jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jerry Malcolm <techst...@malcolms.com>
Subject Re: Login issues after upgrade - mgr.isContainerAuthenticated() has incorrect value
Date Wed, 03 Jul 2019 20:28:35 GMT
Thanks, Ulf.  At least I know it's not just me.  Are any developers of 
JSPWiki monitoring this forum?

I debugged this down to the isConstrained(...) method in 
org.apache.wiki.auth.authorizer.WebContainerAuthorizer.java.  I'm not 
sure of the reason for adding the "j:" tag qualifier prefix. Comment 
says it is required for J2EE 2.3.  But it's searching for 
<j:url-contstraint> and other "j:" tags in web.xml, which aren't there.  
And the search is failing.  So basically it is not finding /Login.jsp 
and /Delete.jsp constraints even though they are present and in the 
correct location (and uncommented).  I tried adding the "j:" prefixes to 
my web.xml.  But the webapp wouldn't even start with prefixes manually 
added.   So the problem is straightforward.  It may have nothing to do 
with the "j:" prefix.  But that line that search for the constraint tag 
is still failing.  I ultimately get the log entry that says "JSPWiki is 
using custom authentication." from the WebContainerAuthorizer class even 
though web.xml is configured for container-managed authentication.

So I'm dead with this release.  Either I'm doing something horribly 
wrong or there is a serious bug in the WebContainerAuthorizer code.  But 
I've gone as far as I can go short of having to modify JSPWiki and build 
my own release (which I do NOT want to do or have time to do).

Can someone tell me what I'm doing wrong and/or how many releases back I 
have to go (and where to find archived releases) in order to get my 
sites back online for my clients?

Will a developer PLEASE reply?


On 7/3/2019 1:33 AM, Ulf Dittmer wrote:

> I have not gotten container auth to work with 2.11.0.M3. I'm quite familiar
> with Java web apps, so I know what to comment and what not in web.xml, but
> no dice. I don't use SSO, though. But container auth works fine with other
> web apps on the same Tomcat instance.
> Ulf

View raw message