You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by David Barron <db...@zencos.com> on 2012/12/18 16:00:45 UTC
Login failing
I am very confused by all things Shiro. As much as I like the idea of it I
seem to have nothing but trouble getting it working.
Right now I am trying to authenticate an Oracle database. My login screen
appears and I type in username and password, but I never get authenticated
and I can not tell why. There are no errors showing in the log, but I can't
for the life of me tell if it is even connecting to the database, or if it
is actually doing a comparison between what is in the database and what I am
supplying in the login form.
Can anyone offer any suggestions? I can supply whatever is needed from the
shiro.ini or anything else.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
Success!!
When I was able to actually see the error that was being generated by the
connection to Oracle there was a NullPointerException being thrown. I had
to make some adjustments to the DataSource and after much trial and error
it's not working.
Here is what my shiro.ini looks like now.
[main]
cm = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled=false
jdbcRealm.authenticationQuery = select password from users where
upper(trim(userid)) = upper(trim(?))
jdbcRealm.userRolesQuery = select role from users where upper(trim(userid))
= upper(trim(?))
ds = oracle.jdbc.pool.OracleDataSource
ds.user = private_rates
ds.password = bA7eChaj
ds.serverName = zendev10.zencos.com
ds.portNumber = 1521
ds.databaseName = ORCL
ds.driverType = thin
jdbcRealm.dataSource = $ds
authc.loginUrl = /logon.jsp
authc.successUrl = index.jsp
authc.failureKeyAttribute = shiroLoginFailure
roles.unauthorizedUrl = /error.jsp
[users]
[roles]
[urls]
/images/** = anon
/logon.jsp = authc
/logout = logout
/** = authc
Thanks for the pointers
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578085.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
Setting the breakpoint doesn't seem to work either, when I open the .class
out of the jar file all I see is the method names and "compiled code", so
there's no way to set the breakpoint.
I have all the source so i can add a call to logger to dump out the
exception, but while I do that let me ask this. Is there a way to include
the debug information in the generated class files so that I can see more
than just "compiled code"?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578084.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by Jared Bunting <ja...@peachjean.com>.
No problem. So, have you tried hooking in a debugger? I'll agree, the
fact that FormAuthenticationFilter basically swallows the exception is
a bit frustrating. I'd say hook in a debugger, set a breakpoint in the
"setFailureAttribute(ServletRequest, AuthenticationException)" method
of FormAuthenticationFilter, and hopefully that will tell you the true
nature of the error.
As far as logging, perhaps try setting it to "TRACE" level for
org.apache.shiro - it looks like we use that fairly liberally in the
Form authentication.
-Jared
On Tue 18 Dec 2012 12:09:44 PM CST, David Barron wrote:
> sorry for the mess, I am trying to post the part of the logon.jsp that shows
> the exception message.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578082.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
sorry for the mess, I am trying to post the part of the logon.jsp that shows
the exception message.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578082.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
<%! String errorMessage = null;%> <% errorMessage =
(String) request.getAttribute("shiroLoginFailure"); if
(errorMessage != null) {%> Invalid Login: <%=errorMessage%>
Enter login information...
<% } else {%>
Enter login information...
<% }%>
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578080.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
I would be happy to but there is nothing in the log after that. There are no
messages at all when I attempt to log in. That's part of the problem.
I'm not getting a 500 error, the logon.jsp is displaying again after I try
to log on. The logon.jsp contains this:
<%! String errorMessage = null;%>
<%
errorMessage = (String)
request.getAttribute("shiroLoginFailure");
if (errorMessage != null) {%>
Invalid Login: <%=errorMessage%><br/>
Enter login information...
<% }
else {%>
Enter login information...
<% }%>
and that is where the AuthenticationException is being displayed. There is
no other indication that anything is happening at all.
I apologize for not giving enough information but I am not sure what
information is needed in order to debug this.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578079.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by Jared Bunting <ja...@peachjean.com>.
