4 Replies Latest reply on Sep 4, 2012 10:56 AM by koefe

Form based authentication in JBoss 7.0 successful but throws 408 error page

ahuba Jul 20, 2011 9:03 AM

I am trying to migrate my java application from JBoss 5.1 to JBoss 7.0. I am able to deploy the application, but if I want to login (form based authentication), I get a 408 (time out) error page. Check out this extract from server.log:

10:06:52,997 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-5) End isValid, true
10:06:52,997 TRACE [org.jboss.as.web.security.JBossWebRealm] (http--127.0.0.1-8080-5) User: tlubrpa1 is authenticated
10:06:52,997 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] (http--127.0.0.1-8080-5) Authentication of 'tlubrpa1' was successful
10:06:52,998 DEBUG [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/SSIS2_1]] (http--127.0.0.1-8080-5) User took so long to log on the session expired
10:06:52,998 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http--127.0.0.1-8080-5)  Failed authenticate() test ??/SSIS2_1/View/Mainpage/j_security_check
10:06:53,511 DEBUG [org.apache.catalina.session.ManagerBase] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire sessions StandardManager at 1311062813511 sessioncount 0
10:06:53,512 DEBUG [org.apache.catalina.session.ManagerBase] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire sessions StandardManager processingTime 1 expired sessions: 0
10:06:54,181 TRACE [org.jboss.as.deployment] (DeploymentScanner-threads - 1) Scanning directory C:\java\jboss-as-web-7.0.0.Final\standalone\deployments for deployment content changes

This is my the corresponding extract from standalone.xml:

<subsystem xmlns="urn:jboss:domain:security:1.0">
        <security-domains>
            <security-domain name="SSIS2-domain">
                <authentication>
                    <login-module code="Database" flag="required">
                        <module-option name="dsJndiName" value="java:/SSIS2DSDev"/>
                        <module-option name="principalsQuery" value="SELECT password FROM users WHERE username=? AND active=1"/>
                        <module-option name="rolesQuery" value="SELECT USERROLE.rolename, 'Roles' FROM USERS INNER JOIN (USERROLE INNER JOIN MAPUSERUSERROLE ON USERROLE.roleid = MAPUSERUSERROLE.roleid) ON USERS.userid = MAPUSERUSERROLE.userid where USERS.username=?"/>
                        <module-option name="hashAlgorithm" value="MD5"/>
                        <module-option name="hashEncoding" value="base64"/>
                    </login-module>
                </authentication>
            </security-domain>
        </security-domains>
    </subsystem>

The security stuff is actually the same like in the login-config.xml from JBoss 5.1, and as you can see above it authenticates the user.

Does anyone have an idea?

1. Re: Form based authentication in JBoss 7.0 successful but throws 408 error page

jaikiran Jul 20, 2011 9:18 AM (in response to ahuba)

It's a bug. See this thread for the details and the workaround http://community.jboss.org/thread/169582?tstart=0
Actions
2. Re: Form based authentication in JBoss 7.0 successful but throws 408 error page

koefe Sep 4, 2012 7:40 AM (in response to jaikiran)

I have the same issue with JBoss 7.1.1 Final. Workaround from http://community.jboss.org/thread/169582?tstart=0 doesn't work.
Actions
3. Re: Form based authentication in JBoss 7.0 successful but throws 408 error page

jaikiran Sep 4, 2012 8:56 AM (in response to koefe)

koefe euswidies wrote:

I have the same issue with JBoss 7.1.1 Final. Workaround from http://community.jboss.org/thread/169582?tstart=0 doesn't work.
You'll have to tell us what exactly doesn't work.
Actions
4. Re: Form based authentication in JBoss 7.0 successful but throws 408 error page

koefe Sep 4, 2012 10:56 AM (in response to jaikiran)

Thank you for quick response. Despite similar logs, and error, problem was caused by incorrect jsf. Already solved.
Actions

Go to original post