cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Sylvain.The...@swisscom.com>
Subject RE: Cocoon 2.1 Authentication Bug? *Please* Help
Date Wed, 27 Aug 2003 09:44:12 GMT
Hi Carsten,

I have also a problem with the authentication Administration.
I can't access to the admin pages since I have added a LDAP transformer inside the authentication
pipeline.

Is it for the same reason?

Thanks
Regards
Sylvain Thevoz


-----Message d'origine-----
De: Carsten Ziegeler [mailto:cziegeler@s-und-n.de]
Date: mardi, 26. août 2003 08:50
À: dev@cocoon.apache.org
Objet: RE: Cocoon 2.1 Authentication Bug? *Please* Help


Hi,

thanks for reporting the NPE, I just committed a patch that
should fix the NPE problem.
Now, from the stacktrace I guess that for any reason your
authentication pipeline, cocoon:/authenticateAdmin is not
working properly. I suggest to use it standalone first,
which means call it directly and pass the parameters
and see what happens.

Now, the difference between cocoon: and cocoon:raw: is, that
cocoon: passes the request parameters of the original request
to the internal request as well and cocoon:raw: not. So,
if you use cocoon: it's usual that you have the parameters twice
as the login action adds the parameters a second time.

Please note, that it has to be cocoon:raw:/ and not cocoon:/raw:/.


HTH
Carsten
> -----Original Message-----
> From: Sonny Sukumar [mailto:ahimsadesi@yahoo.com]
> Sent: Tuesday, August 26, 2003 5:53 AM
> To: dev@cocoon.apache.org
> Subject: Re: Cocoon 2.1 Authentication Bug? *Please* Help
> 
> 
> 
> I still haven't figured this out and am ***really***
> hoping for one of you to help me, as I'm not familiar
> with Cocoon's source code.  The partial stack trace
> I'm getting is:
> 
> java.lang.NullPointerException
> 	at
> org.apache.cocoon.webapps.authentication.components.PipelineAuthen
> ticator.authenticate(PipelineAuthenticator.java:290)
> 	at
> org.apache.cocoon.webapps.authentication.components.DefaultAuthent
> icationManager.login(DefaultAuthenticationManager.java:238)
> 	at
> org.apache.cocoon.webapps.authentication.acting.LoginAction.act(Lo
ginAction.java:118)
> 
> Line 118 in LoginAction.java reads:
> 
> UserHandler handler = authManager.login( handlerName, 
>                                       
> par.getParameter("application", null),
> authenticationParameters); 
> 
> I've been agonizing over this for days, so I really
> need the help.
> 
> --- Sonny Sukumar <ahimsadesi@yahoo.com> wrote:
> > 
> > Hi guys,
> > 
> > I could not get any help for my problem on the
> > Cocoon
> > Users list, so this is my last resort.  I am using
> > Cocoon 2.1 (with Tomcat 4.1.12 with JDK 1.4.1_01). 
> > I 
> > would very much appreciate your help. 
> > 
> > PROBLEM: I don't think the auth-login (LoginAction)
> > is
> > working right.  If I use <authentication
> > uri="cocoon:/authenticateAdmin"/> in the handler, I 
> > always get a NullPointerException in
> >
> org.apache.cocoon.webapps.authentication.components.PipelineAuthen
> ticator.authenticate
> > 
> > at line 290 (that line is 'DocumentFragment
> > authenticationFragment =
> > doc.createDocumentFragment();').  On the other hand,
> > if I use the raw:/ protocol as in <authentication
> > uri="cocoon:/raw:/authenticateAdmin"/>, then I
> > ALWAYS
> > get forwarded to the redirect page, which should
> > never
> > happen with auth-login from what I understand from
> > the
> > docs.
> > 
> > 
> > So can someone explain the reason for using the
> > "raw:/" protocol in the <authentication> tag in the
> > handler? It is there in the documentation
> >
> (http://cocoon.apache.org/2.1/developing/webapps/authentication.html),
> > and it
> > 
> > 1.) ALWAYS causes a redirect to the pipeline set in
> > the <redirect-to> handler tag (for both valid and
> > invalid user name/password combinations), and 
> > 2.) A printout of the "resource" request param on
> > the
> > redirected page shows the user name and password
> > *twice*:
> > 
> >
> /adminLogin?password=mypwd&userName=my_name&userName=my_name&passw
> ord=mypwd
> > 
> > It's also kind of strange how the 1st set is
> > opposite
> > the 2nd set (password first, user name second).  My
> > login test form makes one enter user name first, and
> > password second (like any ordinary login form).
> > 
> > Ok, now here's the relevant sitemap contents:
> > 
> > 
> > <map:component-configurations>   
> >     ...
> >     <authentication-manager>
> >       <handlers>
> >         <!-- Authenticates site administrators. -->
> >         <handler name="adminAuthHandler">
> >           <redirect-to
> > uri="cocoon:/getAdminLoginPage"/>
> >           <!-- Doesn't work, with or without 'raw:/'
> > as explained above-->
> >           <authentication
> > uri="cocoon:/raw:/authenticateAdmin"/>
> >         </handler>
> >       </handlers>
> >     </authentication-manager>
> >     ...
> >   </map:component-configurations>
> > 
> > 
> >   ...
> > 
> > 
> >       <!-- Generate and display the login page.-->
> >       <map:match pattern="getAdminLoginPage">
> >         <map:generate src="myapp/xml/adminLogin.xsp"
> > type="serverpages"/>
> >         <map:transform type="session"/>
> >         <map:serialize type="xml"/>
> >       </map:match>
> > 
> > 
> >       <!-- Try to log in the admin. -->
> >       <map:match pattern="adminLogin">
> >         <map:act type="auth-login">
> >           <map:parameter name="handler"
> > value="adminAuthHandler"/>
> >           <map:parameter name="parameter_userName" 
> > value="{request-param:userName}"/>
> >           <map:parameter name="parameter_password" 
> > value="{request-param:password}"/>
> > 
> > 
> >           <map:read
> > src="myapp/html_test/authSucceeded.html"/>
> >         </map:act>
> > 
> > 
> >         <!-- Authentication failed -->
> >         <map:read
> > src="myapp/html_test/authFailed.html"/>
> >       </map:match>
> > 
> > 
> >       <!-- My auth resource, as defined in the
> > handler. -->
> >       <map:match pattern="authenticateAdmin">
> >         <map:generate
> > src="myapp/xml/authenticateAdmin.xsp" 
> > type="serverpages"/>
> >         <map:serialize type="xml"/>
> >       </map:match>
> > 
> > 
> >       <map:match pattern="adminLogout">
> >         <map:act type="auth-logout">
> >           <map:parameter name="handler"
> > value="adminAuthHandler"/>
> >           <!--+
> >             | ::UNRESOLVED ISSUE:: SS 08/19/03
> >             | Admin logout succeeded, so tell admin
> > in
> > some way, perhaps
> >             | a static page.
> >             +-->
> >         </map:act>
> > 
> > 
> >         <!--+
> > 
> >             | ::UNRESOLVED ISSUE:: SS 08/19/03
> >             | Admin logout failed. Is that even
> > possible?  What to do here?
> >             +-->
> >       </map:match>
> > 
> > 
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! SiteBuilder - Free, easy-to-use web site
> > design software
> > http://sitebuilder.yahoo.com
> 
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> 

Mime
View raw message