9 Replies Latest reply on May 27, 2012 10:27 PM by surajchhetry

    [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work

    jadtn

      Hi

      I 'm currently migrating from 5.1 to 7.x, in jboss 7.0.1,7.0.2 and 7.1.0 final I ve a problem for  user re-login.

      My application use richfaces 4.2 Final ( but the problem occurs in all 4.x)

      To login I ve a jsf backbean and  I use request.login(user,pwd) ( HttpServletRequest) to login the user

       

      As the scenario to reproduce the problem (I use Seven as OS):

      1-Open login page  in browser

      2-login user (backbean with request.login(user,pwd) do the login)

      3-user is redirected to member page

      4-go to the page login (in same browser)

      5-try to re-login the same user/pwd

      ->it s impossible request.login(user,pwd) ->exception bad user/pwd, so it's wrong user/pwd are right

      6- clear the browser cache (ctrl-shift-supr for firefox)

      7-reload the login page

      8-login work

       

      Is it a know problem?

       

      Thanks for your help

      Adrien

       

      I've put my standalone.xml,jboss-web.xml and web.xml as attached files.

      The code i use in backbean for login is:

      HttpServletRequest request = (HttpServletRequest) context .getExternalContext().getRequest();

       

               try {

                    request.login(username, pass);

               } catch (ServletException e) {

       

                         if (log.isDebugEnabled()) {        

                                               log.debug("login KO " + user.getJ_username()+ " '"+pass+"'",e);

                                     }

       

                                     UtilJSF.addMessage(FieldsLogin.F_USERNAME, UtilJSF.getDefaultBundle().getString("e_login"));

                                     return Navigation.LOGIN_FAILED;

               }

        • 1. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
          sfcoy

          The javadoc for javax.servlet.http.HttpServletRequest.login(java.lang.String, java.lang.String) says:

          This method returns without throwing a ServletException when the login mechanism configured for the ServletContext supports username password validation, and when, at the time of the call to login, the identity of the caller of the request had not been established (i.e, all of getUserPrincipal, getRemoteUser, and getAuthType return null), and when validation of the provided credentials is successful. Otherwise, this method throws a ServletException as described below.

          It seems like you need to test for existing credentials (and maybe invoke HttpServletRequest.logout() before calling the login method again.

          • 2. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
            jadtn

            Thanks

            Now it 's works

            Adrien

            try {

                   if(request.getUserPrincipal()!=null){

                                         request.logout();

                               }

                                         request.login(username, pass);

                     } catch (ServletException e) {

                              

                               if (log.isDebugEnabled()) {        

                                                     log.debug("login KO " + user.getJ_username()+ " '"+pass+"'",e);

                                           }

             

                                           UtilJSF.addMessage(FieldsLogin.F_USERNAME, UtilJSF.getDefaultBundle().getString("e_login"));

                                           return Navigation.LOGIN_FAILED;

                     }

            • 3. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
              surajchhetry

              Hi Adrien,

                  In my case , with HttpServletRequest#login(username,password) can't compile.Can you share your POM file.

              • 4. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                sfcoy

                This method was added to the servlet 3.0 API, so you need to upgrade to that.

                • 5. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                  surajchhetry

                  Hi Stephen,

                     Yes for that I have added required dependence in my Pom file but still it is not compiling.

                  • 6. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                    sfcoy

                    That suggests that you have an old one floating around in there somewhere.

                     

                    Try running:

                     

                    {code}mvn dependency:tree{code}

                     

                    to see where it is coming from.

