Project

General

Profile

Actions
Copy link

Bug #13695

closed

Authentication providers are not loaded before authentication is initialized

Added by François ARMAND about 6 years ago. Updated about 6 years ago.

Status:
Released
Priority:
N/A
Assignee:
Vincent MEMBRÉ
Category:
Plugins integration
Target version:
5.0.2
Pull Request:
https://github.com/Normation/rudder/p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Fix check:
Regression:

Description

When we put authentication providers into a plugin, we missed something about initialization order: we now have the sequence of provider initialization between spring and module check that is mismatched, leading to module providers never being available.

This is the current sequence:

// here it's RudderConfig initialization...
2018-10-22 15:01:59] INFO  bootchecks - Update existing API token to 'RW' autorization level.
// then spring is bootstrapped
[2018-10-22 15:01:59] INFO  org.eclipse.jetty.server.handler.ContextHandler.rudder_web - Initializing Spring root WebApplicationContext
[2018-10-22 15:01:59] INFO  org.springframework.web.context.ContextLoader - Root WebApplicationContext: initialization started
[2018-10-22 15:01:59] INFO  org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Refreshing Root WebApplicationContext: startup date [Mon Oct 22 15:01:59 CEST 2018]; root of context hierarchy
// here we start loading AppConfigAuth, starting with the XML definition of everything (including modules' spring config file)
[2018-10-22 15:01:59] INFO  org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Successfully resolved class for [bootstrap.liftweb.AppConfigAuth]
2018-10-22 15:01:59 JRebel: Monitoring Spring bean definitions in '/home/fanf/java/workspaces/rudder-project/rudder/rudder-web/target/classes/applicationContext-security.xml'.
[2018-10-22 15:01:59] INFO  org.springframework.beans.factory.xml.XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext-security.xml]
// here, we reach the point where we look for providers - but module not loaded yet, so license check forbid to use anything not standard
[2018-10-22 15:02:00] WARN  application - Required authentication method 'ldap' in property 'rudder.auth.provider' is not know by Rudder. Perhaps you are missing a plugin?
[2018-10-22 15:02:00] INFO  application - Loaded authentication provider(s): []
[2018-10-22 15:02:00] INFO  org.springframework.context.support.ClassPathXmlApplicationContext - Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@4682882a: startup date [Mon Oct 22 15:02:00 CEST 2018]; parent: Root WebApplicationContext
[2018-10-22 15:02:01] INFO  org.springframework.web.context.ContextLoader - Root WebApplicationContext: initialization completed in 1757 ms
// end spring init

// now Boot is started, loading modules
[2018-10-22 15:02:01] INFO  bootstrap.liftweb.Boot - classpath
[2018-10-22 15:02:01] INFO  org.reflections.Reflections - Reflections took 34 ms to scan 2 urls, producing 5 keys and 8 values 
// oh, new providers!
[2018-10-22 15:02:01] INFO  application - Add backend providers 'Enterprise Authentication Backends: 'ldap','radius''
// but it's too late, Jen.

Related issues 1 (0 open1 closed)

Related to Authentication backends - Bug #13709: Adapt authentication backend for correct init orderReleasedVincent MEMBRÉActions
Actions
Copy link

Also available in: Atom PDF