You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "Juan Pablo Santos RodrÃguez (JIRA)" <ji...@apache.org> on 2016/01/04 10:55:40 UTC
[jira] [Closed] (JSPWIKI-924) Attachments fail using JAAS SSO
container authentication
[ https://issues.apache.org/jira/browse/JSPWIKI-924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Juan Pablo Santos RodrÃguez closed JSPWIKI-924.
-----------------------------------------------
> Attachments fail using JAAS SSO container authentication
> --------------------------------------------------------
>
> Key: JSPWIKI-924
> URL: https://issues.apache.org/jira/browse/JSPWIKI-924
> Project: JSPWiki
> Issue Type: Bug
> Components: Core & storage
> Affects Versions: 2.10.1
> Environment: CentOS 6.5 OS, Tomcat 7.0.42, 32-byte single line plain text attachment test file.
> Reporter: Steven Walsh
> Priority: Minor
> Fix For: 2.10.1
>
> Attachments: jspwiki-EditRenameAttach-extract1.txt, jspwiki.policy-extract
>
>
> I'm trying to implement JSPWiki in a JAAS authentication
> SSO environment. I have installed JSPWiki and made some
> minor adjustments to the jspwiki.policy to account for
> different user role names, and everything seems to be
> working OK, except for one thing. None of the users
> (including the administrator) can add attachments to
> any of the pages. If I run the wiki standalone, (outside
> JAAS), attachments work fine.
> I'm using JSPWiki 2.10.1 with Tomcat 7.0.42 on a CentOS
> 6.5 server. My attachment test file is a one-line 32 byte text file.
> I have three basic user roles, all require JAAS authorization
> to access the wiki. User roles are admin, approved (read
> and write for most pages), and unapproved (read only).
> I'm fairly confident that the authentication methods are
> working properly as all page permissions are working as
> expected for each user type.
> But when any admin or approved user tries to add an
> attachment to any page, they get redirected to an Error.jsp
> page showing a java.lang.Exception. To try and track down
> the error source, I rewrote the AttachmentServlet class
> and added a number of additional debug messages.
> Based on what I'm seeing, it appears to me that the error
> is caused by the upload.parseRequest ( req ) returning
> an empty List<FileItem> fileItems in the upload method.
> I added a debug line to verify the contents of the request
> and it is properly populated entering the upload method,
> but it is consumed @ req.getParameter( "progressid" ).
> I commented out the use of the progress bar and found
> the request consumption moves to the context creation
> @ m_engine.createContext( req, WikiContext.ATTACH );
> Once it is consumed there, there is nothing left for the
> upload.parseRequest (req ) to read.
> I realize that I consumed the request by reading it for the
> debug message, but I only used it once per test run to
> determine where it was consumed. In the following log
> extract, that was at time 2015-11-25 14:05:41.892,
> which was after the createContext and before the
> upload.parseRequest.
> I'm inexperienced with the doFilter mechanism, and I see
> that it is part of the exception dump, and I don't know if
> that is working or not, but since upload.parseRequest ( req )
> is returning an empty fileItems list, I suspect there is
> something going on there. But I'm in over my head here.
> This is the log extract, starting right after the container JAAS
> has authorized the user.
> =================
> 2015-11-25 14:05:41.797 [http-bio-8080-exec-1] DEBUG AttachmentServlet 168 - UploadServlet initialized. Using /home/testwiki/storage//attach-tmp for temporary storage.
