| Title | UserCheck Tag not working as it should when authenticated by Container (Tomcat 5.5) |
| Date | 28-Jan-2005 10:49:15 EET |
| Version | 2.1.134 |
| Submitter | 217.22.96.73 |
| Bug criticality | BadBug |
| Browser version | Mozilla/ Internet Explorer |
| Bug status | ClosedBug |
| PageProvider used | VersioningFileProvider |
| Servlet Container | Tomcat 5.5 |
| Operating System | Windows 2003 Server |
| URL | N/A??? |
| Java version | Java 2 1.4 |
Hi:
As you can see, we are using your JSPWiki version 2.1.134. Our purpose:
We want the user to be authenticated against the Container so we modified the web.xml descriptor file. We modified ViewTemplate.jsp so the user had an option of login and logout. We use the <UserCheck> tag with options validated and unvalidated in order to print on the screen either Login or Logout depending on his login status (validated or unvalidate).
Here is the code that we wrote on ViewTemplate:
<div class="menuBar">
<wiki:InsertPage page="MenuBar" />
<wiki:UserCheck status="unvalidated">
<a class="wikipage" href="<wiki:Variable var="baseURL"/>Login.jsp?page=<wiki:PageName />">Login</a>
</wiki:UserCheck>
<wiki:UserCheck status="validated">
<a class="wikipage" href="<wiki:Variable var="baseURL"/>Login.jsp?action=logout">Logout</a>
</wiki:UserCheck>
</div>
The problem:
The problem appeared like the following: when the user was not Valid (I mean, he was not still authenticated it doesn't matter he had cookie or not) the tag was working fine as his status was unvalidated. But, once the user clicked Login option and is authenticated against tomcat, the tag is not working because the code for status validated is not appearing on screnn, thus no link for Logout.
Our thoughts:
Gettin to the <UserCheck> tag code, we found out that it is not working ok as there is no equals comparision for CONTAINER authentication method. See the following code:
public final int doWikiStartTag()
throws IOException
{
WikiEngine engine = m_wikiContext.getEngine();
...
if( m_status != null )
{
if( wup == null )
{
// This may happen when strict login policy is used.
return( SKIP_BODY );
}
if( "unknown".equals( m_status ) &&
wup.getLoginStatus() == UserProfile.NONE )
{
return EVAL_BODY_INCLUDE;
}
else if( "known".equals( m_status ) &&
wup.getLoginStatus() > UserProfile.NONE )
{
return EVAL_BODY_INCLUDE;
}
else if( "named".equals( m_status ) &&
wup.getLoginStatus() == UserProfile.COOKIE )
{
return EVAL_BODY_INCLUDE;
}
else if( "validated".equals( m_status ) &&
wup.getLoginStatus() > UserProfile.CONTAINER )
{
return EVAL_BODY_INCLUDE;
}
else if( "unvalidated".equals( m_status ) &&
wup.getLoginStatus() < UserProfile.CONTAINER )
{
return EVAL_BODY_INCLUDE;
}
}
return SKIP_BODY;
}
We think that the 4th comparision to evaluate the body, the one that refers to status validated and userProfile.CONTAINER should be greater or equals to (>=) and no just greater than.
Is this the correct behaviour? Was your intention to make this tag behave like this? Probably you did and it is that we are missing out something :)
You can email us to jgarciab@iberdrola.es and eduardo.rodriguez@iberdrola.es.
Thank you very much for your atention. Hope this will get solved easily and is not lot of work for you.
Regards,
Juan Garcia Baldasano.
The entire AAA system is deprecated. Any bugs in it will not be fixed. A completely new system will be in an upcoming version.
Sorry guys, but the current system is so full of bugs, that it's simply not worth fixing. It was never really well-designed anyway. Feel free to fix anything you like in your own copy, but be aware that things will change in 2.4.
Add new attachment
- Features
- Download
- Documentation
- Templates
- Plugins
- Provider
- Filters
- Support
- FAQ
- Irc Channel
- Mailing List
- Weblog
- Applications
- Getting Involved
- JSPWIKI Testers
Development
Internet Search