TitleUserCheck Tag not working as it should when authenticated by Container (Tomcat 5.5)
Date28-Jan-2005 10:49:15 EET
Version2.1.134
Submitter217.22.96.73
Bug criticalityBadBug
Browser versionMozilla/ Internet Explorer
Bug statusClosedBug
PageProvider usedVersioningFileProvider
Servlet ContainerTomcat 5.5
Operating SystemWindows 2003 Server
URLN/A???
Java versionJava 2 1.4

Hi:

As you can see, we are using your JSPWiki version 2.1.134. Our purpose:

We want the user to be authenticated against the Container so we modified the web.xml descriptor file. We modified ViewTemplate.jsp so the user had an option of login and logout. We use the <UserCheck> tag with options validated and unvalidated in order to print on the screen either Login or Logout depending on his login status (validated or unvalidate).

Here is the code that we wrote on ViewTemplate:

      <div class="menuBar">
	       <wiki:InsertPage page="MenuBar" />
		 <wiki:UserCheck status="unvalidated">
			<a class="wikipage" href="<wiki:Variable var="baseURL"/>Login.jsp?page=<wiki:PageName />">Login</a>
		</wiki:UserCheck>
		<wiki:UserCheck status="validated">
			<a class="wikipage" href="<wiki:Variable var="baseURL"/>Login.jsp?action=logout">Logout</a>
		</wiki:UserCheck>	
	  </div>
The problem:

The problem appeared like the following: when the user was not Valid (I mean, he was not still authenticated it doesn't matter he had cookie or not) the tag was working fine as his status was unvalidated. But, once the user clicked Login option and is authenticated against tomcat, the tag is not working because the code for status validated is not appearing on screnn, thus no link for Logout.

Our thoughts:

Gettin to the <UserCheck> tag code, we found out that it is not working ok as there is no equals comparision for CONTAINER authentication method. See the following code:

  public final int doWikiStartTag()
        throws IOException
    {
        WikiEngine  engine = m_wikiContext.getEngine();
        ...
        if( m_status != null )
        {
            if( wup == null )
            {
                // This may happen when strict login policy is used.
                return( SKIP_BODY );
            }

            if( "unknown".equals( m_status ) && 
                wup.getLoginStatus() == UserProfile.NONE )
            {
                return EVAL_BODY_INCLUDE;
            }
            else if( "known".equals( m_status ) && 
                     wup.getLoginStatus() > UserProfile.NONE )
            {
                return EVAL_BODY_INCLUDE;
            }
            else if( "named".equals( m_status ) && 
                     wup.getLoginStatus() == UserProfile.COOKIE )
            {
                return EVAL_BODY_INCLUDE;
            }
            else if( "validated".equals( m_status ) && 
                     wup.getLoginStatus() > UserProfile.CONTAINER )
            {
                return EVAL_BODY_INCLUDE;
            }
            else if( "unvalidated".equals( m_status ) && 
                     wup.getLoginStatus() < UserProfile.CONTAINER )
            {
                return EVAL_BODY_INCLUDE;
            }
        }

        return SKIP_BODY;
    }
We think that the 4th comparision to evaluate the body, the one that refers to status validated and userProfile.CONTAINER should be greater or equals to (>=) and no just greater than.

Is this the correct behaviour? Was your intention to make this tag behave like this? Probably you did and it is that we are missing out something :)

You can email us to jgarciab@iberdrola.es and eduardo.rodriguez@iberdrola.es.

Thank you very much for your atention. Hope this will get solved easily and is not lot of work for you.

Regards,

Juan Garcia Baldasano.


The entire AAA system is deprecated. Any bugs in it will not be fixed. A completely new system will be in an upcoming version.

Sorry guys, but the current system is so full of bugs, that it's simply not worth fixing. It was never really well-designed anyway. Feel free to fix anything you like in your own copy, but be aware that things will change in 2.4.

-- JanneJalkanen

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-3) was last changed on 28-Feb-2005 16:05 by 158.228.228.108