Bug 833673 - User cannot sign out with Kerberos and Fedora authentication
User cannot sign out with Kerberos and Fedora authentication
Status: CLOSED CURRENTRELEASE
Product: Zanata
Classification: Community
Component: Authentication-Fedora, Authentication-Kerberos (Show other bugs)
1.6
Unspecified Unspecified
unspecified Severity high
: ---
: 1.6.1
Assigned To: Sean Flanigan
Ding-Yi Chen
:
Depends On:
Blocks: 833639
  Show dependency treegraph
 
Reported: 2012-06-20 02:30 EDT by Ding-Yi Chen
Modified: 2012-07-16 21:57 EDT (History)
3 users (show)

See Also:
Fixed In Version: 1.6.1-SNAPSHOT (20120628-0014)
Doc Type: Bug Fix
Doc Text:
Cause Clicking sign-out on a Zanata server which uses Fedora or Kerberos ticket authentication Consequence User gets an error message when logging out, and the editor's Participants List keep showing the user as logged in Fix Sign-out code now uses the JAAS credentials' username instead of assuming JAAS principal is a username Result Sign-out proceeds without error; user is removed from the editor's Participants List
Story Points: ---
Clone Of:
: 836056 (view as bug list)
Environment:
Last Closed: 2012-07-03 01:27:47 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Ding-Yi Chen 2012-06-20 02:30:19 EDT
Description of problem:
A user cannot sign out with Kerberos and Fedora authentication.


Version-Release number of selected component (if applicable):
Zanata version 1.7-SNAPSHOT (20120620-1212)
Zanata version 1.6.1-SNAPSHOT (20120620-0001)

How reproducible:
Always

Steps to Reproduce:
1. Sign it with any user.
2. Click Sign out
  
Actual results:
Web page showed:

Current Errors:

    Unexpected error. Please try again. 


Expected results:
Sign out without and problem.
Comment 1 Sean Flanigan 2012-06-21 20:19:30 EDT
This seems to be the corresponding server stack trace:

2012-06-20 13:11:03,988 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/]] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Session event listener threw exception                                       
java.lang.NullPointerException                                                                                       
        at org.zanata.webtrans.server.TranslationWorkspaceManagerImpl.exitWorkspace(TranslationWorkspaceManagerImpl.java:86)                                                                                                              
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)                                               
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)                             
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)                     
        at java.lang.reflect.Method.invoke(Method.java:616)                                                          
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)                                               
        at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32)                     
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)                     
        at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28)                  
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)                     
        at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:77)                       
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)                     
        at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44)               
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)                     
        at org.jboss.seam.core.SynchronizationInterceptor.aroundInvoke(SynchronizationInterceptor.java:32)           
        at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)                     
        at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)                                 
        at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:185)            
        at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:103)                         
        at org.zanata.webtrans.server.TranslationWorkspaceManagerImpl_$$_javassist_seam_13.exitWorkspace(TranslationWorkspaceManagerImpl_$$_javassist_seam_13.java)                                                                       
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)                                               
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)                             
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)                     
        at java.lang.reflect.Method.invoke(Method.java:616)                                                          
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)                                               
        at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144)                                       
        at org.jboss.seam.Component.callComponentMethod(Component.java:2253)                                         
        at org.jboss.seam.core.Events.raiseEvent(Events.java:85)                                                     
        at org.zanata.security.ZanataIdentity.logout(ZanataIdentity.java:116)                                        
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)                                               
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)                             
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at org.jboss.seam.util.Reflections.invoke(Reflections.java:22)
        at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144)
        at org.jboss.seam.Component.callComponentMethod(Component.java:2249)
        at org.jboss.seam.core.Events.raiseEvent(Events.java:85)
        at org.jboss.seam.contexts.Contexts.destroy(Contexts.java:236)
        at org.jboss.seam.contexts.Lifecycle.endSession(Lifecycle.java:295)
        at org.jboss.seam.contexts.ServletLifecycle.endSession(ServletLifecycle.java:160)
        at org.jboss.seam.servlet.SeamListener.sessionDestroyed(SeamListener.java:59)
        at org.apache.catalina.session.StandardSession.expire(StandardSession.java:702)
        at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:592)
        at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:683)
        at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:668)
        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1327)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1612)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1601)
        at java.lang.Thread.run(Thread.java:636)
2012-06-20 13:11:04,006 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/]] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Session event listener threw exception
java.lang.IllegalStateException: Please end the HttpSession via org.jboss.seam.web.Session.instance().invalidate()
        at org.jboss.seam.contexts.Lifecycle.endSession(Lifecycle.java:267)
        at org.jboss.seam.contexts.ServletLifecycle.endSession(ServletLifecycle.java:160)
        at org.jboss.seam.servlet.SeamListener.sessionDestroyed(SeamListener.java:59)
        at org.apache.catalina.session.StandardSession.expire(StandardSession.java:702)
        at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:592)
        at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:683)
        at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:668)
        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1327)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1612)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1601)
        at java.lang.Thread.run(Thread.java:636)
2012-06-20 13:13:04,047 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/]] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Session event listener threw exception
java.lang.IllegalStateException: Please end the HttpSession via org.jboss.seam.web.Session.instance().invalidate()
        at org.jboss.seam.contexts.Lifecycle.endSession(Lifecycle.java:267)
        at org.jboss.seam.contexts.ServletLifecycle.endSession(ServletLifecycle.java:160)
        at org.jboss.seam.servlet.SeamListener.sessionDestroyed(SeamListener.java:59)
        at org.apache.catalina.session.StandardSession.expire(StandardSession.java:702)
        at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:592)
        at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:683)
        at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:668)
        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1327)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1612)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1601)
        at java.lang.Thread.run(Thread.java:636)
2012-06-20 13:16:04,107 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/]] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Session event listener threw exception
java.lang.IllegalStateException: Please end the HttpSession via org.jboss.seam.web.Session.instance().invalidate()
        at org.jboss.seam.contexts.Lifecycle.endSession(Lifecycle.java:267)
        at org.jboss.seam.contexts.ServletLifecycle.endSession(ServletLifecycle.java:160)
        at org.jboss.seam.servlet.SeamListener.sessionDestroyed(SeamListener.java:59)
        at org.apache.catalina.session.StandardSession.expire(StandardSession.java:702)
        at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:592)
        at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:683)
        at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:668)
        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1327)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1612)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1621)
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1601)
        at java.lang.Thread.run(Thread.java:636)
Comment 3 Ding-Yi Chen 2012-06-26 04:05:00 EDT
1.6.1 Servers seems fixed.

However, 1.7 servers still has this problem.
REASSIGNED.
Comment 4 Sean Flanigan 2012-06-26 20:35:05 EDT
Sorry, I forgot to merge the change into the master branch.  It's there now.
Comment 5 Sean Flanigan 2012-06-27 02:33:59 EDT
*** Bug 833639 has been marked as a duplicate of this bug. ***
Comment 6 Sean Flanigan 2012-06-27 02:56:36 EDT
Note that this problem manifests with Fedora OpenID and with Kerberos ticket authentication, but not with basic access authentication, Nukes, or internal authentication.
Comment 7 Sean Flanigan 2012-06-27 02:56:36 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause
  Clicking sign-out on a Zanata server which uses Fedora or Kerberos ticket authentication

Consequence
  User gets an error message when logging out, and the editor's Participants List keep showing the user as logged in

Fix
  Sign-out code now uses the JAAS credentials' username instead of assuming JAAS principal is a username

Result
  Sign-out proceeds without error; user is removed from the editor's Participants List
Comment 8 Ding-Yi Chen 2012-06-27 21:24:37 EDT
With 1.7-SNAPSHOT (20120626-0025) servers,
Kerberos is fixed, but not the Fedora authentication.
Comment 9 Ding-Yi Chen 2012-06-27 21:56:04 EDT
VERIFIED with 1.6.1-SNAPSHOT (20120628-0014)

Error in 1.7 is tracked by bug 836056
Comment 10 Hedda Peters 2012-07-11 18:48:54 EDT
I still see multiple entries for the same user in the participants list in 1.6.1.

Note that I never sign out explicitly, but simply close the browser at the end of the day (as you do...)
Comment 11 Sean Flanigan 2012-07-16 21:57:19 EDT
There are still some ways to get multiple entries in Participants (eg reloading the editor page), but Zanata should be reliably removing all of them on logout now (or timeout).

Note You need to log in before you can comment on or make changes to this bug.