Docstoc

Atricore - Josso

Document Sample
Atricore - Josso Powered By Docstoc
					[JOSSO-445] Is JOSSO supports Internet Single Sign-On (SSO) solution
for WS-federation based? Created: 05/Dec/12 Updated: 05/Dec/12
Status:               Open
Project:              JOSSO
Component/s:          Tomcat 5.5 Agent
Affects Version/s:    JOSSO 1.8
Fix Version/s:        None

Type:                 Bug                               Priority:             Major
Reporter:             satyanarayana                     Assignee:             Sebastian Gonzalez Oyuela
Resolution:           Unresolved                        Votes:                0
Environment:          Windows.


Description
Is JOSSO supports Internet Single Sign-On (SSO) solution for WS-federation based?
[JOSSO-443] org.apache.derby.client.am.SqlException: Java exception:
'A truncation error was encountered trying to shrink LONG VARCHAR
'<stream-value>' to length 32700. Created: 29/Nov/12 Updated: 10/Dec/12 Resolved: 10/Dec/12
Status:                 Resolved
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.1

Type:                   Bug                                  Priority:                Minor
Reporter:               Sebastian Gonzalez Oyuela            Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:                   0

Attachments:              JOSSO-2.3.0-FIX-443.tar.gz            JOSSO-2.3.1-SNAPSHOT-FIX-443.tar.gz
                        JOSSO-2.3.x-FIX-443.sql

Comments
Comment by Sebastian Gonzalez Oyuela [ 29/Nov/12 3:46 PM ]
There's a limit in a column table that prevents from building appliances of a certain size.

This issue will be solved in JOSSO 2.3.1. In the mean time you can follow these steps as a workaround for your
current JOSSO 2.3.0 / 2.3.1 early access (snapshot) version:

1. Export all your appliances, we're deleting them from the internal DB.

2. Connect to JOSSO database using a derby JDBC driver. You can use for example the following SQL client:
http://squirrel-sql.sourceforge.net/

The connection URL should look like these
jdbc:derby://localhost/atricore-console
user:admin
pwd:admin (default)

You can use

3. Execute the attached SQL script

4. Stop JOSSO and extract the proper patch file into $JOSSO2_HOME/system folder.

5. Start JOSSO and re-import your appliances
Comment by Sebastian Gonzalez Oyuela [ 29/Nov/12 3:47 PM ]
Workaround files for JOSSO 2.3.0 and 2.3.1 SNAPSHOTS that don't have the fix yet.
[JOSSO-442] Set proper default SAML 2.0 bindings when creating
IDPs/SPs Created: 27/Nov/12 Updated: 27/Nov/12
Status:              Open
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Improvement                 Priority:   Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Unresolved                  Votes:      0
[JOSSO-441] payslip Created: 15/Nov/12              Updated: 16/Nov/12
Status:                Open
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         None

Type:                  Bug                                Priority:      Major
Reporter:              Hari Prasad                        Assignee:      Sebastian Gonzalez Oyuela
Resolution:            Unresolved                         Votes:         0

Attachments:              test_domain.log       test_domain.log

Description
nvr mind

Comments
Comment by Hari Prasad [ 16/Nov/12 12:11 AM ]
Getting the error when running partnerapp in weblogic10.3.6.

PFA
[JOSSO-440] When using JAXWSWebserviceGatewayServiceLocator,
Josso fails to work if it can't access a WSDL file at www.josso.org. Created:
30/Oct/12 Updated: 30/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            SSO Gateway
Affects Version/s:      JOSSO 1.8.6
Fix Version/s:          None

Type:                   Bug                                  Priority:                Major
Reporter:               David Warren                         Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Unresolved                           Votes:                   0
Environment:            Windows Server 2008


Description
We are running Josso 1.8.6 in a location where the internet cannot be accessed.

When starting the Josso gateway, an exception is thrown when
org.josso.gateway.ws._1_2.wsdl.SSOSessionManagerWS tries to access the WSDL file at
http://www.josso.org/wsdl/josso-1.2/josso-1.2.wsdl, and cannot.
This CXF-generated class is in josso-ws-v1_2-1.8.6.jar. It is called by
org.josso.gateway.jaxws.JAXWSWebserviceGatewayServiceLocator.

Both SSOSessionManagerWS and SSOIdentityManagerWS have the URL mentioned above as the 'wsdlLocation'
attribute in their @WebService annotation.

We got around this problem by configuring our Josso gateway server so that WSDL URL resolves to the correct file.
But it would be nice if we would not have to do this. In other words, if the WSDL was read from the local Josso files
rather than at www.josso.org.

In addition, this error only showed up localhost.log when the logging level for this file was set to Fine. A sample error
is shown below. It would seem that an error like this should be logged at the Error level.

FINE: CatalinaSSOAgent[localhost]: Can't create session/identity/provider managers:
XML reader error: javax.xml.stream.XMLStreamException: ParseError at [row,col]: [12,208]
Message: The entity name must immediately follow the '&' in the entity reference.
com.sun.xml.internal.ws.streaming.XMLStreamReaderException: XML reader error:
javax.xml.stream.XMLStreamException: ParseError at [row,col]: [12,208]
Message: The entity name must immediately follow the '&' in the entity reference.
at com.sun.xml.internal.ws.streaming.XMLStreamReaderUtil.wrapException(XMLStreamReaderUtil.java:256)
at com.sun.xml.internal.ws.streaming.XMLStreamReaderUtil.skipTags(XMLStreamReaderUtil.java:146)
at com.sun.xml. internal.ws.streaming.XMLStreamReaderUtil. skipElement(XMLStreamReaderUtil.java:119)
at
com.sun.xml.internal.ws.wsdl.parser.WSDLParserExtensionFacade.definitionsElements(WSDLParserExtensionFaca
de.java:129)
at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parseWSDL(RuntimeWSDLParser.java:314)
at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parseUsingMex(RuntimeWSDLParser.java:196)
at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:149)
at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:127)
at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:254)
at com.sun.xml.internal.ws.client.WSServiceDelegate.<init> (WSServiceDelegate.java:217)
at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:165)
at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDeleg~te(ProviderImpl.java:93)
at javax.xml.ws.Service.<init> (Service.java:56)
at org.josso.gateway.ws._1_2.wsdl.SSOSessionManagerWS.<init>(SSOSessionManagerWS.java:52)
at
org.josso.gateway.jaxws.JAXWSWebserviceGatewayServiceLocator.getSSOSessionManager(JAXWSWebserviceG
atewayServiceLocator.java:62)
...
[JOSSO-439] Create IIS execution environment Created: 27/Oct/12                           Updated: 27/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      JOSSO 2.3.0
Fix Version/s:          None

Type:                   Task                                Priority:          Major
Reporter:               Srdjan                              Assignee:          Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:             0
Environment:            Windows server 2008


Description
I want to create Windows IIS execution environment. Can you please help me with parameters.

Target host is Remote.
Need instructions how to fill Install Home and Activation Service Endpoint.

Thanks,
Srdjan
[JOSSO-438] Create IIS execution environment Created: 27/Oct/12   Updated: 27/Oct/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       None

Type:                Task               Priority:      Major
Reporter:            Srdjan             Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Unresolved         Votes:         0
[JOSSO-437] Test Connection and Test Query not working Created: 27/Oct/12
Updated: 27/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            DB Identity Store
Affects Version/s:      JOSSO 2.3.0
Fix Version/s:          None

Type:                   Bug                                Priority:               Critical
Reporter:               Srdjan                             Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                         Votes:                  0
Environment:            windows server 2008


Description
I created a DB Identity source

Name : SS
Driver: JDBC ODBC Bridge
connection url : odbc:sqlserver://ipaddress
username=xyz
password=xyz

and clicked Test Connection. I didnt get any response. I have installed ODBC driver for sql server.
Can you help me please?