                    • 7. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                      surajchhetry

                      mvn dependency:tree shows correct dependancy tree

                       

                      -- maven-dependency-plugin:2.1:tree (default-cli) @ etopup-web ---

                      [INFO] com.swifttech.etopup:etopup-web:war:0.0.1-SNAPSHOT

                      [INFO] +- joda-time:joda-time:jar:2.0:compile

                      [INFO] +- org.jboss.spec.javax.ejb:jboss-ejb-api_3.1_spec:jar:1.0.2.Final:provided

                      [INFO] +- org.jboss.logmanager:jboss-logmanager:jar:1.2.0.GA:compile

                      [INFO] +- org.jboss.spec.javax.el:jboss-el-api_2.2_spec:jar:1.0.1.Final:provided

                      [INFO] +- org.jboss.resteasy:resteasy-multipart-provider:jar:2.3.2.Final:compile

                      [INFO] |  +- javax.mail:mail:jar:1.4.4:compile

                      [INFO] |  |  \- javax.activation:activation:jar:1.1:compile

                      [INFO] |  +- org.apache.james:apache-mime4j:jar:0.6:compile

                      [INFO] |  \- javax.servlet:servlet-api:jar:2.5:compile

                      [INFO] +- org.jboss.resteasy:resteasy-jaxb-provider:jar:2.3.2.Final:provided (scope not updated to compile)

                      [INFO] |  \- com.sun.xml.bind:jaxb-impl:jar:2.2.4:provided

                      [INFO] |     \- javax.xml.bind:jaxb-api:jar:2.2.3:provided

                      [INFO] |        \- javax.xml.stream:stax-api:jar:1.0-2:provided

                      [INFO] +- com.swifttech.etopup:etopup-ejb:ejb:0.0.1-SNAPSHOT:provided

                      [INFO] |  +- com.swifttech.etopup:etopup-api:jar:0.0.1-SNAPSHOT:provided

                      [INFO] |  |  \- commons-codec:commons-codec:jar:1.3:provided

                      [INFO] |  \- com.itextpdf:itextpdf:jar:5.0.4:provided

                      [INFO] |     +- org.bouncycastle:bcmail-jdk14:jar:1.38:provided

                      [INFO] |     +- org.bouncycastle:bcprov-jdk14:jar:1.38:provided

                      [INFO] |     \- org.bouncycastle:bctsp-jdk14:jar:1.38:provided

                      [INFO] +- org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_1.1_spec:jar:1.0.0.Final:provided

                      [INFO] +- javax.enterprise:cdi-api:jar:1.0-SP4:provided

                      [INFO] |  +- org.jboss.spec.javax.interceptor:jboss-interceptors-api_1.1_spec:jar:1.0.1.Final:provided (version managed from 1.0.0.Beta1)

                      [INFO] |  \- javax.inject:javax.inject:jar:1:provided

                      [INFO] +- org.jboss.spec.javax.faces:jboss-jsf-api_2.0_spec:jar:1.0.0.Final:provided

                      [INFO] +- org.hibernate.javax.persistence:hibernate-jpa-2.0-api:jar:1.0.1.Final:provided

                      [INFO] +- org.jboss.spec.javax.servlet:jboss-servlet-api_3.0_spec:jar:1.0.1.Final:compile

                      [INFO] +- org.jboss.seam.faces:seam-faces-api:jar:3.1.0.Final:compile

                      [INFO] |  \- org.jboss.solder:solder-api:jar:3.1.0.Final:compile

                      [INFO] |     \- org.jboss.solder:solder-logging:jar:3.1.0.Final:compile

                      [INFO] +- org.jboss.seam.faces:seam-faces:jar:3.1.0.Final:runtime

                      [INFO] +- org.jboss.seam.security:seam-security:jar:3.1.0.Final:compile

                      [INFO] |  +- org.jboss.seam.security:seam-security-api:jar:3.1.0.Final:compile

                      [INFO] |  |  +- org.picketlink.idm:picketlink-idm-api:jar:1.5.0.Alpha02:compile

                      [INFO] |  |  \- org.picketlink.idm:picketlink-idm-spi:jar:1.5.0.Alpha02:compile

                      [INFO] |  +- org.jboss.seam.persistence:seam-persistence:jar:3.1.0.Final:runtime

                      [INFO] |  |  +- org.jboss.seam.persistence:seam-persistence-api:jar:3.1.0.Final:runtime

                      [INFO] |  |  +- org.jboss.seam.transaction:seam-transaction-api:jar:3.1.0.Final:runtime

                      [INFO] |  |  \- org.jboss.seam.transaction:seam-transaction:jar:3.1.0.Final:runtime

