Well ... Today I have also tried to a standalone version of OC4J (wich should support servlet specification 2.4), but the same problem.
I also tried it with TOMCAT 5.5 and guess what ... It worked ... However tomcat is not an option on our production environment ... The question is: Is roller having problems with OC4J ? Or is OC4J is having problems with roller ? :-) I will try to install roller 2.0 since the problem seems to be situated with authentication. Since roller 2.1.1 is using acegi I will try to use a version withour acegi ... "Matt Raible" <[EMAIL PROTECTED]> 17/03/2006 15:25 Please respond to [email protected] To [email protected] cc Subject Re: Can't login after register,and no error display Yes. If you're having issues with Roller on OC4J, I suspect it's something in OC4J. Is it possible to use a different container? Matt On 3/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I assume that it is possible to install the roller application under a > different URI then /roller ?? > > > > > > > [EMAIL PROTECTED] > 17/03/2006 07:04 > Please respond to > [email protected] > > > To > [email protected] > cc > > Subject > Re: Can't login after register,and no error display > > > > > > > Yep ... > This is what is configured in the web.xml ... > > <!-- Acegi Security filters - controls secure access to different parts of > > Roller --> > <filter-mapping> > <filter-name>securityFilter</filter-name> > <url-pattern>/*</url-pattern> > <dispatcher>REQUEST</dispatcher> > <dispatcher>FORWARD</dispatcher> > </filter-mapping> > > Yesterday I saw something strange in the loginerror.jsp > There is a redirect with a comment above saying .... Comment it out on > OC4J ... > > Why ????? > > <%@ page import="org.roller.presentation.RollerSession" %> > <% > String dest = "login.jsp?error=true"; > > // This server-side redirect may work on some servers. > // Comment it out on OC4J. > response.sendRedirect(dest); > %> > > <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> > <html> > <head> > <title></title> > <meta http-equiv="refresh" > content="0;url=<%= dest %>"> > </head> > <body bgcolor="#ffffff"> > </body> > </html> > > > > > > "Matt Raible" <[EMAIL PROTECTED]> > 16/03/2006 16:05 > Please respond to > [email protected] > > > To > [email protected] > cc > > Subject > Re: Can't login after register,and no error display > > > > > > > Do you have the securityFilter configured so it applies for both > requests and forwards? You might need this - using the <dispatcher> > elements. > > Matt > > On 3/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> > wrote: > > I downloaded the ACEGI source code and according to me the problem is > > that the URL I want to access is not a url that needs authentication. > > > > Check out the logfile: > > > > DEBUG 2006-03-16 15:08:29,492 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 1 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,493 > HttpSessionContextIntegrationFilter:doFilter > > - HttpSession returned null object for ACEGI_SECURITY_CONTEXT - new > > SecurityContext instance associated with SecurityContextHolder > > DEBUG 2006-03-16 15:08:29,493 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 2 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,498 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 3 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,500 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 4 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,500 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 5 of 8 in additional filter chain; firing > Filter: > > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,501 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 6 of 8 in additional filter chain; firing > Filter: > > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,502 AnonymousProcessingFilter:doFilter - > > Populated SecurityContextHolder with anonymous token: > > '[EMAIL PROTECTED]: > > Username: anonymous; Password: [PROTECTED]; Authenticated: true; > Details: > > [EMAIL PROTECTED]: RemoteIpAddress: > > 10.3.0.4; SessionId: 0a01009bce911dc8dc5682848bb914a9eb68351563e; > Granted > > Authorities: ROLE_ANONYMOUS' > > DEBUG 2006-03-16 15:08:29,503 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 7 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > DEBUG 2006-03-16 15:08:29,504 > FilterChainProxy$VirtualFilterChain:doFilter > > - /login.jsp at position 8 of 8 in additional filter chain; firing > Filter: > > '[EMAIL PROTECTED]' > > > > > > > > The only filters that write anything to the log file are