Thank You,
Srdjan
[JOSSO-436] JOSSO ISAPI Agent does not support default resource
Created: 26/Oct/12 Updated: 26/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            ISAPI Agent
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.8

Type:                   Bug                         Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Unresolved                  Votes:      0
[JOSSO-435] Add organization information to identity appliance Created:
26/Oct/12 Updated: 26/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   Improvement                 Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Unresolved                  Votes:      0
[JOSSO-434] Unable to find User Principal in weblogic 10.3.6 Created: 18/Oct/12
Updated: 18/Oct/12
Status:                Open
Project:               JOSSO
Component/s:           Weblogic 10 Agent
Affects Version/s:     JOSSO 1.8.6
Fix Version/s:         None

Type:                  Bug                                 Priority:              Major
Reporter:              Hari Prasad                         Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Unresolved                          Votes:                 0
Environment:           Weblogic10.3.6, jdk1.6, JOSSO1.8.6

Attachments:               output.txt

Description
Hi

Am new to JOSSO. Using JOSSO1.8.6.

Able to run partnerapp successfully in tomcat7.

But the same failing in weblogic10.3.6. Am attaching the error trace. Could anybody please suggest the solution.

Its highly important and needful as am struggling since 3days..

thanks in advance..
[JOSSO-433] Web Console stops working when PAX temp folder is
deleted Created: 17/Oct/12 Updated: 17/Oct/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Bug                         Priority:   Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Unresolved                  Votes:      0
[JOSSO-432] JOSSO2.0: How to create XML identity source and what
changes have to make to activate XML file as identity source Created: 24/Sep/12
Updated: 24/Sep/12
Status:                 Open
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          None

Type:                   Task                                  Priority:               Major
Reporter:               Hari Prasad                           Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                            Votes:                  0


Description
Hi all
Am using JOSSO2.0 commuinty version..

I got application run with josso login page when i used Identity vault as the Identity source..

But now am facing an issue while using XML file as Idenitity source. follwoing is my users.xml file used for identity
source..

Can anybody please correct the file if anything wrong. and guide me the modification to do in the application to
execute properly..


Users.xml
+++++++++++++++++
<?xml version="1.0" encoding="UTF-8"?>
<josso-users>
<users>
<user>
<name>User1</name>
<properties>
<property>
<name>user.name</name>
<value>User 1 Name</value>
</property>
<property>
<name>user.lastName</name>
<value>User 1 Last Name</value>
</property>
<property>
<name>user.registrationDate</name>
<value>2004/09/11</value>
</property>
</properties>
<roles>role1,role2</roles>
</user>
<user>
<name>User2</name>
<properties>
<property>
<name>user.name</name>
<value>User 2 Name</value>
</property>
<property>
<name>user.lastName</name>
<value>User 2 Last Name</value>
</property>
<property>
<name>user.registrationDate</name>
<value>2004/09/10</value>
</property>
</properties>
<roles>role2</roles>
</user>
<user>
<name>user3</name>
<properties>
<property>
<name>user.name</name>
<value>User 3 Name</value>
</property>
<property>
<name>user.lastName</name>
<value>User 3 Last Name</value>
</property>
<property>
<name>user.registrationDate</name>
<value>2005/01/1</value>
</property>
</properties>
<roles>role1</roles>
</user>
</users>
<roles>
<role>
<name>role1</name>
</role>
<role>
<name>role2</name>
</role>
</roles>
</josso-users>
<josso-credentials>
<credential-set>
<key>user1</key>
<credential>
<name>username</name>
<value>user1</value>
</credential>
<credential>
<name>password</name>
<value>12345678</value>
</credential>
</credential-set>
<credential-set>
<key>user2</key>
<credential>
<name>username</name>
<value>user2</value>
</credential>
<credential>
<name>password</name>
<value>12345678</value>
</credential>
</credential-set>
</josso-credentials>