What does "getting the usual, and very unhelpful,
org.apache.shiro.authc.AuthenticationException" mean? Is the server
returning a 500 error? Is logon.jsp being redisplayed? What does
logon.jsp look like? Where are you seeing the AuthenticationException?
Is there a message in this AuthenticationException? If you can't
describe the behavior in detail, I'm not sure how we can be expected to
tell you what's wrong.
As far as the log goes, that entire log is just the intialization of
shiro. It includes nothing from the actual authentication process.
What would be interesting to see at this point is the log output when
you attempt to login. Can you share that?
Thanks,
Jared
On Tue 18 Dec 2012 11:22:58 AM CST, David Barron wrote:
> It is logon.jsp. I just noticed that mistake in shiro.ini but changing it
> doesn't alter anything.
>
> I'm getting the usual, and very unhelpful,
> org.apache.shiro.authc.AuthenticationException when my logon.jsp comes back.
> I am not being taken to the error page.
>
> Here is some of what is in the log, I won't post it all.
>
>
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.ArrayConverter - Converting
> 'java.net.URL[]' value '[Ljava.net.URL;@68c95daa' to type 'java.net.URL[]'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.ArrayConverter - No conversion
> required, value is already a java.net.URL[]
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'false' to class 'boolean'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.BooleanConverter - Converting
> 'String' value 'false' to type 'Boolean'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.BooleanConverter - Converted to
> Boolean value 'false'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'select password from users where userid = ?' to class
> 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'select password from users where userid = ?' to type
> 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'select role from users where userid = ?' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'select role from users where userid = ?' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'private_rates' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'private_rates' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'bA7eChaj' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'bA7eChaj' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'zendev10.zencos.com' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'zendev10.zencos.com' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string '1521' to class 'int'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.IntegerConverter - Converting
> 'String' value '1521' to type 'Integer'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.IntegerConverter - No
> NumberFormat, using default conversion
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.IntegerConverter - Converted to
> Integer value '1521'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'private_rates' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'private_rates' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string '/logon.jsp' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value '/logon.jsp' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'index.jsp' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'index.jsp' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string 'shiroLoginFailure' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value 'shiroLoginFailure' to type 'String'
> 18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
> string '/error.jsp' to class 'java.lang.String'
> 18Dec12 12:16:01 DEBUG
> org.apache.commons.beanutils.converters.StringConverter - Converting
> 'String' value '/error.jsp' to type 'String'
> 2182 [Thread-9] INFO org.apache.shiro.realm.AuthorizingRealm - No cache or
> cacheManager properties have been set. Authorization cache cannot be
> obtained.
> 2182 [Thread-9] INFO org.apache.shiro.web.env.EnvironmentLoader - Shiro
> environment initialized in 2182 ms.
>
>
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578077.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
It is logon.jsp. I just noticed that mistake in shiro.ini but changing it
doesn't alter anything.
I'm getting the usual, and very unhelpful,
org.apache.shiro.authc.AuthenticationException when my logon.jsp comes back.
I am not being taken to the error page.
Here is some of what is in the log, I won't post it all.