the first one > and > > the anonymous one (which is normal because I'm not authenticated) ... > > So, if you check out the AuthenticationProcessingFilter class which > > extends the AbstractProcessingFilter class you can see the following: > > > > if (requiresAuthentication(httpRequest, httpResponse)) { > > if (logger.isDebugEnabled()) { > > logger.debug("Request is to process authentication"); > > } > > Since the above log sentence is not written to the log file I assume the > > URL I want to access is not being described as requires authentication > ... > > but it should though ... > > > > The definition in security.xml is the following: > > > > <bean id="filterInvocationInterceptor" > > class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> > > <property name="authenticationManager" > > ref="authenticationManager"/> > > <property name="accessDecisionManager" > > ref="accessDecisionManager"/> > > <property name="objectDefinitionSource"> > > <value> > > PATTERN_TYPE_APACHE_ANT > > /editor/**=admin,editor > > /admin/**=admin > > /rewrite-status*=admin > > /login-redirect.jsp=admin,editor > > </value> > > </property> > > </bean> > > > > Since I kick in the authentication process by clicking on the "login" > link > > on the main page (which is actually a link to login-redict.jsp file) I > > should think that the url should be authenticated if you look at the > above > > definition ... > > > > > > I'm really getting good on roller configuration, the only problem is > that > > it doesn't work with my configuration ! :-( > > > > > > > > > > > > > > > > [EMAIL PROTECTED] > > 16/03/2006 14:09 > > Please respond to > > [email protected] > > > > > > To > > [email protected] > > cc > > [email protected] > > Subject > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > Hello, > > > > Me again. > > > > Like already stated in the mail below the roller application always > > authenticates me as anonymous. > > > > Are there any other things that need to be changed in the security.xml > > file so that authentication starts working. > > I have already changed the things like described in the installation > guide > > > > ... > > For testing reasons I have granted the ANONYMOUS role access in the > > security.xml file and then I can go to the main page. > > > > However if I try to create a weblog I get a NULL pointer because my > > session is not associated to a specific user. > > > > Pretty pretty please ? > > > > Thanks, > > > > Best regards, > > > > Tom. > > > > > > > > > > > > [EMAIL PROTECTED] > > 16/03/2006 09:06 > > Please respond to > > [email protected] > > > > > > To > > [email protected] > > cc > > > > Subject > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > Since this wouldn't work I'm really getting desperate ... I've got the > > feeling that it's some kind of a very small configuration change that is > > needed ... I also deployed the while application again, but with the > same > > result ... > > > > I've seen the topic op internet a few times but no one has posted a > > solution ... > > > > What's is also weird is that when enter a non existing username and > > password I get the same result ... I don't get any error saysing that > the > > user doesn't exist or that the combination of username and password > > doesn't exist ... Does that ring any bell ?? > > > > When using a user that does exist and I check the logfile it shows me > the > > following: > > > > '[EMAIL PROTECTED]: > > Username: anonymous; Password: [PROTECTED]; Authenticated: true; > Details: > > [EMAIL PROTECTED]: RemoteIpAddress: > > 10.3.0.4; SessionId: 0a01009bce982fe1500a2644bff8a88a16960c5ce9a; > Granted > > Authorities: ROLE_ANONYMOUS' > > > > This I find weird because the username is anonymous ... While I typed in > > a > > > > > > username ... Weird ... It does say I'm authenticated but with the > > ANONYMOUS ROLE ... > > > > Really hope someone can help me ... > > > > > > Pretty please ? > > > > > > > > > > Tommeke <[EMAIL PROTECTED]> > > 15/03/2006 09:57 > > Please respond to > > [email protected] > > > > > > To > > [email protected] > > cc > > > > Subject > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > > > According to me the problem is situated in the security.xml ... I'm > > experimenting a little bit ... > > Check out the installation guide at topic 8.2 > > -- > > View this message in context: > > > http://www.nabble.com/Can%27t-login-after-register%2Cand-no-error-display-t1259455c12275.html#a3412153 > > > > > > > > > > Sent from the Roller - User forum at Nabble.com. > > > > > > > > > > > > > > > >
