[JSPWIKI-840] Container Managed Security Not Working - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Duplicate
Affects Version/s: 2.10
Fix Version/s: 2.10.1
Component/s: Authentication & Authorization
Labels:
None
Environment:

Tomcat 7.0.42
Java 1.7.0_51
Windows 2008R2

Description

In order to set up container-managed security, I've set set jspwiki.security to 'off' and uncommented the security constraints defined in the deployment descriptor.

However, by setting jspwiki.security to off, no AuthorizationManager registers itself with the WikiEngine. As a result, all logins fail with the following exception:

INFO SecurityLog CMO Development Services Wiki:/wiki/Edit.jsp - WikiSecurityEvent.LOGIN_AUTHENTICATED [source=org.apache.wiki.auth.AuthenticationManager@1c42c135, princpal=org.apache.catalina.realm.GenericPrincipal ofarrell, target=org.apache.wiki.WikiSession@1708e9ad]
WARN org.apache.wiki.WikiSession JSPWiki:/wiki/Edit.jsp - User profile 'ofarrell' not found. This is normal for container-auth users who haven't set up a profile yet.
org.apache.wiki.auth.WikiSecurityException: Authorizer did not initialize properly. Check the logs.
at org.apache.wiki.auth.AuthorizationManager.getAuthorizer(AuthorizationManager.java:336)
at org.apache.wiki.auth.AuthenticationManager.login(AuthenticationManager.java:312)
at org.apache.wiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:159)

Attachments

Issue Links

relates to

JSPWIKI-841 Container Managed Security Not Working

Open

Activity

People

Assignee:: Unassigned

Reporter:: Owen Farrell

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/May/14 20:33

Updated:: 01/Jun/14 17:52

Resolved:: 20/May/14 22:18