[gatein-issues] [JBoss JIRA] Commented: (GTNPORTAL-1048) GateIn+SSO integration: IdentityException thrown in special case when HTTP session expire
[
https://jira.jboss.org/jira/browse/GTNPORTAL-1048?page=com.atlassian.jira...
]
Marek Posolda commented on GTNPORTAL-1048:
------------------------------------------
It's possible to simulate it without doing SSO integration. IDE debugger can be used
for simulating it. Doing steps:
1) Go to http://localhost:8080/portal
2) Click to "Sign in" and wait for GateIn dialog.
3) Fill "root"/"gtn"
4) Add breakpoint to class org.exoplatform.web.CacheUserProfileFilter - line 62 (line with
orgService.getUserHandler().findUserByName)
5) Go back to browser and click to "Sign in " button
6) Wait for IDE to go into breakpoint in CacheUserProfileFilter class.
7) Wait 2 minutes or more (cache expiration time on
org.picketlink.idm.impl.api.session.managers.PersistenceManagerImpl class)
8) Click F8 in Eclipse IDE to continue with progress.
I hope this scenario is more easy to simulate then integration with JOSSO or OpenSSO :-)
GateIn+SSO integration: IdentityException thrown in special case when
HTTP session expire
-----------------------------------------------------------------------------------------
Key: GTNPORTAL-1048
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-1048
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.0.0-GA
Environment: GateIn trunk (revision 2479) with JBoss 5.1.0,
Picketlink IDM version: 1.1.2.CR01,
JOSSO 1.8.1 +Tomcat bundle integrated with GateIn and running on localhost:8888,
Reporter: Marek Posolda
Attachments: identityException-createCriteria.txt,
identityException-screenshot.png
I have GateIn configured with OpenSSO according to instructions in reference guide. And
going throught this scenario:
1) Go to http://localhist:8080/portal
2) Click to "sign in" and login as root with OpenSSO console. User is
redirected back to GateIn and correctly logged
3) Wait 5 minutes (Assumption is that session expiration is configured to be 1 minute in
gatein.ear/02portal.war/WEB-INF/web.xml)
4) Go to http://localhost:8080/portal/private/classic . Now I should be logged directly
into GateIn because of SSO cookie. And I am really is logged but I am not seeing user full
name (see attached screenshot). And exception is in server log (IdentityObjectType[USER]
not present in the store. Caused by: org.hibernate.HibernateException: createCriteria is
not valid without active transaction) Full exception is in server log.
I tried to debug and I founded that Hibernate transaction is not started when calling
orgService.getUserHandler().findUserByName(state.getIdentity().getUserId() from
CacheUserProfileFilter. It doesn't occur during normal user login because User object
is cached in PersistenceManagerImpl.findUser(). But problem occur when User is not cached
when findUserByName is called from CacheUserProfileFilter.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira