You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jspwiki.apache.org by "Juan Pablo Santos Rodríguez (JIRA)" <ji...@apache.org> on 2014/06/05 21:41:02 UTC

[jira] [Commented] (JSPWIKI-841) Container Managed Security Not Working

    [ https://issues.apache.org/jira/browse/JSPWIKI-841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14019144#comment-14019144 ] 

Juan Pablo Santos Rodríguez commented on JSPWIKI-841:
-----------------------------------------------------

Hi Owen, 

added the suggested patch on 2.10.2-svn-2. Will take a further look to see why the error message isn't showing on unsuccesful logins with container managed authentication.


br,

> Container Managed Security Not Working
> --------------------------------------
>
>                 Key: JSPWIKI-841
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-841
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Authentication & Authorization
>    Affects Versions: 2.10
>         Environment: Tomcat 7.0.42
> Java 1.7.0_51
> Windows 2008R2
>            Reporter: Owen Farrell
>             Fix For: 2.10.2
>
>         Attachments: JSPWIKI-841.diff
>
>
> In order to set up container-managed security, I've set set jspwiki.security to 'off' and uncommented the security constraints defined in the deployment descriptor.
> However, by setting jspwiki.security to off, no AuthorizationManager registers itself with the WikiEngine. As a result, all logins fail with the following exception:
> {quote}
> INFO SecurityLog JSPWiki:/wiki/Edit.jsp - WikiSecurityEvent.LOGIN_AUTHENTICATED [source=org.apache.wiki.auth.AuthenticationManager@1c42c135, princpal=org.apache.catalina.realm.GenericPrincipal ofarrell, target=org.apache.wiki.WikiSession@1708e9ad]
> WARN org.apache.wiki.WikiSession JSPWiki:/wiki/Edit.jsp - User profile 'ofarrell' not found. This is normal for container-auth users who haven't set up a profile yet.
> org.apache.wiki.auth.WikiSecurityException: Authorizer did not initialize properly. Check the logs.
> 	at org.apache.wiki.auth.AuthorizationManager.getAuthorizer(AuthorizationManager.java:336)
> 	at org.apache.wiki.auth.AuthenticationManager.login(AuthenticationManager.java:312)
> 	at org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:159)
> {quote}



--
This message was sent by Atlassian JIRA
(v6.2#6252)