Affects Version/s: 2.10
Fix Version/s: None
Component/s: Authentication & Authorization
tomcat-7.0.52, Oracle Java 1.7.0_51, Ubuntu 13.10
I did a fresh installation of JSPWiki 2.10.0 on apache-tomcat-7.0.52 (Java 7) and enabled container-managed authorization in web.xml
When I try to log into the wiki, the login screen reappears forever.
User and role in tomcat-users.xml seem to be fine, when I try the Tomcat security sample (to which I added the Authenticated role) at
the user has the role:
You are logged in as remote user wiki in session ACD11187E8CF5E70FD05C88D77F36F46
Your user principal name is wiki
You have been granted role Authenticated
But the wiki refuses to accept the user (this container-managed authorization setup used to work with 2.8.4)
I am not sure what actually went wrong, there is nothing in the logs, might be that the user could not be gotten from the container, might be, that the policy (which I did not touch) is wrong, or that web.xml could not be parsed.