Hitachi Vantara Pentaho Community Forums
Results 1 to 9 of 9

Thread: Broke JBoss portal

  1. #1

    Default Broke JBoss portal

    Ok, I don't know if this is the appropriate place to post this, so please forgive me in advance.

    I am using Pentaho V1.6.0 build 782 RC1. After playing around with some of the Pentaho security settings, I can no longer access the JBoss portal (http://localhost:8080/portal).

    I don't think I changed anything related to JBoss security, but now when I call up the portal, it brings up a log in screen, and when I log in using admin/admin, I get a 401 error: "This request requires HTTP authentication ()."

    Entering junk data for the username and password (ala asdf/jklm) results in a "Sorry, your username and/or password could not be verified.".


    Anyone else seen that, or know how to go about troubleshooting this?
    Last edited by dherzog; 09-24-2007 at 04:17 PM. Reason: remove accidental emote
    Have you hugged your computer geek today?

  2. #2
    Join Date
    Oct 2006
    Posts
    817

    Default

    To troubleshoot, enable JBoss security logging as described here. By the way, are you using the PCI?

  3. #3

    Default

    Quote Originally Posted by mlowery View Post
    ... By the way, are you using the PCI?

    Yes; does that make a difference?
    Have you hugged your computer geek today?

  4. #4
    Join Date
    Oct 2006
    Posts
    817

    Default

    The only difference is that the PCI has been customized by Pentaho--and I am more likely to suspect a Pentaho-caused problem in that case. If it was your own JBoss installation, I wouldn't think Pentaho would be in the picture. Any luck with the security logging?

  5. #5

    Default

    Quote Originally Posted by mlowery View Post
    The only difference is that the PCI has been customized by Pentaho--and I am more likely to suspect a Pentaho-caused problem in that case. If it was your own JBoss installation, I wouldn't think Pentaho would be in the picture.
    Ahh ... So far, I've not had as good of luck rolling my own install. Since at present, I'm already climbing a steep learning curve (though rapidly progressing) I figured I'd stick with the PCI until I find reason to change.


    Quote Originally Posted by mlowery View Post
    Any luck with the security logging?
    Uhhh ... Well, I turned on the logging on, but I don't see anything that says "Here I am! Here's the problem!" or even "This might be an issue..."

    To create this snippet, I started Pentaho, waited until it was completely loaded, opened the portal login page via http://localhost:8080/portal and then tried logging in twice: First with username "blah", a known invalid user, and then with username/password admin/admin, which resulted in the error I described previously.

    Below is what I believe is the relevant snippet from the log. On line 67, you'll see the Jaas Security Manager returning a false on the "IsValid" routine on the first login, which is what I'd expect. Then on line 85, it returns true for the admin login.

    I believe everything after line 113 or so is just JBoss/Pentaho shutdown stuff, but figured there might be something that stood out to someone else.

    Code:
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:51:30,221 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:51:30,268 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:51:30,268 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:51:30,565 ERROR [STDERR] 2007/09/25 10:51:30:565 PDT [INFO] ChannelSocket - JK: ajp13 listening on /0.0.0.0:8009
    2007-09-25 10:51:41,815 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:51:41,908 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=null
    2007-09-25 10:51:41,908 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToUncheckedPolicy, p=(org.jboss.portal.core.model.instance.InstancePermission instancepermission)
    2007-09-25 10:51:41,908 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToUncheckedPolicy, p=(org.jboss.portal.portlet.security.PortletPermission portletpermission)
    2007-09-25 10:51:41,908 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToUncheckedPolicy, p=(org.jboss.portal.core.model.portal.PortalObjectPermission portalobjectpermission personalizerecursive)
    2007-09-25 10:51:41,908 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] commit
    2007-09-25 10:51:41,924 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:51:41,924 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
    2007-09-25 10:51:44,830 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
    2007-09-25 10:52:17,455 TRACE [org.jboss.security.plugins.JaasSecurityManager] Constructing
    2007-09-25 10:52:17,455 DEBUG [org.jboss.security.plugins.JaasSecurityManager.portal] CallbackHandler: org.jboss.security.auth.callback.SecurityAssociationHandler@f10fd8
    2007-09-25 10:52:17,455 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@47555e
    2007-09-25 10:52:17,455 DEBUG [org.jboss.security.plugins.JaasSecurityManager.portal] CachePolicy set to: org.jboss.util.TimedCachePolicy@135c2c7
    2007-09-25 10:52:17,455 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@135c2c7
    2007-09-25 10:52:17,455 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added portal, org.jboss.security.plugins.SecurityDomainContext@86c285 to map
    2007-09-25 10:52:17,455 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Begin isValid, principal:blah, cache info: null
    2007-09-25 10:52:17,455 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, principal=blah
    2007-09-25 10:52:17,455 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(portal), size=12
    2007-09-25 10:52:17,455 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(portal), authInfo=AppConfigurationEntry[]:
    [0]
    LoginModule Class: org.jboss.portal.identity.auth.IdentityLoginModule
    ControlFlag: LoginModuleControlFlag: required
    Options:name=userModuleJNDIName, value=java:/portal/UserModule
    name=password-stacking, value=useFirstPass
    name=unauthenticatedIdentity, value=guest
    name=additionalRole, value=Authenticated
    name=roleModuleJNDIName, value=java:/portal/RoleModule
    
    2007-09-25 10:52:17,486 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Login failure
    javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
        at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:324)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
        at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
        at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
        at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
        at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
        at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
        at java.lang.Thread.run(Thread.java:534)
    2007-09-25 10:52:17,486 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, false
    2007-09-25 10:52:17,596 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
    2007-09-25 10:53:08,018 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Begin isValid, principal:admin, cache info: null
    2007-09-25 10:53:08,018 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, principal=admin
    2007-09-25 10:53:08,018 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(portal), size=12
    2007-09-25 10:53:08,018 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(portal), authInfo=AppConfigurationEntry[]:
    [0]
    LoginModule Class: org.jboss.portal.identity.auth.IdentityLoginModule
    ControlFlag: LoginModuleControlFlag: required
    Options:name=userModuleJNDIName, value=java:/portal/UserModule
    name=password-stacking, value=useFirstPass
    name=unauthenticatedIdentity, value=guest
    name=additionalRole, value=Authenticated
    name=roleModuleJNDIName, value=java:/portal/RoleModule
    
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, lc=javax.security.auth.login.LoginContext@744cae, subject=Subject(22429446).principals=org.jboss.security.SimplePrincipal@14513156(admin)org.jboss.security.SimpleGroup@21215786(Roles(members:Admin,Authenticated))
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] updateCache, inputSubject=Subject(22429446).principals=org.jboss.security.SimplePrincipal@14513156(admin)org.jboss.security.SimpleGroup@21215786(Roles(members:Admin,Authenticated)), cacheSubject=Subject(24336792).principals=org.jboss.security.SimplePrincipal@14513156(admin)org.jboss.security.SimpleGroup@21215786(Roles(members:Admin,Authenticated))
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1ff31e1[Subject(24336792).principals=org.jboss.security.SimplePrincipal@14513156(admin)org.jboss.security.SimpleGroup@21215786(Roles(members:Admin,Authenticated)),credential.class=java.lang.String@7896426,expirationTime=1190744537455]
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, true
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
        Principal: admin
        Principal: Roles(members:Admin,Authenticated)
    , sc=org.jboss.security.SecurityAssociation$SubjectContext@11da402{principal=admin,subject=16417786}
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1ff31e1[Subject(24336792).principals=org.jboss.security.SimplePrincipal@14513156(admin)org.jboss.security.SimpleGroup@21215786(Roles(members:Admin,Authenticated)),credential.class=java.lang.String@7896426,expirationTime=1190744537455]
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@11da402{principal=admin,subject=16417786}
    2007-09-25 10:53:08,065 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getUserRoles, subject: Subject:
        Principal: admin
        Principal: Roles(members:Admin,Authenticated)
    
    2007-09-25 10:53:08,080 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
    2007-09-25 10:53:08,096 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:08,096 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
        Principal: admin
        Principal: Roles(members:Admin,Authenticated)
    , sc=org.jboss.security.SecurityAssociation$SubjectContext@88008f{principal=admin,subject=16417786}
    2007-09-25 10:53:08,127 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@88008f{principal=admin,subject=16417786}
    2007-09-25 10:53:08,127 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Admin, p=(org.jboss.portal.core.model.instance.InstancePermission instancepermission)
    2007-09-25 10:53:08,127 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Admin, p=(org.jboss.portal.portlet.security.PortletPermission portletpermission)
    2007-09-25 10:53:08,127 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Admin, p=(org.jboss.portal.core.model.portal.PortalObjectPermission portalobjectpermission personalizerecursive)
    2007-09-25 10:53:08,127 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] commit
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Authenticated, p=(org.jboss.portal.core.model.instance.InstancePermission instancepermission)
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Authenticated, p=(org.jboss.portal.portlet.security.PortletPermission portletpermission)
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] addToRole, roleName=Authenticated, p=(org.jboss.portal.core.model.portal.PortalObjectPermission portalobjectpermission personalizerecursive)
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] commit
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:08,143 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=null, sc=org.jboss.security.SecurityAssociation$SubjectContext@1984f10{principal=null,subject=null}
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1984f10{principal=null,subject=null}
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,455 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,471 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,471 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] delete
    2007-09-25 10:53:16,721 WARN  [org.jboss.deployment.MainDeployer] undeploy 'file:/C:/pentaho/pentaho_BI_hsqldb-1.6.0-RC1.782/jboss/server/default/deploy/wiki.war/WEB-INF/' : package not deployed
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null
    2007-09-25 10:53:16,721 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
    2007-09-25 10:53:16,783 TRACE [org.jboss.security.jacc.JBossPolicyConfiguration] delete
    2007-09-25 10:53:16,783 WARN  [org.jboss.deployment.MainDeployer] undeploy 'file:/C:/pentaho/pentaho_BI_hsqldb-1.6.0-RC1.782/jboss/server/default/deploy/sw-style.war/WEB-INF/' : package not deployed
    2007-09-25 10:53:16,924 ERROR [STDERR] java.lang.NoClassDefFoundError: org/apache/log4j/spi/VectorWriter
    2007-09-25 10:53:16,924 ERROR [STDERR]     at org.apache.log4j.spi.LoggingEvent.<init>(LoggingEvent.java:145)
    2007-09-25 10:53:16,924 ERROR [STDERR]     at org.apache.log4j.Category.forcedLog(Category.java:372)
    2007-09-25 10:53:16,924 ERROR [STDERR]     at org.apache.log4j.Category.error(Category.java:303)
    2007-09-25 10:53:16,924 ERROR [STDERR]     at com.ecyrd.jspwiki.util.WikiBackgroundThread.run(WikiBackgroundThread.java:153)
    2007-09-25 10:53:17,533 INFO  [org.pentaho.util.logging.Logger] misc-org.pentaho.core.system.SolutionContextListener: Pentaho BI Platform Exiting
    Have you hugged your computer geek today?

  6. #6
    Join Date
    Oct 2006
    Posts
    817

    Default

    Well it looks like admin/admin login is OK. Not to side-step the issue but there is a newer RC available. However, if you want to stick with the version you have, would it be possible to unzip the archive and see if the "untainted" version runs flawlessly?

  7. #7

    Default

    Unzipping from scratch results in the portal working perfectly. I guess I should point out that when I call up the portal in the fresh, unedited version, it brings up the portal screen similar to http://portal.demo.jboss.com/

    When I try to bring it up on the broken version, it comes up with a login screen (attached).

    I did see the RC2 on the download page this morning; I will try to get that setup later this week when I can afford to take Pentaho off line for an extended period.
    Attached Images Attached Images  
    Have you hugged your computer geek today?

  8. #8
    Join Date
    Oct 2006
    Posts
    817

    Default

    The behavior you're seeing in the fresh version is correct. To see the Pentaho-branded portal, go to http://localhost:8080/portal/portal/pentaho/default. It's hard to say what the problem is. If it were me, I'd run a diff tool to compare the fresh version and your version to see what's changed. You can try the steps outlined here: http://wiki.pentaho.org/display/Pent...rtal+Database; be aware that it will destroy any changes completed in the Admin interface within the portal.

  9. #9

    Default

    Going to http://gsa-m45805:8080/portal/portal/pentaho/default results in being redirected to http://localhost:8080/portal/auth/po...entaho/default (notice the extra "/auth/" in the middle).

    I'll see what I can find after diff'ing the two Pentaho versions, and will post results if I find anything.

    Thanks,

    -Daniel
    Have you hugged your computer geek today?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.