Project

General

Profile

Actions

Bug #17108

closed

cannot login in Rudder 6.1

Added by Nicolas CHARLES over 4 years ago. Updated over 4 years ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Priority:
50
Name check:
To do
Fix check:
Checked
Regression:

Description

I cannot login on Rudder 6.1
I've set a rudder-user, with user nimda rather thann admin, to check if it fixes, but it doesn't

Error is Error 500

Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.
Apache/2.4.25 (Debian) Server at 192.168.44.2 Port 443

spring security logs are

[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/style/**'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/images/**'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/javascript/**'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/cache-**'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/api/**'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: Session@7bd34e69{id=node01d9rvfs7gj7awiprbutfphceu0,x=node01d9rvfs7gj7awiprbutfphceu0.node0,req=1,res=true}. A new one will be created.
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 10 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 3 of 10 in additional filter chain; firing Filter: 'HeaderWriterFilter'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 4 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/j_spring_security_check'
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
[2020-04-13 22:30:05+0200] DEBUG bootstrap.liftweb.RudderProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.authentication.dao.DaoAuthenticationProvider - User 'nimda' not found
[2020-04-13 22:30:05+0200] DEBUG bootstrap.liftweb.RudderProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.header.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@2c0cde9f
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
[2020-04-13 22:30:05+0200] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed

User is not found

Actions

Also available in: Atom PDF