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.ArrayConverter - Converting
'java.net.URL[]' value '[Ljava.net.URL;@68c95daa' to type 'java.net.URL[]'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.ArrayConverter - No conversion
required, value is already a java.net.URL[]
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'false' to class 'boolean'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.BooleanConverter - Converting
'String' value 'false' to type 'Boolean'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.BooleanConverter - Converted to
Boolean value 'false'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'select password from users where userid = ?' to class
'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'select password from users where userid = ?' to type
'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'select role from users where userid = ?' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'select role from users where userid = ?' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'private_rates' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'private_rates' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'bA7eChaj' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'bA7eChaj' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'zendev10.zencos.com' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'zendev10.zencos.com' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string '1521' to class 'int'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.IntegerConverter - Converting
'String' value '1521' to type 'Integer'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.IntegerConverter - No
NumberFormat, using default conversion
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.IntegerConverter - Converted to
Integer value '1521'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'private_rates' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'private_rates' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string '/logon.jsp' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value '/logon.jsp' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'index.jsp' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'index.jsp' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string 'shiroLoginFailure' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value 'shiroLoginFailure' to type 'String'
18Dec12 12:16:01 DEBUG org.apache.commons.beanutils.ConvertUtils - Convert
string '/error.jsp' to class 'java.lang.String'
18Dec12 12:16:01 DEBUG
org.apache.commons.beanutils.converters.StringConverter - Converting
'String' value '/error.jsp' to type 'String'
2182 [Thread-9] INFO org.apache.shiro.realm.AuthorizingRealm - No cache or
cacheManager properties have been set. Authorization cache cannot be
obtained.
2182 [Thread-9] INFO org.apache.shiro.web.env.EnvironmentLoader - Shiro
environment initialized in 2182 ms.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578077.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by Jared Bunting <ja...@peachjean.com>.
So, when you say "never get authenticated", what happens? Do you get
an error message? Do you get redirected to your error page?
Also, what is your login page? login.jsp or logon.jsp ?
Perhaps you could share your log with us? Or perhaps a sanitized
version?
Thanks,
Jared
On Tue 18 Dec 2012 10:41:35 AM CST, David Barron wrote:
> I've setup the log4j and set it to debug but all I am seeing is a lot of
> messages about converting this to that, there's no trace information that
> tells me what methods are getting called in what classes, etc etc.
>
> This is quite a frustrating exercise without any way of finding out where
> it's going wrong.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578074.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
I've setup the log4j and set it to debug but all I am seeing is a lot of
messages about converting this to that, there's no trace information that
tells me what methods are getting called in what classes, etc etc.
This is quite a frustrating exercise without any way of finding out where
it's going wrong.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578074.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by David Barron <db...@zencos.com>.
Here is shiro.ini:
[main]
cm = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm=org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled=false
jdbcRealm.authenticationQuery = select password from users where userid = ?
jdbcRealm.userRolesQuery = select role from users where userid = ?
jdbcRealm.credentialsMatcher = $cm
ds = oracle.jdbc.pool.OracleDataSource
ds.user = private_rates
ds.password = bA7eChaj
ds.serverName = zendev10.zencos.com
ds.portNumber = 1521
ds.databaseName = private_rates
authc.loginUrl = /logon.jsp
authc.successUrl = index.jsp
authc.failureKeyAttribute = shiroLoginFailure
roles.unauthorizedUrl = /error.jsp
[urls]
/images/** = anon
/login.jsp = authc
/** = authc
Here is my web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
Nothing special about either of them, and I am not using a custom realm.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071p7578073.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Login failing
Posted by Alex opn <op...@gmail.com>.
Are you using a custom realm? If so, post it please. And the .ini would
also be helpful. Have you tried to debug what's happening already? When I
set up my first login with shiro it was a great help to see if it even hit
the realm I wrote and what was happening in there.
(I'm no shiro expert myself so maybe someone else has to jump in to help
but I'm sure they are at least needing you config and some additional
information)
On Tue, Dec 18, 2012 at 4:00 PM, David Barron <db...@zencos.com> wrote:
> I am very confused by all things Shiro. As much as I like the idea of it I
> seem to have nothing but trouble getting it working.
>
> Right now I am trying to authenticate an Oracle database. My login screen
> appears and I type in username and password, but I never get authenticated
> and I can not tell why. There are no errors showing in the log, but I
> can't
> for the life of me tell if it is even connecting to the database, or if it
> is actually doing a comparison between what is in the database and what I
> am
> supplying in the login form.
>
> Can anyone offer any suggestions? I can supply whatever is needed from the
> shiro.ini or anything else.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Login-failing-tp7578071.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>