Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-104

Login not working in EclipseLink

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • PLINK_2.5.0.Beta5
    • PLINK_3.0.0.alpha1
    • BASE
    • None

    Description

      This MAY not be a Picketlink bug but because I can't quite follow the source code all the way throughout its execution and I'm not familiar with the JPA full specification, I don't know if Eclipselink is not behaving as it should or not.

      I was using EclipseLink as my JPA provider (now using Hibernate), I'm also using the default configuration for Picketlink, with JPAIdentityStore, the default identity implementation, etc.
      Back when I was using Eclipselink, I could create users, set up their passwords, etc. But when I tried to log in, nothing happened. I checked why, the reason is that it tries to get an agent from the cache, nothing happens, then it goes to the database, nothing happens, so then it tries to get a USER (discriminator column: "USER"), HERE is when it should retrieve the user stored in the database, but once again, nothing happens (even though it is in the database). Because Picketlink doesn't see any users, it doesn't proceed with the authentication, so the user is never logged in, in spite of being persisted.

      I looked at the mysql queries with both, eclipselink and hibernate, this are the results:

      EclipseLink:

      Agent query:
      Query SELECT ID, CREATIONDATE, DISCRIMINATOR, EMAIL, ENABLED, EXPIRYDATE, FIRSTNAME, GROUPPATH, LASTNAME, LOGINNAME, NAME, PARENT_ID, PARTITION_ID FROM IDENTITYOBJECT WHERE (((DISCRIMINATOR = 'AGENT') AND (PARTITION_ID IN (_binary'¬í\0�sr\0�java.util.VectorÙ—}[€;¯��\0�I\0�capacityIncrementI\0�elementCount[\0�elementDatat\0�[Ljava/lang/Object;xp\0\0\0\0\0\0\0�ur\0�[Ljava.lang.Object;ÎXŸ�s)l�\0\0xp\0\0\0�t\0$cb1db331-8705-4f66-804a-67da5e226c3aq\0~\0�q\0~\0�x'))) AND (LOGINNAME = '123')) ORDER BY LOGINNAME ASC

      User query:
      Query SELECT ID, CREATIONDATE, DISCRIMINATOR, EMAIL, ENABLED, EXPIRYDATE, FIRSTNAME, GROUPPATH, LASTNAME, LOGINNAME, NAME, PARENT_ID, PARTITION_ID FROM IDENTITYOBJECT WHERE (((DISCRIMINATOR = 'USER') AND (PARTITION_ID IN (_binary'¬í\0�sr\0�java.util.VectorÙ—}[€;¯��\0�I\0�capacityIncrementI\0�elementCount[\0�elementDatat\0�[Ljava/lang/Object;xp\0\0\0\0\0\0\0�ur\0�[Ljava.lang.Object;ÎXŸ�s)l�\0\0xp\0\0\0�t\0$cb1db331-8705-4f66-804a-67da5e226c3aq\0~\0�q\0~\0�x'))) AND (LOGINNAME = '123')) ORDER BY LOGINNAME ASC

      ----------
      Hibernate:

      Agent query:

      Query select identityob0_.id as id9_, identityob0_.creationDate as creation2_9_, identityob0_.discriminator as discrimi3_9_, identityob0_.email as email9_, identityob0_.enabled as enabled9_, identityob0_.expiryDate as expiryDate9_, identityob0_.firstName as firstName9_, identityob0_.groupPath as groupPath9_, identityob0_.lastName as lastName9_, identityob0_.loginName as loginName9_, identityob0_.name as name9_, identityob0_.parent_id as parent12_9_, identityob0_.partition_id as partition13_9_ from IdentityObject identityob0_ inner join PartitionObject partitiono1_ on identityob0_.partition_id=partitiono1_.id where identityob0_.discriminator='AGENT' and (partitiono1_.id in ('12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba')) and identityob0_.loginName='123' order by identityob0_.loginName asc

      User query:

      Query select identityob0_.id as id9_, identityob0_.creationDate as creation2_9_, identityob0_.discriminator as discrimi3_9_, identityob0_.email as email9_, identityob0_.enabled as enabled9_, identityob0_.expiryDate as expiryDate9_, identityob0_.firstName as firstName9_, identityob0_.groupPath as groupPath9_, identityob0_.lastName as lastName9_, identityob0_.loginName as loginName9_, identityob0_.name as name9_, identityob0_.parent_id as parent12_9_, identityob0_.partition_id as partition13_9_ from IdentityObject identityob0_ inner join PartitionObject partitiono1_ on identityob0_.partition_id=partitiono1_.id where identityob0_.discriminator='USER' and (partitiono1_.id in ('12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba')) and identityob0_.loginName='123' order by identityob0_.loginName asc

      As you can see, the eclipselink queries have these weird where condition:

      (PARTITION_ID IN (_binary'¬í\0�sr\0�java.util.VectorÙ—}[€;¯��\0�I\0�capacityIncrementI\0�elementCount[\0�elementDatat\0�[Ljava/lang/Object;xp\0\0\0\0\0\0\0�ur\0�[Ljava.lang.Object;ÎXŸ�s)l�\0\0xp\0\0\0�t\0$cb1db331-8705-4f66-804a-67da5e226c3aq\0~\0�q\0~\0�x')

      It tries to look for the partition ID in a list of possible values, so my guess is that hibernate takes the Vector, and correctly transforms is to:

      ('12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba' , '12bfc01f-2d16-4e0b-a328-965199c83bba')

      in the query, which works and I get the user and the authentication is successful, but eclipselink tries to serialize the vector?.. and it doesn't work.

      I don't know which one of them is following the spec, or how to fix this.

      Attachments

        Activity

          People

            psilva@redhat.com Pedro Igor Craveiro
            arg20_jira Emanuel Zimmermann (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: