You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "Owen Farrell (JIRA)" <ji...@apache.org> on 2014/05/20 22:35:38 UTC
[jira] [Created] (JSPWIKI-841) Container Managed Security Not
Working
Owen Farrell created JSPWIKI-841:
------------------------------------
Summary: Container Managed Security Not Working
Key: JSPWIKI-841
URL: https://issues.apache.org/jira/browse/JSPWIKI-841
Project: JSPWiki
Issue Type: Bug
Components: Authentication & Authorization
Affects Versions: 2.10
Environment: Tomcat 7.0.42
Java 1.7.0_51
Windows 2008R2
Reporter: Owen Farrell
Fix For: 2.10.1
In order to set up container-managed security, I've set set jspwiki.security to 'off' and uncommented the security constraints defined in the deployment descriptor.
However, by setting jspwiki.security to off, no AuthorizationManager registers itself with the WikiEngine. As a result, all logins fail with the following exception:
{quote}
INFO SecurityLog CMO Development Services Wiki:/wiki/Edit.jsp - WikiSecurityEvent.LOGIN_AUTHENTICATED [source=org.apache.wiki.auth.AuthenticationManager@1c42c135, princpal=org.apache.catalina.realm.GenericPrincipal ofarrell, target=org.apache.wiki.WikiSession@1708e9ad]
WARN org.apache.wiki.WikiSession JSPWiki:/wiki/Edit.jsp - User profile 'ofarrell' not found. This is normal for container-auth users who haven't set up a profile yet.
org.apache.wiki.auth.WikiSecurityException: Authorizer did not initialize properly. Check the logs.
at org.apache.wiki.auth.AuthorizationManager.getAuthorizer(AuthorizationManager.java:336)
at org.apache.wiki.auth.AuthenticationManager.login(AuthenticationManager.java:312)
at org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:159)
{quote}
--
This message was sent by Atlassian JIRA
(v6.2#6252)