Project

General

Profile

Actions

Bug #13910

closed

Impossible to log in with root admin

Added by François ARMAND over 5 years ago. Updated about 5 years ago.

Status:
Released
Priority:
N/A
Category:
Web - Maintenance
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Fix check:
Regression:

Description

Trying to log-in with a configured root admin account like that:

# in /opt/rudder/etc/rudder-webapp.properties
rudder.auth.admin.login=rootadmin
rudder.auth.admin.password=secret

Leads to exception:

[2018-11-27 14:56:14] WARN  org.eclipse.jetty.server.HttpChannel - /rudder-web/j_spring_security_check
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null" 
    at org.springframework.security.crypto.password.DelegatingPasswordEncoder$UnmappedIdPasswordEncoder.matches(DelegatingPasswordEncoder.java:238)
    at org.springframework.security.crypto.password.DelegatingPasswordEncoder.matches(DelegatingPasswordEncoder.java:198)
    at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:86)
    at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:166)
    at bootstrap.liftweb.RudderProviderManager.authenticate(RudderProviderManager.java:115)
    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
    at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)

Because spring tries to use an unavailable bcrypt password encoder in place of the "plaintext" one. (yeah, the message is not very explicit).

Actions

Also available in: Atom PDF