard Barabe
added a comment - In short there were 2 problems.
First, org.jboss.seam.security.IdentityImpl#lookupAuthenticator wasn't doing what was stated in the javadoc :
1. If the user has specified an authenticatorName property, use it to
locate and return the Authenticator with that name
2. If the authenticatorName hasn't been specified, and the user has provided
their own custom Authenticator, return that one
3. If the user hasn't provided a custom Authenticator, return IdmAuthenticator
and attempt to use the identity management API to authenticate
Only statement #1 was represented in code.
Second, org.jboss.seam.security.management.IdmAuthenticator#authenticate was always setting status to AuthenticationStatus.FAILURE, even in case of success. Also, that method didn't call BaseAuthenticator.setUser(User) when authentication succeeded. That cause IdentityImpl#isLoggedIn() to always return false.
After these corrections, I could log into idmconsole with user "demo", password "demo". Login/logout and password change worked as expected, but I was not able to delete or edit users. Note that groups and role types creation/deletion seemed to work properly. Thanks Richard, with the authenticator API overhaul it seems to have broken a few things. I'll get this sorted out shortly.
Shane Bryzak
added a comment - Thanks Richard, with the authenticator API overhaul it seems to have broken a few things. I'll get this sorted out shortly. 
here's my patch ...