Uploaded image for project: 'InsightEdge Platform'
  1. GS-13194

Login to web-ui should be enforced with full equality and hashcode

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Fixed
    • Affects versions: None
    • Fix versions: 12.1.1
    • Labels:
    • Platform:
      All
    • SalesForce Case ID:
      11028
    • Acceptance Test:
      manual
    • Sprint:
      12.1.1-M5
    • Product:
      XAP
    • Edition:
      Premium

      Description

      1. remove sigar folder to have a lot of events
      2. start secured grid, and deploy space
      3. start web-ui with -Dcom.gs.web-ui.events.max-size=50
      4. Login to web ui with correct user and pwd that has all privileges
      5. in web-ui go to space statistics tab
      6. Do some grid operations.
      7. wait for a while
      8. logout from web-ui and login again with same user and wrong pwd
      9. see in web-ui log the message :
      2017-03-15 13:23:41,126 WARNING [org.openspaces.admin.internal.admin.DefaultAdmin] - Failed to execute: org.openspaces.admin.internal.gsm.events.DefaultGridServiceManagerAddedEventManager$2@4d42e1bb - com.gigaspaces.security.AuthenticationException: Aut
              at com.gigaspaces.security.fs.FileSecurityManager.authenticate(FileSecurityManager.java:64)
              at com.gigaspaces.security.service.SecurityInterceptor.authenticate(SecurityInterceptor.java:198)
              at com.gigaspaces.grid.gsm.GSMImpl.login(GSMImpl.java:604)
              at com.gigaspaces.security.service.RemoteSecuredServiceGigaspacesMethodinternalInvoke0.internalInvoke(Unknown Source)
              at com.gigaspaces.internal.reflection.fast.AbstractMethod.invoke(AbstractMethod.java:45)
              at com.gigaspaces.lrmi.LRMIRuntime.invoked(LRMIRuntime.java:441)
              at com.gigaspaces.lrmi.nio.Pivot.consumeAndHandleRequest(Pivot.java:494)
              at com.gigaspaces.lrmi.nio.Pivot.handleRequest(Pivot.java:572)
              at com.gigaspaces.lrmi.nio.Pivot$ChannelEntryTask.run(Pivot.java:173)
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
              at java.lang.Thread.run(Thread.java:745)
      Caused by: com.gigaspaces.security.AuthenticationException: Authentication failed for user [st]
              at com.gigaspaces.security.fs.FileSecurityManager.authenticate(FileSecurityManager.java:59)
              ... 11 more

      2017-03-15 13:23:53,256 WARNING [com.gigaspaces.webui.admin] - Events list size [51] exceeds its maximum possible value [50] and will be cleared! Client id=4. Refresh must be invoked.
      10. See that grid and space can be viewed

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              ester Ester Atzmon
              Participants of an issue:
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: