Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-1839

can't read anonymous user after a session timeout

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • 3.5 RC1
    • 3.5 RC1
    • None
    • None

      Regarding to a report the anonymous user can't get read after a session timeout of the http session.

      Might be that the following happens:

      • the user gets seialized
      • the deserialized user does not return the subject

      The reported exception is:

      ERROR info.magnolia.cms.security.SystemUserManager 14.11.2007 15:21:11 – Failed to login as anonymous user
      javax.security.auth.login.AccountNotFoundException: user anonymous not found
      at info.magnolia.jaas.sp.jcr.JCRAuthenticationModule.validateUser(JCRAuthenticationModule.java:79)
      at info.magnolia.jaas.sp.AbstractLoginModule.login(AbstractLoginModule.java:189)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at info.magnolia.cms.security.SystemUserManager.getAnonymousSubject(SystemUserManager.java:132)
      at info.magnolia.cms.security.SystemUserManager.getAnonymousUser(SystemUserManager.java:111)
      at info.magnolia.cms.security.DelegatingUserManager$2.delegate(DelegatingUserManager.java:72)
      at info.magnolia.cms.security.DelegatingUserManager.delegateUntilSupported(DelegatingUserManager.java:117)
      at info.magnolia.cms.security.DelegatingUserManager.getAnonymousUser(DelegatingUserManager.java:70)
      at info.magnolia.cms.security.Authenticator.getAnonymousUser(Authenticator.java:99)
      at info.magnolia.context.UserContextImpl.getUser(UserContextImpl.java:66)
      at info.magnolia.context.DefaultRepositoryStrategy.getSubject(DefaultRepositoryStrategy.java:77)
      at info.magnolia.context.DefaultRepositoryStrategy.getAccessManager(DefaultRepositoryStrategy.java:69)
      at info.magnolia.context.AbstractContext.getAccessManager(AbstractContext.java:118)
      at info.magnolia.context.MgnlContext.getAccessManager(MgnlContext.java:167)

      Then we end up in that

      ERROR info.magnolia.cms.security.SystemUserManager 14.11.2007 15:21:11 – Failed to get system or anonymous user [anonymous], will try to create new system user with default password
      ERROR info.magnolia.cms.security.SystemUserManager 14.11.2007 15:21:11 – Failed to get system or anonymous user [anonymous], will try to create new system user with default password
      ERROR info.magnolia.cms.security.SystemUserManager 14.11.2007 15:21:11 – Failed to get system or anonymous user [anonymous], will try to create new system user with default password
      ERROR info.magnolia.cms.security.SystemUserManager 14.11.2007 15:21:11 – Failed to get system or anonymous user [anonymous], will try to create new system user with default password

        Acceptance criteria

              pbaerfuss Philipp Bärfuss
              pbaerfuss Philipp Bärfuss
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Bug DoR
                  Task DoD