Jetspeed 2
  1. Jetspeed 2
  2. JS2-1129

JetSpeed hides error if values in SSO-Portlets are specified too long

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 2.2.0
    • Fix Version/s: 2.2.1
    • Component/s: Security
    • Labels:
      None

      Description

      I am trying to use the "SSO Web Content" Portlet to display a website which requires basic authentication. Although all the parameters are specified correctly, I get the error "Could not add remote user: portal principal admin is already associated with a remote user for this site!" displayed when I save the portlet configuration.

      I found out that actually there is a SQL Exception during writing the configuration, but the code just prints out this incorrect error message. Also log-output does not contain any hint of the actual problem.

      Doing some tracing, I found that the problem is caused by the following commit: http://mail-archives.apache.org/mod_mbox/portals-jetspeed-dev/200905.mbox/%3C20090501033954.14ADF23888A4@eris.apache.org%3E

      Look at SSOWebContentPortlet.java, line 194: The change replaces the "throw" of the actual exception with the dumb error message which effectively hides the actual cause in this case. In my case the error was "Unexpected security error at JetspeedSecurityPersistenceManager from addDomain: OJB operation; SQL []; A truncation error was encountered trying to shrink VARCHAR 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' to length 30.; nested exception is java.sql.SQLDataException: A truncation error was encountered trying to shrink VARCHAR 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' to length 30.

      Please adjust the error-check here to only report the error text if this is the actual cause and report the actual error otherwise.

        Issue Links

          Activity

          Hide
          Dominik Stadler added a comment -

          Similar with other types of exceptions, if I get "SSOException: The site could not be created because a site with the same name exists." in the code, I still only see the "Could not add..." error message which is incorrect in this case as well.

          Show
          Dominik Stadler added a comment - Similar with other types of exceptions, if I get "SSOException: The site could not be created because a site with the same name exists." in the code, I still only see the "Could not add..." error message which is incorrect in this case as well.
          Hide
          Dominik Stadler added a comment - - edited

          This is caused by changes done for JS2-671

          Show
          Dominik Stadler added a comment - - edited This is caused by changes done for JS2-671
          Hide
          Woonsan Ko added a comment -

          Hi Dominik,

          I've tried to reproduce the problem after adding a SSOWebContent portlet in a page in the edit mode, but failed.
          Could you please write steps to reproduce with some test data?

          Regards,

          Woonsan

          Show
          Woonsan Ko added a comment - Hi Dominik, I've tried to reproduce the problem after adding a SSOWebContent portlet in a page in the edit mode, but failed. Could you please write steps to reproduce with some test data? Regards, Woonsan
          Hide
          Dominik Stadler added a comment -

          I used a default installation with derby database. The default datamodel in this case only provides 30 characters for the URL. If you enter a longer name/URL in the SSO Web Content portlet, the JDBC insert fails and the error message on the screen reports "Could not add remote..." which is not the actual cause here.

          Show
          Dominik Stadler added a comment - I used a default installation with derby database. The default datamodel in this case only provides 30 characters for the URL. If you enter a longer name/URL in the SSO Web Content portlet, the JDBC insert fails and the error message on the screen reports "Could not add remote..." which is not the actual cause here.
          Hide
          Woonsan Ko added a comment -

          Thanks a lot, Dominik.
          The reason why I asked you is that I couldn't find the problem with the current trunk (2.2.1-SNAPSHOT).
          Probably, somebody has fixed this already.
          I will check with 2.2.0 and the fix has been already added.
          Regards, Woonsan

          Show
          Woonsan Ko added a comment - Thanks a lot, Dominik. The reason why I asked you is that I couldn't find the problem with the current trunk (2.2.1-SNAPSHOT). Probably, somebody has fixed this already. I will check with 2.2.0 and the fix has been already added. Regards, Woonsan
          Hide
          Woonsan Ko added a comment -

          Fixed.

          Increased the column size of DOMAIN_NAME of SECURITY_DOMAIN table to 254, which is the same size of NAME of SSO_SITE.
          The SSOManager service component has allowed to create a domain with the same name of sso site for the principal.
          So, sso related portlets uses the url for the name in this implicit addition.
          Therefore, the column size of DOMAIN_NAME must have been the same size of NAME of SSO_SITE.
          Also, added the detailed message of the root exception cause on unexpected errors in the sso portlets.

          Show
          Woonsan Ko added a comment - Fixed. Increased the column size of DOMAIN_NAME of SECURITY_DOMAIN table to 254, which is the same size of NAME of SSO_SITE. The SSOManager service component has allowed to create a domain with the same name of sso site for the principal. So, sso related portlets uses the url for the name in this implicit addition. Therefore, the column size of DOMAIN_NAME must have been the same size of NAME of SSO_SITE. Also, added the detailed message of the root exception cause on unexpected errors in the sso portlets.

            People

            • Assignee:
              Woonsan Ko
              Reporter:
              Dominik Stadler
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development