> 2015-11-25 14:05:41.797 [http-bio-8080-exec-1] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.797 [http-bio-8080-exec-1] DEBUG WikiSession 851 - Custom com.apache.wiki.WikiSession.isIPV4Address has been entered
> 2015-11-25 14:05:41.798 [http-bio-8080-exec-1] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.798 [http-bio-8080-exec-1] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.798 [http-bio-8080-exec-1] DEBUG WikiServletFilter 164 - Executed security filters for user=AdminUser, path=/TestWiki/attach
> 2015-11-25 14:05:41.799 [http-bio-8080-exec-1] DEBUG AttachmentServlet 437 - AttachmentServlet doPost entered
> 2015-11-25 14:05:41.799 [http-bio-8080-exec-1] DEBUG AttachmentServlet 490 - AttachmentServlet upload entered
> 2015-11-25 14:05:41.820 [http-bio-8080-exec-1] DEBUG AttachmentServlet 509 - AttachmentServlet upload; starting try
> 2015-11-25 14:05:41.887 [http-bio-8080-exec-1] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.888 [http-bio-8080-exec-1] DEBUG WikiContext 248 - Creating WikiContext for session ID=8974D02E77F76467ACB66B0EAC09C4D7; target=Main
> 2015-11-25 14:05:41.892 [http-bio-8080-exec-1] DEBUG AttachmentServlet 515 - AttachmentServlet upload; after wikiContext req=
> 2015-11-25 14:05:41.903 [http-bio-8080-exec-1] DEBUG AttachmentServlet 535 - AttachmentServlet upload; fileItems.size()=0
> 2015-11-25 14:05:41.903 [http-bio-8080-exec-1] DEBUG AttachmentServlet 536 - AttachmentServlet upload; before for loop
> 2015-11-25 14:05:41.903 [http-bio-8080-exec-1] DEBUG AttachmentServlet 579 - AttachmentServlet upload; after for loop
> 2015-11-25 14:05:41.903 [http-bio-8080-exec-1] DEBUG AttachmentServlet 583 - AttachmentServlet upload; fileItems size was 0; doing redirect to errorPage
> 2015-11-25 14:05:41.904 [http-bio-8080-exec-1] DEBUG AttachmentServlet 640 - AttachmentServlet upload; after multiple catch, in finally
> 2015-11-25 14:05:41.904 [http-bio-8080-exec-1] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.904 [http-bio-8080-exec-1] DEBUG AttachmentServlet 451 - AttachmentServlet doPost catch doing redirect
> 2015-11-25 14:05:41.904 [http-bio-8080-exec-1] DEBUG AttachmentServlet 454 - AttachmentServlet doPost exiting
> 2015-11-25 14:05:41.944 [http-bio-8080-exec-2] DEBUG WikiServletFilter 107 - Using ByteArrayResponseWrapper
> 2015-11-25 14:05:41.944 [http-bio-8080-exec-2] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.945 [http-bio-8080-exec-2] DEBUG WikiSession 851 - Custom com.apache.wiki.WikiSession.isIPV4Address has been entered
> 2015-11-25 14:05:41.945 [http-bio-8080-exec-2] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.945 [http-bio-8080-exec-2] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.945 [http-bio-8080-exec-2] DEBUG WikiServletFilter 164 - Executed security filters for user=AdminUser, path=/TestWiki/Error.jsp
> 2015-11-25 14:05:41.963 [http-bio-8080-exec-2] DEBUG SessionMonitor 117 - Looking up WikiSession for session ID=8974D02E77F76467ACB66B0EAC09C4D7... found it
> 2015-11-25 14:05:41.965 [http-bio-8080-exec-2] DEBUG WikiContext 248 - Creating WikiContext for session ID=8974D02E77F76467ACB66B0EAC09C4D7; target=Error
> 2015-11-25 14:05:41.966 [http-bio-8080-exec-2] DEBUG JSPWiki 125 - Error.jsp exception is:
> 2015-11-25 14:05:41.967 [http-bio-8080-exec-2] ERROR WikiTagBase 84 - WikiTagBase pageContext IS NOT NULL
> 2015-11-25 14:05:41.970 [http-bio-8080-exec-2] ERROR WikiTagBase 97 - Tag failed
> javax.servlet.jsp.JspException: WikiContext may not be NULL - serious internal problem!
> at org.apache.wiki.tags.WikiTagBase.doStartTag(WikiTagBase.java:90)
> at org.apache.jsp.Error_jsp._jspx_meth_wiki_005fMessages_005f0(Error_jsp.java:193)
> at org.apache.jsp.Error_jsp._jspService(Error_jsp.java:138)
> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
> at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:177)
> at org.apache.wiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:121)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
> at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:341)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
> at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:724)
> 2015-11-25 14:05:41.973 [http-bio-8080-exec-2] ERROR WikiTagBase 116 - Tag failed, check logs: WikiContext may not be NULL - serious internal problem!
> javax.servlet.jsp.JspException: Tag failed, check logs: WikiContext may not be NULL - serious internal problem!
> at org.apache.wiki.tags.WikiTagBase.doStartTag(WikiTagBase.java:98)
> at org.apache.jsp.Error_jsp._jspx_meth_wiki_005fMessages_005f0(Error_jsp.java:193)
> at org.apache.jsp.Error_jsp._jspService(Error_jsp.java:138)
> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
> at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:177)
> at org.apache.wiki.ui.WikiJSPFilter.doFilter(WikiJSPFilter.java:121)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
> at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:341)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
> at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:724)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)