Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-444

PL should not automatically add basic model types

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • PLINK_2.6.0.CR3
    • PLINK_2.6.0.CR2
    • None
    • None

    Description

      AbstractCredentialHandler.configureDefaultSupportedAccountTypes() should not auto-add User and Agent to the list of supported account types. The below exception occurs when trying to authenticate with an invalid username. I'm not sure what the correct behavior is supposed to be in that case, but the fact that User and Agent are auto-added causes PL to throw a generic AuthenticationException, which makes it impossible to distinguish a normal error (the user doesn't exist) from a serious problem.

      2014-05-27 17:41:54,171 ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /framework-test-war/faces/index.xhtml: org.picketlink.authentication.AuthenticationException: Authentication failed.
	at org.picketlink.internal.DefaultIdentity.authenticate(DefaultIdentity.java:176) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.internal.DefaultIdentity.login(DefaultIdentity.java:99) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.internal.DefaultIdentity$Proxy$_$$_WeldClientProxy.login(Unknown Source) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	at com.lapis.jsf.framework.testwar.bean.LoginBean.login(LoginBean.java:27) [classes:]
	at com.lapis.jsf.framework.testwar.bean.LoginBean$Proxy$_$$_WeldClientProxy.login(Unknown Source) [classes:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45]
	at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45]
	at javax.el.ELUtil.invokeMethod(ELUtil.java:326) [javax.el-3.0.0.jar:3.0.0]
	at javax.el.BeanELResolver.invoke(BeanELResolver.java:536) [javax.el-3.0.0.jar:3.0.0]
	at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:256) [javax.el-3.0.0.jar:3.0.0]
	at com.sun.el.parser.AstValue.invoke(AstValue.java:269) [javax.el-3.0.0.jar:3.0.0]
	at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304) [javax.el-3.0.0.jar:3.0.0]
	at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.2.5-jbossorg-3.jar:]
	at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:147) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:813) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.component.UICommand.broadcast(UICommand.java:300) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.2.5-jbossorg-3.jar:]
	at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.2.5-jbossorg-3.jar:]
	at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198) [jsf-impl-2.2.5-jbossorg-3.jar:]
	at org.apache.deltaspike.jsf.impl.listener.request.DeltaSpikeLifecycleWrapper.execute(DeltaSpikeLifecycleWrapper.java:89) [deltaspike-jsf-module-impl-0.7.jar:0.7]
	at javax.faces.lifecycle.LifecycleWrapper.execute(LifecycleWrapper.java:77) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646) [jboss-jsf-api_2.2_spec-2.2.5.jar:2.2.5]
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at com.lapis.jsf.framework.ui.exception.ServletExceptionHandlingFilter.doFilter(ServletExceptionHandlingFilter.java:44) [framework-jsf-1.0.0-SNAPSHOT.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:52) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:687) [undertow-core-1.0.0.Final.jar:1.0.0.Final]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45]
	at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.picketlink.idm.IdentityManagementException: PLIDM000200: Credential validation failed [org.picketlink.idm.credential.UsernamePasswordCredentials@3607d407].
	at org.picketlink.idm.internal.ContextualIdentityManager.validateCredentials(ContextualIdentityManager.java:185) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.internal.SecuredIdentityManager.validateCredentials(SecuredIdentityManager.java:76) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45]
	at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45]
	at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:100) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
	at org.jboss.weld.proxies.IdentityManager$550502558$Proxy$_$$_WeldClientProxy.validateCredentials(Unknown Source) [weld-core-impl-2.1.2.Final.jar:]
	at org.picketlink.authentication.internal.IdmAuthenticator.authenticate(IdmAuthenticator.java:48) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.internal.DefaultIdentity.authenticate(DefaultIdentity.java:163) [picketlink-impl-2.6.0-SNAPSHOT.jar:]
	... 59 more
Caused by: org.picketlink.idm.IdentityManagementException: PLIDM000501: Could not query IdentityType using query [org.picketlink.idm.query.internal.DefaultIdentityQuery@695a85d2].
	at org.picketlink.idm.query.internal.DefaultIdentityQuery.getResultList(DefaultIdentityQuery.java:148) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.credential.handler.AbstractCredentialHandler.getAccount(AbstractCredentialHandler.java:89) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.credential.handler.PasswordCredentialHandler.getAccount(PasswordCredentialHandler.java:148) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.credential.handler.PasswordCredentialHandler.getAccount(PasswordCredentialHandler.java:56) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.credential.handler.AbstractCredentialHandler.validate(AbstractCredentialHandler.java:116) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.credential.handler.AbstractCredentialHandler.validate(AbstractCredentialHandler.java:45) [picketlink-idm-api-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.internal.AbstractIdentityStore.validateCredentials(AbstractIdentityStore.java:136) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.internal.ContextualIdentityManager.validateCredentials(ContextualIdentityManager.java:183) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	... 69 more
Caused by: org.picketlink.idm.config.OperationNotSupportedException: PLIDM000604: No identity store configuration found for requested type operation [class org.picketlink.idm.model.basic.User.read].
	at org.picketlink.idm.internal.DefaultPartitionManager.getStoresForIdentityQuery(DefaultPartitionManager.java:525) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	at org.picketlink.idm.query.internal.DefaultIdentityQuery.getResultList(DefaultIdentityQuery.java:133) [picketlink-idm-impl-2.6.0-SNAPSHOT.jar:]
	... 76 more

      Attachments

        Activity

          People

            psilva@redhat.com Pedro Igor Craveiro
            rdicroce Richard DiCroce (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: