Geronimo
  1. Geronimo
  2. GERONIMO-5662

j_security_check 404 not found against security realm authentication

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.0.0
    • Component/s: console
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Environment:

      OS:Windows XP SP3
      Java Version: 1.6.0_20
      Server:Geronimo 3.0-SNAPSHOT

    • Regression:
      Regression

      Description

      setps to recur:
      1. start the Geronimo server, and then open the admin console.

      2.In security realms portlet, click on "Add new security realm" link.

      3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.

      4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.

      5.Click on "Skip Test and Deploy" button.

      6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

      7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

      8.Access "Protect" link to verify that the realm is functional.Input username:system, password: manager

      9.Login page just refreshed, not redirect to /protect/hello.html success page. And click "login" again, got an 404 not found error. This problem exists on Firefox and chrome, fine on IE

      1. VerifyReplaceDefaultSecurityRealm-SEC001.zip
        5 kB
        Zhen Zhang
      2. ie.txt
        3 kB
        Ivan
      3. G5662.patch
        1 kB
        viola.lu
      4. G5662_New.patch
        0.7 kB
        viola.lu
      5. before-ff.txt
        3 kB
        Ivan
      6. after-ff.txt
        3 kB
        Ivan

        Activity

        Zhen Zhang created issue -
        Hide
        Zhen Zhang added a comment -

        Both geronimo-ldap-demo-1.1.war and prop-file-realm-tester.xml are in this attachment.

        Show
        Zhen Zhang added a comment - Both geronimo-ldap-demo-1.1.war and prop-file-realm-tester.xml are in this attachment.
        Zhen Zhang made changes -
        Field Original Value New Value
        Attachment VerifyReplaceDefaultSecurityRealm-SEC001.zip [ 12458033 ]
        viola.lu made changes -
        Assignee viola.lu [ viola.lu ]
        Zhen Zhang made changes -
        Description setps to recur:
        1. start the Geronimo server, and then open the admin console.

        2.In security realms portlet, click on "Add new security realm" link.

        3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.
          
        4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.
          
        5.Click on "Skip Test and Deploy" button.

        6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

        7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

        8.Access "Protect" link to verify that the realm is functional.

        9.Login should succeed for uid=system, pwd=manager

        10.In Security Realms portlet,click on "edit" link next to the security realm to be edited.

        11.Modify the properties and click on "Save" button.

        12.The new properties should be effective the next time the realm is used.
        setps to recur:
        1. start the Geronimo server, and then open the admin console.

        2.In security realms portlet, click on "Add new security realm" link.

        3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.
          
        4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.
          
        5.Click on "Skip Test and Deploy" button.

        6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

        7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

        8.Access "Protect" link to verify that the realm is functional.

        9.Login should succeed for uid=system, pwd=manager

        10.In Security Realms portlet,click on "edit" link next to the security realm to be edited.

        11.Modify the properties and click on "Save" button.

        12.The new properties should take effect at the next time when the realm is used.
        Hide
        viola.lu added a comment -

        pls review it,thanks

        Show
        viola.lu added a comment - pls review it,thanks
        viola.lu made changes -
        Attachment G5662.patch [ 12458626 ]
        Hide
        viola.lu added a comment -

        Pls review it, thanks.

        Show
        viola.lu added a comment - Pls review it, thanks.
        viola.lu made changes -
        Attachment G5662_New.patch [ 12458722 ]
        Hide
        Shawn Jiang added a comment -

        The new patch makes sense to me. applied to trunk@ r1030363.

        Thanks Viola for the patch.

        Show
        Shawn Jiang added a comment - The new patch makes sense to me. applied to trunk@ r1030363. Thanks Viola for the patch.
        Shawn Jiang made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        viola.lu made changes -
        Summary fail to replace default Security Realm j_security_check 404 not found against security realm authentication
        Description setps to recur:
        1. start the Geronimo server, and then open the admin console.

        2.In security realms portlet, click on "Add new security realm" link.

        3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.
          
        4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.
          
        5.Click on "Skip Test and Deploy" button.

        6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

        7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

        8.Access "Protect" link to verify that the realm is functional.

        9.Login should succeed for uid=system, pwd=manager

        10.In Security Realms portlet,click on "edit" link next to the security realm to be edited.

        11.Modify the properties and click on "Save" button.

        12.The new properties should take effect at the next time when the realm is used.
        setps to recur:
        1. start the Geronimo server, and then open the admin console.

        2.In security realms portlet, click on "Add new security realm" link.

        3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties File Realm and click on "Next" button.
          
        4.Enter Users File URI (var/security/users.properties) and Groups File URI ( var/security/groups.properties) and click on "Next" button.
          
        5.Click on "Skip Test and Deploy" button.

        6. Check the realm named "test-prop-file-realm" should be listed in the security realms portlet.

        7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access the application at http://localhost:8080/prop-file-realm-test

        8.Access "Protect" link to verify that the realm is functional.Input username:system, password: manager

        9.Login page just refreshed, not redirect to /protect/hello.html success page. And click "login" again, got an 404 not found error. This problem exists on Firefox and chrome, fine on IE

        Hide
        Ivan added a comment -

        I investigated this issue a bit, it is related to cache, but the reason why it works on IE, not on Firefox is due to the header : if-modified-since
        Comparing the request headers, Firefox does post the request as expected, but a header "if-modified-since" is added, and the server returns Not Modified directly. And with IE, it did not send that header by default ( need to configure it on the IE -> options ). The reason why adding the no-store works is that it prevents Firefox adding the "if-modified-since" header.
        In my opinion, the root cause is that we failed to recover the stored request in the formauthenticator.
        I committed some changes to trunk at rev.1030801

        Show
        Ivan added a comment - I investigated this issue a bit, it is related to cache, but the reason why it works on IE, not on Firefox is due to the header : if-modified-since Comparing the request headers, Firefox does post the request as expected, but a header "if-modified-since" is added, and the server returns Not Modified directly. And with IE, it did not send that header by default ( need to configure it on the IE -> options ). The reason why adding the no-store works is that it prevents Firefox adding the "if-modified-since" header. In my opinion, the root cause is that we failed to recover the stored request in the formauthenticator. I committed some changes to trunk at rev.1030801
        Ivan made changes -
        Attachment before-ff.txt [ 12458787 ]
        Attachment after-ff.txt [ 12458788 ]
        Attachment ie.txt [ 12458789 ]
        Hide
        Zhen Zhang added a comment - - edited

        thanks for Ivan's exploring. I learn much from your comment.

        Show
        Zhen Zhang added a comment - - edited thanks for Ivan's exploring. I learn much from your comment.
        Hide
        viola.lu added a comment -

        Pls verify it and close it. thanks in advance!

        Show
        viola.lu added a comment - Pls verify it and close it. thanks in advance!
        Zhen Zhang made changes -
        Comment [ when execute step 7 ,fail to deploy app at new server build@Nov.08
        you will find this info in server log:
        2010-11-08 17:16:12,531 ERROR [DeploymentPortlet] The application was not deployed.
        Unable to resolve reference "ConfigurationFactory"
            in gbean default/prop-file-realm-tester/1-default/car?J2EEApplication=null,j2eeType=WebModule,name=default/prop-file-realm-tester/1-default/car
            to a gbean matching the pattern [?name=test-prop-file-realm#org.apache.geronimo.security.jaas.ConfigurationFactory]
            due to: No matches for referencePatterns: [?name=test-prop-file-realm#org.apache.geronimo.security.jaas.ConfigurationFactory]
        org.apache.geronimo.common.DeploymentException: Unable to resolve reference "ConfigurationFactory"
            in gbean default/prop-file-realm-tester/1-default/car?J2EEApplication=null,j2eeType=WebModule,name=default/prop-file-realm-tester/1-default/car
            to a gbean matching the pattern [?name=test-prop-file-realm#org.apache.geronimo.security.jaas.ConfigurationFactory]
            due to: No matches for referencePatterns: [?name=test-prop-file-realm#org.apache.geronimo.security.jaas.ConfigurationFactory]
        at org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:534)
        at org.apache.geronimo.deployment.Deployer.install(Deployer.java:342)
        at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:265)
        at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:138)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
        at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:131)
        at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:872)
        at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:245)
        at org.apache.geronimo.deployment.plugin.local.AbstractDeployCommand.doDeploy(AbstractDeployCommand.java:116)
        at org.apache.geronimo.deployment.plugin.local.DistributeCommand.run(DistributeCommand.java:61)
        at java.lang.Thread.run(Thread.java:619) ]
        Zhen Zhang made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Resolved Resolved
        8d 6h 43m 1 Shawn Jiang 03/Nov/10 09:07
        Resolved Resolved Closed Closed
        5d 45m 1 Zhen Zhang 08/Nov/10 09:53

          People

          • Assignee:
            viola.lu
            Reporter:
            Zhen Zhang
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development