Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

com.sun.jna.platform.win32.Win32Exception: The logon attempt failed causes a 500 status error #203

Closed
dblock opened this issue Mar 10, 2015 · 10 comments
Closed

com.sun.jna.platform.win32.Win32Exception: The logon attempt failed causes a 500 status error #203

dblock opened this issue Mar 10, 2015 · 10 comments
Labels
bug

Comments

@dblock
Copy link
Collaborator

dblock commented Mar 10, 2015

Tomcat valve isn't catching a Win32 auth error, should be turning it into a 401.

com.sun.jna.platform.win32.Win32Exception: The logon attempt failed
    waffle.windows.auth.impl.WindowsAuthProviderImpl.acceptSecurityToken(WindowsAuthProviderImpl.java:134)
    waffle.apache.NegotiateAuthenticator.authenticate(NegotiateAuthenticator.java:97)
    org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1008)
    org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    java.lang.Thread.run(Thread.java:744)

Probably here.

screen shot 2015-03-10 at 8 31 03 am
@dblock dblock added the bug label Mar 10, 2015
@hazendaz
Copy link
Member

This is exactly where a stack trace has blown for some time. I wrote into the unit tests to prevent it as I didn't understand why. Fixing this breaks the unit tests in the original areas so uncertain what that would happen then if this was in fact restoring original logic. However, some minor rewriting of tests to not look at as much under this condition gets those working again. I'm going to do a pull request but it needs good review before pulling it in for this. I also want to look at the other issue on this I think is still outstanding to see the dates around this.

@hazendaz
Copy link
Member

This appears to be issue #107

hazendaz referenced this issue in hazendaz/waffle Mar 31, 2015
@hazendaz
[issue #203] Catch Win32Exception and make 401
68b36e4 
A fix to capture tomcat 6, 7, and 8 negotiate authenticator
Win32Exception which started occurring around June 2015 per issue #107.
Around that time Exception was switched out for IOException which
allowed Win32Exception to occur.  Now catch that and perform same
actions as IOException.  Left original unit tests capturing fall through
and added new check as this shows Negotiate, NTLM where the comma was
normally expected to be a space.  This does fix the condition but I'm
not 100% certain this is correct from unit test side.
hazendaz referenced this issue in hazendaz/waffle Mar 31, 2015
@hazendaz
[issue #203] Catch Win32Exception and make 401
541f43f 
A fix to capture tomcat 6, 7, and 8 negotiate authenticator
Win32Exception which started occurring around June 2015 per issue #107.
Around that time Exception was switched out for IOException which
allowed Win32Exception to occur.  Now catch that and perform same
actions as IOException.  Left original unit tests capturing fall through
and added new check as this shows Negotiate, NTLM where the comma was
normally expected to be a space.  This does fix the condition but I'm
not 100% certain this is correct from unit test side.
hazendaz added a commit that referenced this issue Apr 11, 2015
@hazendaz
Merge pull request #206 from hazendaz/master
0d0c605 
[issue #203] Catch Win32Exception and make 401
@hazendaz
Copy link
Member

Resolved in PR #206

hazendaz referenced this issue in hazendaz/waffle May 13, 2015
@hazendaz
[issue #203] Catch Win32Exception and make 401
8099e0f 
A fix to capture tomcat 6, 7, and 8 negotiate authenticator
Win32Exception which started occurring around June 2015 per issue #107.
Around that time Exception was switched out for IOException which
allowed Win32Exception to occur.  Now catch that and perform same
actions as IOException.  Left original unit tests capturing fall through
and added new check as this shows Negotiate, NTLM where the comma was
normally expected to be a space.  This does fix the condition but I'm
not 100% certain this is correct from unit test side.
hazendaz referenced this issue in hazendaz/waffle May 13, 2015
@hazendaz
[issue #203] Catch Win32Exception and make 401
4031dc1 
A fix to capture tomcat 6, 7, and 8 negotiate authenticator
Win32Exception which started occurring around June 2015 per issue #107.
Around that time Exception was switched out for IOException which
allowed Win32Exception to occur.  Now catch that and perform same
actions as IOException.  Left original unit tests capturing fall through
and added new check as this shows Negotiate, NTLM where the comma was
normally expected to be a space.  This does fix the condition but I'm
not 100% certain this is correct from unit test side.
hazendaz referenced this issue in hazendaz/waffle May 13, 2015
@hazendaz
[issue #203] Catch Win32Exception and make 401
ff086dc 
A fix to capture tomcat 6, 7, and 8 negotiate authenticator
Win32Exception which started occurring around June 2015 per issue #107.
Around that time Exception was switched out for IOException which
allowed Win32Exception to occur.  Now catch that and perform same
actions as IOException.  Left original unit tests capturing fall through
and added new check as this shows Negotiate, NTLM where the comma was
normally expected to be a space.  This does fix the condition but I'm
not 100% certain this is correct from unit test side.
@michaelkong
Copy link

michaelkong commented Sep 27, 2016
edited
Loading

I am using Waffle 1.8, since it was built on Sep 2015, the bug fix should be in 1.8 already. How come I am still seeing the same error?

Update: Sorry my mistake. I just checked the 1.8 code, the fix is indeed there. I then looked at my error message, and I realized I was using MixedAuthenticator, and the fix is actually for NegoticateAuthenticator. Just switched the valve from MixedAuthenticator to NegoticatedAuthenticator. My problem is fixed.

However, I think Waffle should fix the MixedAuthenticator code as well, just in case if people have to use MixedAuthenticator.

tomcat

@hazendaz
Copy link
Member

hazendaz commented Oct 2, 2016

Can you try version 1.8.1 and let me know if its a problem there?

@gargomanjr
Copy link

I have the same error with the 1.8.1 waffle version...Someone could help me¿?

@hazendaz
Copy link
Member

hazendaz commented Mar 3, 2017 via email

@gargomanjr
Copy link

Thanks hazendaz, but I couldn't download the 1.8.3 version, ¿Which repository should I use?

I fixed this error in my code extending WindowsAuthProviderImpl and throwing a AuthenticationServiceException instead of Win32Exception.

Then, I used the failureHandler to handle this issue and redirect to login page.

@gargomanjr
Copy link

version 1.8.3 fix the problem!thank you!!!!!!!!!

@hazendaz
Copy link
Member

hazendaz commented Mar 4, 2017

@gargomanjr Your welcome!

@hazendaz hazendaz mentioned this issue Jun 12, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dblock @hazendaz @michaelkong @gargomanjr