[jboss-jira] [JBoss JIRA] (WFLY-4460) form login with jdbc realm weird behaviour on different user roles.xml
Mohamed Rifni (JIRA)
issues at jboss.org
Tue Mar 24 13:27:19 EDT 2015
[ https://issues.jboss.org/browse/WFLY-4460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13053094#comment-13053094 ]
Mohamed Rifni commented on WFLY-4460:
-------------------------------------
logs from wildfly when try to login as a cashier ( cashier login works )
2015-03-24 17:26:25,254 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: {}
2015-03-24 17:26:25,257 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,257 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: {}
2015-03-24 17:26:25,262 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,263 INFO [stdout] (default task-25) ------ accra_ghana_branch_cashier at coderscode.com @ Money Transfer Application
2015-03-24 17:26:25,283 INFO [stdout] (default task-25) ------ before login
2015-03-24 17:26:25,283 TRACE [org.jboss.security] (default task-25) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,284 TRACE [org.jboss.security] (default task-25) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,284 TRACE [org.jboss.security] (default task-25) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,284 TRACE [org.jboss.security] (default task-25) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,284 INFO [stdout] (default task-25) --------session timeout in 500
2015-03-24 17:26:25,284 INFO [stdout] (default task-25) ------ after login
2015-03-24 17:26:25,285 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: {}
2015-03-24 17:26:25,288 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,288 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: {}
2015-03-24 17:26:25,316 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,333 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: {}
2015-03-24 17:26:25,350 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,366 TRACE [org.jboss.security] (default task-25) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,376 TRACE [org.jboss.security] (default task-23) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,376 TRACE [org.jboss.security] (default task-23) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,376 TRACE [org.jboss.security] (default task-23) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,376 TRACE [org.jboss.security] (default task-23) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,427 TRACE [org.jboss.security] (default task-23) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,506 TRACE [org.jboss.security] (default task-27) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,526 TRACE [org.jboss.security] (default task-26) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,530 TRACE [org.jboss.security] (default task-26) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,530 TRACE [org.jboss.security] (default task-2) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,531 TRACE [org.jboss.security] (default task-2) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,531 TRACE [org.jboss.security] (default task-2) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,531 TRACE [org.jboss.security] (default task-2) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,532 TRACE [org.jboss.security] (default task-2) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,532 TRACE [org.jboss.security] (default task-26) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,534 TRACE [org.jboss.security] (default task-22) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,534 TRACE [org.jboss.security] (default task-22) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,534 TRACE [org.jboss.security] (default task-22) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,534 TRACE [org.jboss.security] (default task-22) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,536 TRACE [org.jboss.security] (default task-22) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,537 TRACE [org.jboss.security] (default task-22) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,537 TRACE [org.jboss.security] (default task-17) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,538 TRACE [org.jboss.security] (default task-27) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,550 TRACE [org.jboss.security] (default task-29) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,566 TRACE [org.jboss.security] (default task-31) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,568 TRACE [org.jboss.security] (default task-31) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,568 TRACE [org.jboss.security] (default task-31) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,568 TRACE [org.jboss.security] (default task-31) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,573 TRACE [org.jboss.security] (default task-31) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,585 TRACE [org.jboss.security] (default task-3) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,585 TRACE [org.jboss.security] (default task-3) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,585 TRACE [org.jboss.security] (default task-3) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,585 TRACE [org.jboss.security] (default task-3) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,588 TRACE [org.jboss.security] (default task-32) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,588 TRACE [org.jboss.security] (default task-32) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,588 TRACE [org.jboss.security] (default task-32) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,588 TRACE [org.jboss.security] (default task-32) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,590 TRACE [org.jboss.security] (default task-32) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,598 TRACE [org.jboss.security] (default task-3) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,669 TRACE [org.jboss.security] (default task-7) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,766 TRACE [org.jboss.security] (default task-9) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,766 TRACE [org.jboss.security] (default task-9) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,767 TRACE [org.jboss.security] (default task-9) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,767 TRACE [org.jboss.security] (default task-9) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,768 TRACE [org.jboss.security] (default task-9) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,769 TRACE [org.jboss.security] (default task-12) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,769 TRACE [org.jboss.security] (default task-12) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,769 TRACE [org.jboss.security] (default task-12) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,769 TRACE [org.jboss.security] (default task-12) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,770 TRACE [org.jboss.security] (default task-12) PBOX000354: Setting security roles ThreadLocal: null
2015-03-24 17:26:25,774 TRACE [org.jboss.security] (default task-4) PBOX000200: Begin isValid, principal: org.wildfly.extension.undertow.security.AccountImpl$AccountPrincipal at 45eddb0d, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d
2015-03-24 17:26:25,775 TRACE [org.jboss.security] (default task-4) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo at 165851d, credential class: class [C
2015-03-24 17:26:25,775 TRACE [org.jboss.security] (default task-4) PBOX000205: End validateCache, result = true
2015-03-24 17:26:25,775 TRACE [org.jboss.security] (default task-4) PBOX000201: End isValid, result = true
2015-03-24 17:26:25,777 TRACE [org.jboss.security] (default task-4) PBOX000354: Setting security roles ThreadLocal: null
> form login with jdbc realm weird behaviour on different user roles.xml
> ----------------------------------------------------------------------
>
> Key: WFLY-4460
> URL: https://issues.jboss.org/browse/WFLY-4460
> Project: WildFly
> Issue Type: Feature Request
> Components: Security
> Affects Versions: 8.2.0.Final
> Reporter: Mohamed Rifni
> Assignee: Darran Lofthouse
>
> I have below user roles in the system,
> CASHIER,
> AGENTS,
> MANAGER
> When I try to login as cashier and agents it does work but fails for manager role. I get redirected back to the login form when I try to login as a user which has a manager role, this wasnt happening in wildfly 8.0 and today I updated my server to 8.2 and it happens. I am using standalone.xml. I am using jsf 2.2 and primefaces 5.
> I tried on glassfish 4 and it works smoothly like wildfly 8.0.
> web.xml
> <security-constraint>
> <display-name>MANAGER</display-name>
> <web-resource-collection>
> <web-resource-name>Manager</web-resource-name>
> <description/>
> <url-pattern>/manager-area/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <description/>
> <role-name>MANAGER</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>mtaV4-security-jdbcrealm</realm-name>
> <form-login-config>
> <form-login-page>/login_home.xhtml</form-login-page>
> <form-error-page>/login_home.xhtml</form-error-page>
> </form-login-config>
> </login-config>
> jboss-web.xml
> <?xml version="1.0" encoding="UTF-8"?>
> <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee">
> <context-root/>
> <security-domain>mtaV4-security-jdbcrealm</security-domain>
> </jboss-web>
> standalone-full.xml
> <security-domain name="mtaV4-security-jdbcrealm" cache-type="default">
> <authentication>
> <login-module code="Database" flag="required">
> <module-option name="dsJndiName" value="java:/jboss/__MTAV4"/>
> <module-option name="principalsQuery" value="select userpassword from users where email=?"/>
> <module-option name="rolesQuery" value="select role_name, 'Roles' from user_roles where email=?"/>
> <module-option name="unauthenticatedIdentity" value="guest"/>
> </login-module>
> </authentication>
> </security-domain>
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list