[jboss-jira] [JBoss JIRA] Work started: (JBPORTAL-2075) CMS failure in jboss-portal-ha when LDAP is used for authentication

CMS failure in jboss-portal-ha when LDAP is used for authentication ------------------------------------------------------------------- Key: JBPORTAL-2075 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2075 Project: JBoss Portal Issue Type: Bug Security Level: Public(Everyone can see) Components: Portal CMS Affects Versions: 2.6.5 SP1 Environment: OpenDS as LDAP server Reporter: Martin Putz Assignee: Sohil Shah 1. Used JBoss AS EAP 4.3 with all configuration (profile) and deployed JBoss Portal 2.6.5 HA Bundle on top of it. 2. Configured portal to use OpenDS (LDAP) for user, role and membership information. 3. Started up both the cluster nodes and logged in to Portal 4. Created a new instance of default CMSWindow and added a security protected CMS resource to it. ( e.g. /default/content/private/license.html) Added this new instance of CMSWindow to the default portal page. 5. When I visit the default portal page (on node1) ( home page ), if user is logged in, the protected resource aka the license.html is shown and if the user is not logged in Access denied message is shown instead of the CMSWindow2 content. So far everything is fine and as expected. 6. When the default portal page (on node2) is accessed without a user being logged in, a '404 Page Not found' is shown instead of the 'Access denied message' 7. With user being logged in, now shut down the active node that was being accessed over a load balancer. Hit refresh or visit the portal again. Result: User is not asked to login again as the session is correctly replicated. However, for the protected CMS resource a "404 Page Not found" is shown. Everything works fine if the User,Role information is coming from database store. It looks like in case of LDAP store the security (aka Role information ) is not available on the replicated cluster node.