On 3/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Well ... Today I have also tried to a standalone version of OC4J (wich > should support servlet specification 2.4), but the same problem. > > I also tried it with TOMCAT 5.5 and guess what ... It worked ... > > However tomcat is not an option on our production environment ... > > The question is: Is roller having problems with OC4J ? Or is OC4J is > having problems with roller ? :-) > > I will try to install roller 2.0 since the problem seems to be situated > with authentication. Since roller 2.1.1 is using acegi I will try to use a > version withour acegi ... > >
My guess is there might be shared libraries between Acegi and OC4J - or you have to grant permissions. I don't know, but I know other servers like GlassFish have had to make modifications to the server code in order to support Acegi. In most cases, Acegi exposes bugs in the servlet containers. ;-) Matt > > > > > "Matt Raible" <[EMAIL PROTECTED]> > 17/03/2006 15:25 > Please respond to > [email protected] > > > To > [email protected] > cc > > Subject > Re: Can't login after register,and no error display > > > > > > > Yes. If you're having issues with Roller on OC4J, I suspect it's > something in OC4J. Is it possible to use a different container? > > Matt > > On 3/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> > wrote: > > I assume that it is possible to install the roller application under a > > different URI then /roller ?? > > > > > > > > > > > > > > [EMAIL PROTECTED] > > 17/03/2006 07:04 > > Please respond to > > [email protected] > > > > > > To > > [email protected] > > cc > > > > Subject > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > Yep ... > > This is what is configured in the web.xml ... > > > > <!-- Acegi Security filters - controls secure access to different parts > of > > > > Roller --> > > <filter-mapping> > > <filter-name>securityFilter</filter-name> > > <url-pattern>/*</url-pattern> > > <dispatcher>REQUEST</dispatcher> > > <dispatcher>FORWARD</dispatcher> > > </filter-mapping> > > > > Yesterday I saw something strange in the loginerror.jsp > > There is a redirect with a comment above saying .... Comment it out on > > OC4J ... > > > > Why ????? > > > > <%@ page import="org.roller.presentation.RollerSession" %> > > <% > > String dest = "login.jsp?error=true"; > > > > // This server-side redirect may work on some servers. > > // Comment it out on OC4J. > > response.sendRedirect(dest); > > %> > > > > <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> > > <html> > > <head> > > <title></title> > > <meta http-equiv="refresh" > > content="0;url=<%= dest %>"> > > </head> > > <body bgcolor="#ffffff"> > > </body> > > </html> > > > > > > > > > > > > "Matt Raible" <[EMAIL PROTECTED]> > > 16/03/2006 16:05 > > Please respond to > > [email protected] > > > > > > To > > [email protected] > > cc > > > > Subject > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > Do you have the securityFilter configured so it applies for both > > requests and forwards? You might need this - using the <dispatcher> > > elements. > > > > Matt > > > > On 3/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > wrote: > > > I downloaded the ACEGI source code and according to me the problem is > > > that the URL I want to access is not a url that needs authentication. > > > > > > Check out the logfile: > > > > > > DEBUG 2006-03-16 15:08:29,492 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 1 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,493 > > HttpSessionContextIntegrationFilter:doFilter > > > - HttpSession returned null object for ACEGI_SECURITY_CONTEXT - new > > > SecurityContext instance associated with SecurityContextHolder > > > DEBUG 2006-03-16 15:08:29,493 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 2 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,498 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 3 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,500 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 4 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,500 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 5 of 8 in additional filter chain; firing > > Filter: > > > > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,501 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 6 of 8 in additional filter chain; firing > > Filter: > > > > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,502 AnonymousProcessingFilter:doFilter - > > > Populated SecurityContextHolder with anonymous token: > > > '[EMAIL PROTECTED]: > > > Username: anonymous; Password: [PROTECTED]; Authenticated: true; > > Details: > > > [EMAIL PROTECTED]: RemoteIpAddress: > > > 10.3.0.4; SessionId: 0a01009bce911dc8dc5682848bb914a9eb68351563e; > > Granted > > > Authorities: ROLE_ANONYMOUS' > > > DEBUG 2006-03-16 15:08:29,503 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 7 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > DEBUG 2006-03-16 15:08:29,504 > > FilterChainProxy$VirtualFilterChain:doFilter > > > - /login.jsp at position 8 of 8 in additional filter chain; firing > > Filter: > > > '[EMAIL PROTECTED]' > > > > > > > > > > > > The only filters that write anything to the log file are the first one > > and > > > the anonymous one (which is normal because I'm not authenticated) ... > > > So, if you check out the AuthenticationProcessingFilter class which > > > extends the AbstractProcessingFilter class you can see the following: > > > > > > if (requiresAuthentication(httpRequest, httpResponse)) { > > > if (logger.isDebugEnabled()) { > > > logger.debug("Request is to process authentication"); > > > } > > > Since the above log sentence is not written to the log file I assume > the > > > URL I want to access is not being described as requires authentication > > ... > > > but it should though ... > > > > > > The definition in security.xml is the following: > > > > > > <bean id="filterInvocationInterceptor" > > > class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> > > > <property name="authenticationManager" > > > ref="authenticationManager"/> > > > <property name="accessDecisionManager" > > > ref="accessDecisionManager"/> > > > <property name="objectDefinitionSource"> > > > <value> > > > PATTERN_TYPE_APACHE_ANT > > > /editor/**=admin,editor > > > /admin/**=admin > > > /rewrite-status*=admin > > > /login-redirect.jsp=admin,editor > > > </value> > > > </property> > > > </bean> > > > > > > Since I kick in the authentication process by clicking on the "login" > > link > > > on the main page (which is actually a link to login-redict.jsp file) I > > > should think that the url should be authenticated if you look at the > > above > > > definition ... > > > > > > > > > I'm really getting good on roller configuration, the only problem is > > that > > > it doesn't work with my configuration ! :-( > > > > > > > > > > > > > > > > > > > > > > > > [EMAIL PROTECTED] > > > 16/03/2006 14:09 > > > Please respond to > > > [email protected] > > > > > > > > > To > > > [email protected] > > > cc > > > [email protected] > > > Subject > > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > > > > > > > > Hello, > > > > > > Me again. > > > > > > Like already stated in the mail below the roller application always > > > authenticates me as anonymous. > > > > > > Are there any other things that need to be changed in the security.xml > > > file so that authentication starts working. > > > I have already changed the things like described in the installation > > guide > > > > > > ... > > > For testing reasons I have granted the ANONYMOUS role access in the > > > security.xml file and then I can go to the main page. > > > > > > However if I try to create a weblog I get a NULL pointer because my > > > session is not associated to a specific user. > > > > > > Pretty pretty please ? > > > > > > Thanks, > > > > > > Best regards, > > > > > > Tom. > > > > > > > > > > > > > > > > > > [EMAIL PROTECTED] > > > 16/03/2006 09:06 > > > Please respond to > > > [email protected] > > > > > > > > > To > > > [email protected] > > > cc > > > > > > Subject > > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > > > > > > > > Since this wouldn't work I'm really getting desperate ... I've got the > > > feeling that it's some kind of a very small configuration change that > is > > > needed ... I also deployed the while application again, but with the > > same > > > result ... > > > > > > I've seen the topic op internet a few times but no one has posted a > > > solution ... > > > > > > What's is also weird is that when enter a non existing username and > > > password I get the same result ... I don't get any error saysing that > > the > > > user doesn't exist or that the combination of username and password > > > doesn't exist ... Does that ring any bell ?? > > > > > > When using a user that does exist and I check the logfile it shows me > > the > > > following: > > > > > > '[EMAIL PROTECTED]: > > > Username: anonymous; Password: [PROTECTED]; Authenticated: true; > > Details: > > > [EMAIL PROTECTED]: RemoteIpAddress: > > > 10.3.0.4; SessionId: 0a01009bce982fe1500a2644bff8a88a16960c5ce9a; > > Granted > > > Authorities: ROLE_ANONYMOUS' > > > > > > This I find weird because the username is anonymous ... While I typed > in > > > > a > > > > > > > > > username ... Weird ... It does say I'm authenticated but with the > > > ANONYMOUS ROLE ... > > > > > > Really hope someone can help me ... > > > > > > > > > Pretty please ? > > > > > > > > > > > > > > > Tommeke <[EMAIL PROTECTED]> > > > 15/03/2006 09:57 > > > Please respond to > > > [email protected] > > > > > > > > > To > > > [email protected] > > > cc > > > > > > Subject > > > Re: Can't login after register,and no error display > > > > > > > > > > > > > > > > > > > > > > > > According to me the problem is situated in the security.xml ... I'm > > > experimenting a little bit ... > > > Check out the installation guide at topic 8.2 > > > -- > > > View this message in context: > > > > > > http://www.nabble.com/Can%27t-login-after-register%2Cand-no-error-display-t1259455c12275.html#a3412153 > > > > > > > > > > > > > > > > > Sent from the Roller - User forum at Nabble.com. > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
