-
Bug
-
Resolution: Done
-
Critical
-
PLINK_2.6.0.CR2
-
None
-
None
AbstractCredentialHandler.configureDefaultSupportedAccountTypes() should not auto-add User and Agent to the list of supported account types. The below exception occurs when trying to authenticate with an invalid username. I'm not sure what the correct behavior is supposed to be in that case, but the fact that User and Agent are auto-added causes PL to throw a generic AuthenticationException, which makes it impossible to distinguish a normal error (the user doesn't exist) from a serious problem.
2014-05-27 17:41:54,171 ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /framework-test-war/faces/index.xhtml: org.picketlink.authentication.AuthenticationException: Authentication failed. at org.picketlink.internal.DefaultIdentity.authenticate(DefaultIdentity.java:176) [picketlink-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.internal.DefaultIdentity.login(DefaultIdentity.java:99) [picketlink-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.internal.DefaultIdentity$Proxy$_$$_WeldClientProxy.login(Unknown Source) [picketlink-impl-2.6.0-SNAPSHOT.jar:] at com.lapis.jsf.framework.testwar.bean.LoginBean.login(LoginBean.java:27) [classes:] at com.lapis.jsf.framework.testwar.bean.LoginBean$Proxy$_$$_WeldClientProxy.login(Unknown Source) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45] at javax.el.ELUtil.invokeMethod(ELUtil.java:326) [javax.el-3.0.0.jar:3.0.0] at javax.el.BeanELResolver.invoke(BeanELResolver.java:536) [javax.el-3.0.0.jar:3.0.0] at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:256) [javax.el-3.0.0.jar:3.0.0] at com.sun.el.parser.AstValue.invoke(AstValue.java:269) [javax.el-3.0.0.jar:3.0.0] at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304) [javax.el-3.0.0.jar:3.0.0] at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.2.5-jbossorg-3.jar:] at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:147) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:813) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.component.UICommand.broadcast(UICommand.java:300) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.2.5-jbossorg-3.jar:] at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.2.5-jbossorg-3.jar:] at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198) [jsf-impl-2.2.5-jbossorg-3.jar:] at org.apache.deltaspike.jsf.impl.listener.request.DeltaSpikeLifecycleWrapper.execute(DeltaSpikeLifecycleWrapper.java:89) [deltaspike-jsf-module-impl-0.7.jar:0.7] at javax.faces.lifecycle.LifecycleWrapper.execute(LifecycleWrapper.java:77) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5] at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at com.lapis.jsf.framework.ui.exception.ServletExceptionHandlingFilter.doFilter(ServletExceptionHandlingFilter.java:44) [framework-jsf-1.0.0-SNAPSHOT.jar:] at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:52) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:687) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45] at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45] Caused by: org.picketlink.idm.IdentityManagementException: PLIDM000200: Credential validation failed [org.picketlink.idm.credential.UsernamePasswordCredentials@3607d407]. at org.picketlink.idm.internal.ContextualIdentityManager.validateCredentials(ContextualIdentityManager.java:185) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.internal.SecuredIdentityManager.validateCredentials(SecuredIdentityManager.java:76) [picketlink-impl-2.6.0-SNAPSHOT.jar:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45] at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:100) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23] at org.jboss.weld.proxies.IdentityManager$550502558$Proxy$_$$_WeldClientProxy.validateCredentials(Unknown Source) [weld-core-impl-2.1.2.Final.jar:] at org.picketlink.authentication.internal.IdmAuthenticator.authenticate(IdmAuthenticator.java:48) [picketlink-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.internal.DefaultIdentity.authenticate(DefaultIdentity.java:163) [picketlink-impl-2.6.0-SNAPSHOT.jar:] ... 59 more Caused by: org.picketlink.idm.IdentityManagementException: PLIDM000501: Could not query IdentityType using query [org.picketlink.idm.query.internal.DefaultIdentityQuery@695a85d2]. at org.picketlink.idm.query.internal.DefaultIdentityQuery.getResultList(DefaultIdentityQuery.java:148) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.credential.handler.AbstractCredentialHandler.getAccount(AbstractCredentialHandler.java:89) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.credential.handler.PasswordCredentialHandler.getAccount(PasswordCredentialHandler.java:148) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.credential.handler.PasswordCredentialHandler.getAccount(PasswordCredentialHandler.java:56) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.credential.handler.AbstractCredentialHandler.validate(AbstractCredentialHandler.java:116) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.credential.handler.AbstractCredentialHandler.validate(AbstractCredentialHandler.java:45) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.internal.AbstractIdentityStore.validateCredentials(AbstractIdentityStore.java:136) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.internal.ContextualIdentityManager.validateCredentials(ContextualIdentityManager.java:183) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] ... 69 more Caused by: org.picketlink.idm.config.OperationNotSupportedException: PLIDM000604: No identity store configuration found for requested type operation [class org.picketlink.idm.model.basic.User.read]. at org.picketlink.idm.internal.DefaultPartitionManager.getStoresForIdentityQuery(DefaultPartitionManager.java:525) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] at org.picketlink.idm.query.internal.DefaultIdentityQuery.getResultList(DefaultIdentityQuery.java:133) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:] ... 76 more