Hi,
I am working on jira issue[1]. I could reproduce the issue in a cluster
with ELB, manager node and a worker node using ESB 4.8.0. When a login
attempt is triggered,
1. login() method of AuthenticationAdmin.java (line 62 of [2]) set
boolean values for "isAuthenticated" and "isAuthorized".
2. Both values set to true in workerNode (eg: for admin user login
attempt)
3. Initially "isAuthenticated" value set to true (line 101), due to a
return value of authenticate() method in AbstractUserStoreManager.java[3].
4. authenticate() method does not check if CarbonUtils.isWorkerNode() is
set to true or false.
In order to fix the issue I can check CarbonUtils.isWorkerNode() value in
login() method of AuthenticationAdmin.java as follows.
boolean isAuthenticated = CarbonUtils.isWorkerNode() ? false :
realm.getUserStoreManager().authenticate(username, password);
or use authenticate() method in AbstractUserStoreManager.java to check
isWorkerNode() value in a if condition. What would be the best option? Is
there a better way to fix this?
[1] https://wso2.org/jira/browse/CARBON-14793
[2]
https://github.com/wso2-dev/carbon4-kernel/blob/master/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
[3]
https://github.com/wso2-dev/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/common/AbstractUserStoreManager.java
Thanks,
Nipuni
--
Nipuni Perera
Software Engineer; WSO2 Inc.; http://wso2.com
Email: nip...@wso2.com
Git hub profile: https://github.com/nipuni
Mobile: +94 (71) 5626680
<http://wso2.com>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
