[jboss-jira] [JBoss JIRA] Work started: (JBPORTAL-2075) CMS failure in jboss-portal-ha when LDAP is used for authentication

Sohil Shah (JIRA) jira-events at lists.jboss.org
Thu Jul 17 00:30:52 EDT 2008 

     [ https://jira.jboss.org/jira/browse/JBPORTAL-2075?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Work on JBPORTAL-2075 started by Sohil Shah.

> CMS failure in jboss-portal-ha when LDAP is used for authentication
> -------------------------------------------------------------------
>
>                 Key: JBPORTAL-2075
>                 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2075
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal CMS
>    Affects Versions: 2.6.5 SP1
>         Environment: OpenDS as LDAP server
>            Reporter: Martin Putz
>            Assignee: Sohil Shah
>
> 1. Used JBoss AS EAP 4.3 with all configuration (profile) and deployed JBoss Portal 2.6.5 HA Bundle on top of it.
> 2. Configured portal to use OpenDS (LDAP) for user, role and membership information.
> 3. Started up both the cluster nodes and logged in to Portal 
> 4. Created a new instance of default CMSWindow and added a security protected CMS resource to it. ( e.g. /default/content/private/license.html) Added this new instance of CMSWindow to the default portal page.
> 5. When I visit the default portal page (on node1) ( home page ), if user is logged in, the protected resource aka the license.html is shown and if the user is not logged in Access denied message is shown instead of the CMSWindow2 content. So far everything is fine and as expected.
> 6. When the default portal page (on node2) is accessed without a user being logged in, a '404 Page Not found' is shown instead of the 'Access denied message' 
> 7. With user being logged in, now shut down the active node that was being accessed over a load balancer. Hit refresh or visit the portal again.
> Result:
>  User is not asked to login again as the session is correctly replicated. However, for the protected CMS resource a "404 Page Not found" is shown.
>  Everything works fine if the User,Role information is coming from database store.
>  It looks like in case of LDAP store the security (aka Role information ) is not available on the replicated cluster node. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list