Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User gets redirected back to the multi-option page when the authentication fails #1332

Closed
kasunbg opened this issue Aug 30, 2017 · 0 comments · Fixed by wso2/carbon-identity-framework#1094
Closed

User gets redirected back to the multi-option page when the authentication fails #1332

kasunbg opened this issue Aug 30, 2017 · 0 comments · Fixed by wso2/carbon-identity-framework#1094
Assignees
@kasunbg
Labels
Affected/5.1.0 bug Priority/High Severity/Major

Comments

@kasunbg
Copy link
Member

kasunbg commented Aug 30, 2017

Description:

Setup: Two step authentication with multiple option in the 2nd step - TOTP/SMSOTP

When the authentication fails in one of the authentication method (TOTP), it redirects back to the multiple option page with the following error in the console.

[2017-08-22 12:53:23,006] ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} -  Authentication failed, user :  admin@carbon.super
org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: Authentication failed, user :  admin@carbon.super
	at org.wso2.carbon.identity.application.authenticator.totp.TOTPAuthenticator.processAuthenticationResponse(TOTPAuthenticator.java:303)
	at org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:66)
	at org.wso2.carbon.identity.application.authenticator.totp.TOTPAuthenticator.process(TOTPAuthenticator.java:120)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:443)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:417)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:121)
	at org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:171)
	at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:115)
	at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:135)
	at org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:53)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
	at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
	at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
	at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
	at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
	at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
	at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1739)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1698)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

Affected Product Version:
IS 5.1.0

OS, DB, other environment details and versions:
N/A

Steps to reproduce:

  1. Enable two-step authentication - 1st step with basic - 2nd step with TOTP/SMSOTP
  2. Try to log-in to an application and use TOTP in the second step.
  3. Enter wrong credentials.
@kasunbg kasunbg self-assigned this Aug 30, 2017
kasunbg added a commit to wso2-extensions/identity-outbound-auth-totp that referenced this issue Sep 24, 2017
@kasunbg
Display a link back to the multi-option selection page if the multiOp…
b29d7fa 
…tionURI query parameter is available.

Fixes wso2/product-is#1332
@kasunbg kasunbg mentioned this issue Sep 24, 2017
Merged
kasunbg added a commit to wso2-extensions/identity-outbound-auth-totp that referenced this issue Sep 25, 2017
@kasunbg
Display a link back to the multi-option selection page if the multiOp…
222b436 
…tionURI query parameter is available.

Fixes wso2/product-is#1332
kasunbg added a commit to wso2-extensions/identity-outbound-auth-totp that referenced this issue Sep 25, 2017
@kasunbg
Display a link back to the multi-option selection page if the multiOp…
0cb5d5c 
…tionURI query parameter is available.

Fixes wso2/product-is#1332
kasunbg added a commit to wso2/carbon-identity-framework that referenced this issue Sep 28, 2017
@kasunbg
User should not get redirected back to the multi-option page when the…
792e27b 
… authentication fails

Fixes wso2/product-is#1332
@kasunbg kasunbg mentioned this issue Sep 28, 2017
Merged
19 tasks
madurangaRA pushed a commit to madurangaRA/carbon-identity-framework that referenced this issue Oct 13, 2017
@kasunbg
User should not get redirected back to the multi-option page when the…
7a95f7c 
… authentication fails

Fixes wso2/product-is#1332
jeradrutnam pushed a commit to jeradrutnam/identity-apps that referenced this issue Nov 3, 2019
@kasunbg
User should not get redirected back to the multi-option page when the…
ca4ba32 
… authentication fails

Fixes wso2/product-is#1332
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kasunbg kasunbg

Labels
Affected/5.1.0 bug Priority/High Severity/Major
Projects
None yet
Milestone
No milestone
2 participants
@kasunbg @maheshika