geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan (JIRA)" <>
Subject [jira] Updated: (GERONIMO-5662) j_security_check 404 not found against security realm authentication
Date Thu, 04 Nov 2010 02:10:42 GMT


Ivan updated GERONIMO-5662:

    Attachment: ie.txt

I investigated this issue a bit, it is related to cache, but the reason why it works on IE,
not on Firefox is due to the header : if-modified-since
Comparing the request headers, Firefox does post the request as expected, but a header "if-modified-since"
is added, and the server returns Not Modified directly. And with IE, it did not send that
header by default ( need to configure it on the IE -> options ). The reason why adding
the no-store works is that it prevents Firefox adding the "if-modified-since" header. 
In my opinion, the root cause is that we failed to recover the stored request in the formauthenticator.

I committed some changes to trunk at rev.1030801

> j_security_check 404 not found against security realm authentication
> --------------------------------------------------------------------
>                 Key: GERONIMO-5662
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: console
>    Affects Versions: 3.0
>         Environment: OS:Windows XP SP3
> Java Version: 1.6.0_20
> Server:Geronimo 3.0-SNAPSHOT 
>            Reporter: Zhen Zhang
>            Assignee:
>            Priority: Minor
>             Fix For: 3.0
>         Attachments: after-ff.txt, before-ff.txt, G5662.patch, G5662_New.patch, ie.txt,
> setps to recur:
> 1. start the Geronimo server, and then open the admin console. 
> 2.In security realms portlet, click on "Add new security realm" link.
> 3.Select realm name and use "test-prop-file-realm" for realm-name, and then select Properties
File Realm and click on "Next" button.
> 4.Enter Users File URI (var/security/ and Groups File URI ( var/security/
and click on "Next" button.
> 5.Click on "Skip Test and Deploy" button.
> 6. Check the  realm named  "test-prop-file-realm"  should be listed in the security realms
> 7.Deploy geronimo-ldap-demo-1.1.war using plan file prop-file-realm-tester.xml and access
the application at http://localhost:8080/prop-file-realm-test
> 8.Access "Protect" link to verify that the realm is functional.Input  username:system,
password: manager
> 9.Login page just refreshed, not redirect to /protect/hello.html  success page. And click
"login" again, got an 404 not found error. This problem exists on Firefox and chrome, fine
on IE

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message