Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 82DFF200D34 for ; Fri, 3 Nov 2017 15:51:05 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 816DE160BFC; Fri, 3 Nov 2017 14:51:05 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id A0E09160BE9 for ; Fri, 3 Nov 2017 15:51:04 +0100 (CET) Received: (qmail 71745 invoked by uid 500); 3 Nov 2017 14:51:03 -0000 Mailing-List: contact issues-help@geode.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@geode.apache.org Delivered-To: mailing list issues@geode.apache.org Received: (qmail 71736 invoked by uid 99); 3 Nov 2017 14:51:03 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 Nov 2017 14:51:03 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 07B23DE7D1 for ; Fri, 3 Nov 2017 14:51:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.202 X-Spam-Level: X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id twTklOpB5eOM for ; Fri, 3 Nov 2017 14:51:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id D93DC5FC38 for ; Fri, 3 Nov 2017 14:51:00 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 5F669E0DF0 for ; Fri, 3 Nov 2017 14:51:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 1E231241A0 for ; Fri, 3 Nov 2017 14:51:00 +0000 (UTC) Date: Fri, 3 Nov 2017 14:51:00 +0000 (UTC) From: =?utf-8?Q?Juan_Jos=C3=A9_Ramos_Cassella_=28JIRA=29?= To: issues@geode.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Assigned] (GEODE-3951) ClassCastException in PULSE Logout - Default Configurations MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 03 Nov 2017 14:51:05 -0000 [ https://issues.apache.org/jira/browse/GEODE-3951?page=3Dcom.atlassia= n.jira.plugin.system.issuetabpanels:all-tabpanel ] Juan Jos=C3=A9 Ramos Cassella reassigned GEODE-3951: ----------------------------------------------- Assignee: Juan Jos=C3=A9 Ramos Cassella > ClassCastException in PULSE Logout - Default Configurations > ----------------------------------------------------------- > > Key: GEODE-3951 > URL: https://issues.apache.org/jira/browse/GEODE-3951 > Project: Geode > Issue Type: Bug > Components: pulse > Reporter: Juan Jos=C3=A9 Ramos Cassella > Assignee: Juan Jos=C3=A9 Ramos Cassella > > The issue is 100% reproducible (latest {{develop}} branch) when using PUL= SE in embedded mode and the default configurations, *the integrated securit= y feature must not be enabled*. > Steps to reproduce: > {noformat} > 1. Start locator: gfsh start locator --name=3Dlocator1. > 2. Open Pulse: gfsh start pulse. > 3. Login into pulse application. > 4. Click on the logout button. > {noformat} > At this stage, the following exception will be shown: > {code} > HTTP ERROR 500 > Problem accessing /pulse/clusterLogout. Reason: > Server Error > Caused by: > java.lang.ClassCastException: org.springframework.security.authentication= .UsernamePasswordAuthenticationToken cannot be cast to org.apache.geode.too= ls.pulse.internal.security.GemFireAuthentication > =09at org.apache.geode.tools.pulse.internal.security.LogoutHandler.onLogo= utSuccess(LogoutHandler.java:43) > =09at org.springframework.security.web.authentication.logout.LogoutFilter= .doFilter(LogoutFilter.java:111) > =09at org.springframework.security.web.FilterChainProxy$VirtualFilterChai= n.doFilter(FilterChainProxy.java:331) > =09at org.springframework.security.web.header.HeaderWriterFilter.doFilter= Internal(HeaderWriterFilter.java:64) > =09at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePe= rRequestFilter.java:107) > =09at org.springframework.security.web.FilterChainProxy$VirtualFilterChai= n.doFilter(FilterChainProxy.java:331) > =09at org.springframework.security.web.context.request.async.WebAsyncMana= gerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java= :56) > =09at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePe= rRequestFilter.java:107) > =09at org.springframework.security.web.FilterChainProxy$VirtualFilterChai= n.doFilter(FilterChainProxy.java:331) > =09at org.springframework.security.web.context.SecurityContextPersistence= Filter.doFilter(SecurityContextPersistenceFilter.java:105) > =09at org.springframework.security.web.FilterChainProxy$VirtualFilterChai= n.doFilter(FilterChainProxy.java:331) > =09at org.springframework.security.web.FilterChainProxy.doFilterInternal(= FilterChainProxy.java:214) > =09at org.springframework.security.web.FilterChainProxy.doFilter(FilterCh= ainProxy.java:177) > =09at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate= (DelegatingFilterProxy.java:346) > =09at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Deleg= atingFilterProxy.java:262) > =09at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(Servl= etHandler.java:1668) > =09at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.ja= va:581) > =09at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler= .java:143) > =09at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.j= ava:548) > =09at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHan= dler.java:226) > =09at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHan= dler.java:1180) > =09at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.jav= a:511) > =09at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHand= ler.java:185) > =09at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHand= ler.java:1112) > =09at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler= .java:141) > =09at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCo= llection.java:119) > =09at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapp= er.java:134) > =09at org.eclipse.jetty.server.Server.handle(Server.java:524) > =09at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319) > =09at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.j= ava:253) > =09at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(Abst= ractConnection.java:273) > =09at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) > =09at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPo= int.java:93) > =09at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.execut= eProduceConsume(ExecuteProduceConsume.java:303) > =09at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produc= eConsume(ExecuteProduceConsume.java:148) > =09at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(Ex= ecuteProduceConsume.java:136) > =09at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadP= ool.java:671) > =09at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPo= ol.java:589) > =09at java.lang.Thread.run(Thread.java:745) > {code} > The problem is within the {{LogoutHandler}} class, it's always trying to = get an instance of {{GemFireAuthentication}} through downcasting, but the {= {Authentication}} object is an instance of {{GemFireAuthentication}} *only*= when the Integrated Security feature is used. This means that the {{Logout= Handler}} will only be successful when the profile {{pulse.authentication.g= emfire}} is active and the {{GemFireAuthenticationProvider}} is in charge. = In the default case scenario, on the other hand, the {{Authentication}} obj= ect is populated by the default classes from {{spring-security}} and, thus,= the exception is thrown. > The fix should be quick and without major impact, anyway: the filter actu= ally doesn't need to downcast to {{GemFireAuthentication}} since there's no= thing extra on that object that needs to be used by the handler, it just ne= eds to use the instance of {{Authentication}} as follows: > {code:java;title=3DLogoutHandler.java} > public void onLogoutSuccess(HttpServletRequest request, HttpServletRespon= se response, Authentication authentication) throws IOException, ServletExce= ption { > =09logger.debug("Invoked #LogoutHandler ..."); > if (authentication !=3D null) { > =09Repository.get().logoutUser(authentication.getName()); > =09logger.info("#LogoutHandler : Closing GemFireAuthentication JMX Co= nnection..."); > =09} > =09super.onLogoutSuccess(request, response, authentication); > } > {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029)