Geronimo
  1. Geronimo
  2. GERONIMO-5662

j_security_check 404 not found against security realm authentication

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.0.0
    • Component/s: console
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Environment:

      OS:Windows XP SP3
      Java Version: 1.6.0_20
      Server:Geronimo 3.0-SNAPSHOT

    • Regression:
      Regression

      Description

      setps to recur:
      1. start the Geronimo server, and then open the admin console.

      2.In security realms portlet, click on "Add new security realm" link.

      3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.

      4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.

      5.Click on "Skip Test and Deploy" button.

      6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

      7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

      8.Access "Protect" link to verify that the realm is functional.Input username:system, password: manager

      9.Login page just refreshed, not redirect to /protect/hello.html success page. And click "login" again, got an 404 not found error. This problem exists on Firefox and chrome, fine on IE

      1. VerifyReplaceDefaultSecurityRealm-SEC001.zip
        5 kB
        Zhen Zhang
      2. G5662.patch
        1 kB
        viola.lu
      3. G5662_New.patch
        0.7 kB
        viola.lu
      4. before-ff.txt
        3 kB
        Ivan
      5. after-ff.txt
        3 kB
        Ivan
      6. ie.txt
        3 kB
        Ivan

        Activity

        Hide
        viola.lu added a comment -

        Pls verify it and close it. thanks in advance!

        Show
        viola.lu added a comment - Pls verify it and close it. thanks in advance!
        Hide
        Zhen Zhang added a comment - - edited

        thanks for Ivan's exploring. I learn much from your comment.

        Show
        Zhen Zhang added a comment - - edited thanks for Ivan's exploring. I learn much from your comment.
        Hide
        Ivan added a comment -

        I investigated this issue a bit, it is related to cache, but the reason why it works on IE, not on Firefox is due to the header : if-modified-since
        Comparing the request headers, Firefox does post the request as expected, but a header "if-modified-since" is added, and the server returns Not Modified directly. And with IE, it did not send that header by default ( need to configure it on the IE -> options ). The reason why adding the no-store works is that it prevents Firefox adding the "if-modified-since" header.
        In my opinion, the root cause is that we failed to recover the stored request in the formauthenticator.
        I committed some changes to trunk at rev.1030801

        Show
        Ivan added a comment - I investigated this issue a bit, it is related to cache, but the reason why it works on IE, not on Firefox is due to the header : if-modified-since Comparing the request headers, Firefox does post the request as expected, but a header "if-modified-since" is added, and the server returns Not Modified directly. And with IE, it did not send that header by default ( need to configure it on the IE -> options ). The reason why adding the no-store works is that it prevents Firefox adding the "if-modified-since" header. In my opinion, the root cause is that we failed to recover the stored request in the formauthenticator. I committed some changes to trunk at rev.1030801
        Hide
        Shawn Jiang added a comment -

        The new patch makes sense to me. applied to trunk@ r1030363.

        Thanks Viola for the patch.

        Show
        Shawn Jiang added a comment - The new patch makes sense to me. applied to trunk@ r1030363. Thanks Viola for the patch.
        Hide
        viola.lu added a comment -

        Pls review it, thanks.

        Show
        viola.lu added a comment - Pls review it, thanks.
        Hide
        viola.lu added a comment -

        pls review it,thanks

        Show
        viola.lu added a comment - pls review it,thanks
        Hide
        Zhen Zhang added a comment -

        Both geronimo-ldap-demo-1.1.war and prop-file-realm-tester.xml are in this attachment.

        Show
        Zhen Zhang added a comment - Both geronimo-ldap-demo-1.1.war and prop-file-realm-tester.xml are in this attachment.

          People

          • Assignee:
            viola.lu
            Reporter:
            Zhen Zhang
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development