                      [INFO] |  +- org.jboss.solder:solder-impl:jar:3.1.0.Final:compile

                      [INFO] |  \- org.picketlink.idm:picketlink-idm-core:jar:1.5.0.Alpha02:compile

                      [INFO] |     \- org.picketlink.idm:picketlink-idm-common:jar:1.5.0.Alpha02:compile

                      [INFO] +- org.jboss.seam.international:seam-international:jar:3.1.0.Final:compile

                      [INFO] |  \- org.jboss.seam.international:seam-international-api:jar:3.1.0.Final:compile

                      [INFO] +- commons-digester:commons-digester:jar:2.1:compile

                      [INFO] |  +- commons-beanutils:commons-beanutils:jar:1.8.3:compile

                      [INFO] |  \- commons-logging:commons-logging:jar:1.1.1:compile

                      [INFO] +- commons-io:commons-io:jar:2.0.1:compile

                      [INFO] +- commons-lang:commons-lang:jar:2.6:compile

                      [INFO] +- org.primefaces:primefaces:jar:3.0.RC1-SNAPSHOT:compile

                      [INFO] +- org.primefaces.themes:start:jar:1.0.1:compile

                      [INFO] +- com.ocpsoft:prettyfaces-jsf2:jar:3.3.0:compile

                      [INFO] +- com.sun.faces:jsf-api:jar:2.1.2:compile

                      [INFO] \- com.sun.faces:jsf-impl:jar:2.1.2:compile

                      • 8. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                        sfcoy

                        suraj chhetry wrote:

                         

                        mvn dependency:tree shows correct dependancy tree

                         

                        -- maven-dependency-plugin:2.1:tree (default-cli) @ etopup-web ---

                        [INFO] com.swifttech.etopup:etopup-web:war:0.0.1-SNAPSHOT

                        [INFO] +- joda-time:joda-time:jar:2.0:compile

                        [INFO] +- org.jboss.spec.javax.ejb:jboss-ejb-api_3.1_spec:jar:1.0.2.Final:provided

                        [INFO] +- org.jboss.logmanager:jboss-logmanager:jar:1.2.0.GA:compile

                        [INFO] +- org.jboss.spec.javax.el:jboss-el-api_2.2_spec:jar:1.0.1.Final:provided

                        [INFO] +- org.jboss.resteasy:resteasy-multipart-provider:jar:2.3.2.Final:compile

                        [INFO] |  +- javax.mail:mail:jar:1.4.4:compile

                        [INFO] |  |  \- javax.activation:activation:jar:1.1:compile

                        [INFO] |  +- org.apache.james:apache-mime4j:jar:0.6:compile

                        [INFO] |  \- javax.servlet:servlet-api:jar:2.5:compile

                        [INFO] +- org.jboss.resteasy:resteasy-jaxb-provider:jar:2.3.2.Final:provided (scope not updated to compile)

                        [INFO] |  \- com.sun.xml.bind:jaxb-impl:jar:2.2.4:provided

                        [INFO] |     \- javax.xml.bind:jaxb-api:jar:2.2.3:provided

                        [INFO] |        \- javax.xml.stream:stax-api:jar:1.0-2:provided

                        [INFO] +- com.swifttech.etopup:etopup-ejb:ejb:0.0.1-SNAPSHOT:provided

                        [INFO] |  +- com.swifttech.etopup:etopup-api:jar:0.0.1-SNAPSHOT:provided

                        [INFO] |  |  \- commons-codec:commons-codec:jar:1.3:provided

                        [INFO] |  \- com.itextpdf:itextpdf:jar:5.0.4:provided

                        [INFO] |     +- org.bouncycastle:bcmail-jdk14:jar:1.38:provided

                        [INFO] |     +- org.bouncycastle:bcprov-jdk14:jar:1.38:provided

                        [INFO] |     \- org.bouncycastle:bctsp-jdk14:jar:1.38:provided

                        [INFO] +- org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_1.1_spec:jar:1.0.0.Final:provided

