[
https://issues.jboss.org/browse/WFLY-4460?page=com.atlassian.jira.plugin....
]
Mohamed Rifni commented on WFLY-4460:
-------------------------------------
logs from wildfly when login as manager ( always redirects back to login page )
2015-03-24 17:29:13,250 TRACE [org.jboss.security] (default task-17) PBOX000200: Begin
isValid, principal:
org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@85d11e1, cache entry:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838
2015-03-24 17:29:13,251 TRACE [org.jboss.security] (default task-17) PBOX000204: Begin
validateCache, domainInfo:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838,
credential class: class [C
2015-03-24 17:29:13,251 TRACE [org.jboss.security] (default task-17) PBOX000205: End
validateCache, result = true
2015-03-24 17:29:13,251 TRACE [org.jboss.security] (default task-17) PBOX000201: End
isValid, result = true
2015-03-24 17:29:13,275 TRACE [org.jboss.security] (default task-17) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:13,404 TRACE [org.jboss.security] (default task-1) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:13,458 TRACE [org.jboss.security] (default task-6) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,690 TRACE [org.jboss.security] (default task-30) PBOX000200: Begin
isValid, principal:
org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@85d11e1, cache entry:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838
2015-03-24 17:29:14,690 TRACE [org.jboss.security] (default task-30) PBOX000204: Begin
validateCache, domainInfo:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838,
credential class: class [C
2015-03-24 17:29:14,690 TRACE [org.jboss.security] (default task-30) PBOX000205: End
validateCache, result = true
2015-03-24 17:29:14,690 TRACE [org.jboss.security] (default task-30) PBOX000201: End
isValid, result = true
2015-03-24 17:29:14,700 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: {}
2015-03-24 17:29:14,721 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,721 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: {}
2015-03-24 17:29:14,735 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,736 INFO [stdout] (default task-30) ------ manager(a)coderscode.com @
Money Transfer Application
2015-03-24 17:29:14,740 INFO [stdout] (default task-30) ------ before login
2015-03-24 17:29:14,741 TRACE [org.jboss.security] (default task-30) PBOX000200: Begin
isValid, principal:
org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal@85d11e1, cache entry:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838
2015-03-24 17:29:14,741 TRACE [org.jboss.security] (default task-30) PBOX000204: Begin
validateCache, domainInfo:
org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@70e6d838,
credential class: class [C
2015-03-24 17:29:14,741 TRACE [org.jboss.security] (default task-30) PBOX000205: End
validateCache, result = true
2015-03-24 17:29:14,741 TRACE [org.jboss.security] (default task-30) PBOX000201: End
isValid, result = true
2015-03-24 17:29:14,741 INFO [stdout] (default task-30) --------session timeout in 500
2015-03-24 17:29:14,741 INFO [stdout] (default task-30) ------ after login
2015-03-24 17:29:14,742 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: {}
2015-03-24 17:29:14,773 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,773 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: {}
2015-03-24 17:29:14,781 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,784 TRACE [org.jboss.security] (default task-30) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,826 TRACE [org.jboss.security] (default task-27) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,959 TRACE [org.jboss.security] (default task-29) PBOX000354: Setting
security roles ThreadLocal: null
2015-03-24 17:29:14,966 TRACE [org.jboss.security] (default task-31) PBOX000354: Setting
security roles ThreadLocal: null
form login with jdbc realm weird behaviour on different user
roles.xml
----------------------------------------------------------------------
Key: WFLY-4460
URL:
https://issues.jboss.org/browse/WFLY-4460
Project: WildFly
Issue Type: Feature Request
Components: Security
Affects Versions: 8.2.0.Final
Reporter: Mohamed Rifni
Assignee: Darran Lofthouse
I have below user roles in the system,
CASHIER,
AGENTS,
MANAGER
When I try to login as cashier and agents it does work but fails for manager role. I get
redirected back to the login form when I try to login as a user which has a manager role,
this wasnt happening in wildfly 8.0 and today I updated my server to 8.2 and it happens. I
am using standalone.xml. I am using jsf 2.2 and primefaces 5.
I tried on glassfish 4 and it works smoothly like wildfly 8.0.
web.xml
<security-constraint>
<display-name>MANAGER</display-name>
<web-resource-collection>
<web-resource-name>Manager</web-resource-name>
<description/>
<url-pattern>/manager-area/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>MANAGER</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>mtaV4-security-jdbcrealm</realm-name>
<form-login-config>
<form-login-page>/login_home.xhtml</form-login-page>
<form-error-page>/login_home.xhtml</form-error-page>
</form-login-config>
</login-config>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web
xmlns="http://www.jboss.com/xml/ns/javaee">
<context-root/>
<security-domain>mtaV4-security-jdbcrealm</security-domain>
</jboss-web>
standalone-full.xml
<security-domain name="mtaV4-security-jdbcrealm"
cache-type="default">
<authentication>
<login-module code="Database"
flag="required">
<module-option name="dsJndiName"
value="java:/jboss/__MTAV4"/>
<module-option name="principalsQuery"
value="select userpassword from users where email=?"/>
<module-option name="rolesQuery"
value="select role_name, 'Roles' from user_roles where email=?"/>
<module-option name="unauthenticatedIdentity"
value="guest"/>
</login-module>
</authentication>
</security-domain>
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)