780498 – (SOA-2928) SOA-P 5.1 BPEL Console - Entering a bad username/password does not return an error message to the user

Bug 780498 (SOA-2928) - SOA-P 5.1 BPEL Console - Entering a bad username/password does not return an error message to the user

Summary: SOA-P 5.1 BPEL Console - Entering a bad username/password does not return an ...

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	SOA-2928
Product:	JBoss Enterprise SOA Platform 5
Classification:	JBoss
Component:	Tooling
Sub Component:
Version:	5.1.0 GA
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	5.2.0 GA
Assignee:	Jeff Yu
QA Contact:
Docs Contact:
URL:	http://jira.jboss.org/jira/browse/SOA...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-02-18 03:03 UTC by Len DiMaggio
Modified:	2013-07-02 01:34 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-11-08 01:18:05 UTC
Type:	Bug

Attachments	(Terms of Use)
Screenshot.png (182.52 KB, image/png) 2011-02-18 03:10 UTC, Len DiMaggio	no flags	Details
Screenshot.png (175.87 KB, image/png) 2011-08-29 21:25 UTC, Len DiMaggio	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	SOA-2928	0	None	Closed	SOA-P 5.1 BPEL Console - Entering a bad username/password does not return an error message to the user	2012-01-16 19:01:52 UTC

Description Len DiMaggio 2011-02-18 03:03:36 UTC

project_key: SOA

See attached screenshot - if the user enters a bad username or password, no error is displayed - the user is simply left at the BPEL console login screen.

Comment 1 Len DiMaggio 2011-02-18 03:10:32 UTC

Attachment: Added: Screenshot.png

Comment 2 Gary Brown 2011-04-04 19:17:54 UTC

Haven't seen this behaviour in the community edition, so possibly a sideeffect of the integration?

So we may need to wait until an integration build of SOA-P 5.2 is available to try this out.

Comment 3 Jeff Yu 2011-06-22 01:37:53 UTC

Didn't see this issue anymore in the riftsaw community version, move it to QA for check on the SOA, if it still exists, please re-open it.

Comment 4 Jeff Yu 2011-06-22 01:37:53 UTC

Labels: Added: riftsaw

Comment 5 Marek Baluch 2011-06-22 07:33:56 UTC

Hi Jeff, which version of SOA do you think we should try? SOA 5.1 GA is the latest one which includes Riftsaw and it's affected. 

According to RIFTSAW-256 this issue was fixed in Riftsaw 2.1.0.Final - this I can confirm. Despite that it works only in the community version, not in SOA-P 5.1. I noted this in a SOA-2175 comment I think.

Comment 6 Jeff Yu 2011-06-22 07:52:03 UTC

Hi Marek,

I meant to say SOA-P 5.2 ER build, which probably didn't exist at the moment.
But didn't realised it was fixed in 2.1.0.Final, in this case, I'll try to download the soa-5.1 and check.

Thanks
Jeff

Comment 7 Marek Baluch 2011-06-22 11:53:06 UTC

Tried it on SOA-P 5.2 Dev1 and it's still a no go.

Comment 8 Jeff Yu 2011-06-24 14:43:36 UTC

This issue is introduced in the productisation step.

In the soa-p/jboss-as/server/$config/deploy/bpel-console/gwt-console-server.war/login.jsp, we need to update the "<title>JBoss SOA Login</title>" to "<title>HTTP 401</title>", as in the bpel-console, we used the 'HTTP 401' in the title as a hack.

Comment 9 Jeff Yu 2011-06-24 14:45:14 UTC

Link: Added: This issue duplicates SOA-2175

Comment 10 Julian Coleman 2011-06-28 14:47:28 UTC

From tests, it looks like we should not overwrite the project WEB-INF/web.xml
file, and then the user feedback on authentication error will work.

Comment 11 Jeff Yu 2011-06-28 14:53:12 UTC

I am not sure about the reason that overwrite the web.xml file. But basically, with the current overwriting, as long as you keep the 'title' section as same as "<title>HTTP 401</title>", the authentication should be working.

Comment 12 Douglas Palmer 2011-08-12 23:17:59 UTC

Fix in soa-p 5.2.0.ER2.

Comment 13 Len DiMaggio 2011-08-29 21:25:35 UTC

Attachment: Added: Screenshot.png

Comment 14 Len DiMaggio 2011-08-29 21:25:50 UTC

Verified fixed in ER3, build.

Comment 15 David Le Sage 2011-11-08 01:15:41 UTC

Temporarily reopening to update release notes.

Comment 16 David Le Sage 2011-11-08 01:17:56 UTC

Release Notes Docs Status: Added: Documented as Resolved Issue
Writer: Added: dlesage
Release Notes Text: Added: https://issues.jboss.org/browse/SOA-2928

If the user entered an incorrect username or password at the BPEL Console log-in screen, no error message was displayed. This has now been changed so that the user is given feedback about supplying the wrong credentials.

Note You need to log in before you can comment on or make changes to this bug.