DEVHIDE
Login Or Sign up

Glassfish4 : Waffle SSO Servlet Filter gives Basic auth login popup

378 Views Asked by At

I'm trying to implement SSO in my application (using Waffle's example) , where I have kept following jars in app server's lib :

caffeine-2.8.4.jar
jcl-over-slf4j-2.0.0-alpha1.jar
jna-platform-5.5.0.jar
logback-classic-1.3.0-alpha5.jar
logback-core-1.3.0-alpha5.jar
slf4j-api-2.0.0-alpha1.jar
waffle-tomcat7-2.3.0.jar
waffle-jna-2.3.0.jar

I have updated my web.xml to have the appropriate security filter :

<!-- SSO -->
    <filter>
      <filter-name>SecurityFilter</filter-name>
      <filter-class>waffle.servlet.NegotiateSecurityFilter</filter-class>
    </filter>
    <filter-mapping>
      <filter-name>SecurityFilter</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>

Next step is , I start the application as service , with my domain username . All good till now .

Now when I hit application url , it gives me basic authentication popup . When I checked logs , it all looks good :

[2020-12-10T15:48:38.897+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615318897] [levelValue: 800] [[
  15:48:38.897 [http-listener-1(4)] DEBUG waffle.servlet.NegotiateSecurityFilter - GET /iFM/desktopNotification_serviceWorker.js, contentlength: -1]]

[2020-12-10T15:48:38.897+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615318897] [levelValue: 800] [[
  15:48:38.897 [http-listener-1(4)] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - security package: Negotiate, connection id: 0:0:0:0:0:0:0:1:60170]]

[2020-12-10T15:48:38.897+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615318897] [levelValue: 800] [[
  15:48:38.897 [http-listener-1(4)] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - token buffer: 121 byte(s)]]

[2020-12-10T15:48:38.908+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615318908] [levelValue: 800] [[
  15:48:38.908 [http-listener-1(4)] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue token: oRswGaADCgEAoxIEEAEAAADBU/5OcoZ2owAAAAA=]]

[2020-12-10T15:48:38.909+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615318909] [levelValue: 800] [[
  15:48:38.908 [http-listener-1(4)] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue required: false]]

[2020-12-10T15:48:39.045+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615319045] [levelValue: 800] [[
  15:48:39.045 [http-listener-1(4)] DEBUG waffle.servlet.NegotiateSecurityFilter - logged in user: INT\WareyAn (S-1-5-21-746137067-764733703-725345543-1003051)]]

[2020-12-10T15:48:40.843+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615320843] [levelValue: 800] [[
  15:48:40.843 [http-listener-1(4)] DEBUG waffle.servlet.NegotiateSecurityFilter - roles: (**I have removed this info **)

[2020-12-10T15:48:40.843+0000] [glassfish 4.1] [INFO] [] [] [tid: _ThreadID=33 _ThreadName=Thread-9] [timeMillis: 1607615320843] [levelValue: 800] [[
  15:48:40.843 [http-listener-1(4)] INFO waffle.servlet.NegotiateSecurityFilter - successfully logged in user: INT\WareyAn]]

So looking at the logs , it looks like Waffle has authenticated me in , but Glassfish still somehow distrusts it (by giving me the pop-up) , any idea what's going wrong ? Any help would be much appreciated .

FYI : My application uses LDAPRealm for authentication .

java single-sign-on servlet-filters glassfish-4 waffle
Original Q&A
1

There are 1 best solutions below

0
On

Okay I was able to solve this myself, and finally it worked on Glassfish4 !! As I was using the servlet filter , my web.xml shouldn't really have the following stuff (as it was form based login earlier) :

<security-constraint>
    <display-name>AppSecurity Constraint</display-name>

    <web-resource-collection>
        <web-resource-name>Protected Area (Whole Application)</web-resource-name>
        <url-pattern>/mainUrl/*</url-pattern>
        <url-pattern>/url2/*</url-pattern>
        <url-pattern>/url3/*</url-pattern>
        <url-pattern>/url4/*</url-pattern>
        <url-pattern>/url5/*</url-pattern>
    </web-resource-collection>

    <!-- User must be in role to login. -->
    <auth-constraint>
        <role-name>SomeRoleName</role-name>
    </auth-constraint>
</security-constraint>

After removing it , it started working .

Related Questions in JAVA

Related Questions in SINGLE-SIGN-ON

Related Questions in SERVLET-FILTERS

Related Questions in GLASSFISH-4

Related Questions in WAFFLE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.