#33 weird behaviour

v0.80 beta2
closed-fixed
None
5
2006-06-05
2006-05-26
maxi
No

Start tomcat then login like admin (could be any user),
go to administration section, then stop tomcat and
start it again. In the jGuardExample go to manage
users, you will see that in the profile said:
* First Name:unknown
* Last Name:unknown
* location:no location

seems to be that we missed the credentials in the
subject but still you can access to the pages that
authorize the admin principal, so we don't missed the
principals .
If you hit loggOff button a null pointer exception is
raised:
java.lang.NullPointerException
net.sf.jguard.authentication.http.AccessFilter.logoff(AccessFilter.java:696)
net.sf.jguard.authentication.http.AccessFilter.doFilter(AccessFilter.java:389)

Cheers
Maxi

Discussion

  • maxi
    maxi
    2006-05-26

    • summary: wierd behaviour --> weird behaviour
     
  • Charles Lescot
    Charles Lescot
    2006-06-02

    Logged In: YES
    user_id=824172

    Hi,
    the nullPointerException when you hit logoff has been fixed.
    i'm investigating the other part of the bug.

    Charles.

     
  • Charles Lescot
    Charles Lescot
    2006-06-02

    • milestone: --> v0.80 beta2
    • assigned_to: nobody --> diabolo512
     
  • Charles Lescot
    Charles Lescot
    2006-06-04

    Logged In: YES
    user_id=824172

    we've added an ugly control which checks to every request,
    if the subject has got 0 credentials and remove it if its
    the case...a better control will be done in th future.
    but it remains a problem when webapp restart: JCaptcha says
    that the id(sessionId) provided is invalid:
    the problem doesn't come from JCaptcha; JcaptchaLoginmodule
    is called twice after webapp restart instead of one time
    during authentication.
    investigation continues.....
    Charles.

     
  • Charles Lescot
    Charles Lescot
    2006-06-05

    Logged In: YES
    user_id=824172

    Hi,
    this bug has been fixed.
    the problem comes from that during webapp stop and start,
    the webapp registers its configuration (ie its loginmodules)
    again.
    so, loginmodules were registered twice.
    so, this bug is completely fixed, but the check at each
    request if subject has got some credentials should be
    replaced by a better mechanism.
    cheers,
    Charles.

     
  • Charles Lescot
    Charles Lescot
    2006-06-05

    • status: open --> closed-fixed