                        [INFO] +- javax.enterprise:cdi-api:jar:1.0-SP4:provided

                        [INFO] |  +- org.jboss.spec.javax.interceptor:jboss-interceptors-api_1.1_spec:jar:1.0.1.Final:provided (version managed from 1.0.0.Beta1)

                        [INFO] |  \- javax.inject:javax.inject:jar:1:provided

                        [INFO] +- org.jboss.spec.javax.faces:jboss-jsf-api_2.0_spec:jar:1.0.0.Final:provided

                        [INFO] +- org.hibernate.javax.persistence:hibernate-jpa-2.0-api:jar:1.0.1.Final:provided

                        [INFO] +- org.jboss.spec.javax.servlet:jboss-servlet-api_3.0_spec:jar:1.0.1.Final:compile

                        [INFO] +- org.jboss.seam.faces:seam-faces-api:jar:3.1.0.Final:compile

                        [INFO] |  \- org.jboss.solder:solder-api:jar:3.1.0.Final:compile

                        [INFO] |     \- org.jboss.solder:solder-logging:jar:3.1.0.Final:compile

                        [INFO] +- org.jboss.seam.faces:seam-faces:jar:3.1.0.Final:runtime

                        [INFO] +- org.jboss.seam.security:seam-security:jar:3.1.0.Final:compile

                        [INFO] |  +- org.jboss.seam.security:seam-security-api:jar:3.1.0.Final:compile

                        [INFO] |  |  +- org.picketlink.idm:picketlink-idm-api:jar:1.5.0.Alpha02:compile

                        [INFO] |  |  \- org.picketlink.idm:picketlink-idm-spi:jar:1.5.0.Alpha02:compile

                        [INFO] |  +- org.jboss.seam.persistence:seam-persistence:jar:3.1.0.Final:runtime

                        [INFO] |  |  +- org.jboss.seam.persistence:seam-persistence-api:jar:3.1.0.Final:runtime

                        [INFO] |  |  +- org.jboss.seam.transaction:seam-transaction-api:jar:3.1.0.Final:runtime

                        [INFO] |  |  \- org.jboss.seam.transaction:seam-transaction:jar:3.1.0.Final:runtime

                        [INFO] |  +- org.jboss.solder:solder-impl:jar:3.1.0.Final:compile

                        [INFO] |  \- org.picketlink.idm:picketlink-idm-core:jar:1.5.0.Alpha02:compile

                        [INFO] |     \- org.picketlink.idm:picketlink-idm-common:jar:1.5.0.Alpha02:compile

                        [INFO] +- org.jboss.seam.international:seam-international:jar:3.1.0.Final:compile

                        [INFO] |  \- org.jboss.seam.international:seam-international-api:jar:3.1.0.Final:compile

                        [INFO] +- commons-digester:commons-digester:jar:2.1:compile

                        [INFO] |  +- commons-beanutils:commons-beanutils:jar:1.8.3:compile

                        [INFO] |  \- commons-logging:commons-logging:jar:1.1.1:compile

                        [INFO] +- commons-io:commons-io:jar:2.0.1:compile

                        [INFO] +- commons-lang:commons-lang:jar:2.6:compile

                        [INFO] +- org.primefaces:primefaces:jar:3.0.RC1-SNAPSHOT:compile

                        [INFO] +- org.primefaces.themes:start:jar:1.0.1:compile

                        [INFO] +- com.ocpsoft:prettyfaces-jsf2:jar:3.3.0:compile

                        [INFO] +- com.sun.faces:jsf-api:jar:2.1.2:compile

                        [INFO] \- com.sun.faces:jsf-impl:jar:2.1.2:compile

                         

                        You're also pulling in the red one. Because the artifacts have different group and artifact names maven can't tell that they contain the same interfaces.

                         

                        You need to add an exclusion to the org.jboss.resteasy:resteasy-multipart-provider dependency.

                        • 9. Re: [JBOSS 7.0.x-7.1.x] multiple re-login fail: need clear cache browser and reload page to work
                          surajchhetry

                          Thank you very much Stephen . That solved my problem.