Error :
++++++

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'cnkidp'
defined in URL [bundle://176.0:0/META-INF/spring/cnkidp/cnkidp-config.xml]: Cannot resolve reference to bean
'CNK-cot-manager' while setting bean property 'cotManager'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'CNK-cot-manager'
defined in URL [bundle://176.0:0/META-INF/spring/beans.xml]: Cannot resolve reference to bean 'CNK-cot' while
setting bean property 'cot'; nested exception is org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'sp1partnerapp' defined in URL [bundle://176.0:0/META-
INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot resolve reference to bean 'sp1partnerapp-default-idp-
channel' while setting bean property 'channel'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sp1partnerapp-default-
idp-channel' defined in URL [bundle://176.0:0/META-INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot
resolve reference to bean 'sp1partnerapp-account-link-lifecycle' while setting bean property 'accountLinkLifecycle';
nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'sp1partnerapp-account-link-lifecycle' defined in URL [bundle://176.0:0/META-
INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot resolve reference to bean 'sp1partnerapp-identity-store'
while setting bean property 'identityStore'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'sp1partnerapp-identity-store' is
defined
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueRes
olver.java:275)
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionVal
ueResolver.java:104)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAuto
wireCapableBeanFactory.java:1245)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCa
pableBeanFactory.java:1010)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireC
apableBeanFactory.java:472)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBe
anFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapa
bleBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistr
y.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at
org.springframework.osgi.service.exporter.support.OsgiServiceFactoryBean.afterPropertiesSet(OsgiServiceFactoryB
ean.java:167)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowir
eCapableBeanFactory.java:1369)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCa
pableBeanFactory.java:1335)
... 108 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'CNK-cot-
manager' defined in URL [bundle://176.0:0/META-INF/spring/beans.xml]: Cannot resolve reference to bean 'CNK-cot'
while setting bean property 'cot'; nested exception is org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'sp1partnerapp' defined in URL [bundle://176.0:0/META-
INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot resolve reference to bean 'sp1partnerapp-default-idp-
channel' while setting bean property 'channel'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sp1partnerapp-default-
idp-channel' defined in URL [bundle://176.0:0/META-INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot
resolve reference to bean 'sp1partnerapp-account-link-lifecycle' while setting bean property 'accountLinkLifecycle';
nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'sp1partnerapp-account-link-lifecycle' defined in URL [bundle://176.0:0/META-
INF/spring/sp1partnerapp/sp1partnerapp-config.xml]: Cannot resolve reference to bean 'sp1partnerapp-identity-store'
while setting bean property 'identityStore'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'sp1partnerapp-identity-store' is
defined
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueRes
olver.java:275)
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionVal
ueResolver.java:104)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAuto
wireCapableBeanFactory.java:1245)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCa
pableBeanFactory.java:1010)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireC
apableBeanFactory.java:472)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBe
anFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapa
bleBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistr
y.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueRes
olver.java:269)
... 129 more
[JOSSO-431] Login error after providing the credentials Created: 18/Sep/12                                   Updated:
10/Oct/12
Status:                 Open
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          None

Type:                   Task                                Priority:               Major
Reporter:               Hari Prasad                         Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                  0

Attachments:               atricore.log       CONFIG.png

Description
Hi
AM new to JOSSO. Now we are using JOSSO 2.3 CE.

Testing the partnerapp application with josso 2.3 atricore console.

1) Hitting the url : http://localhost:8080/partnerapp
      Showing the page as "You're an anonymous user." with login button.
2) Clicking the Login Button opens the page : http://localhost:8081/IDBUS-
UI/TEST5/SSO/LOGIN/SIMPLE?SSOArt=id533A4EDE0404CD97
      Here we are providing the login credentials those we created in "Accounts and Entitlements Management"
3) Clicking the submit (Login) Button farwarding to the page
http://localhost:8081/IDBUS/TEST5/SP1EE/SSO/ACS/ARTIFACT?SSOArt=idE7E5EFBA7B55A33F
       Here the user dash board showing the following error trace..

Can Anybody plz hlep to resolve the issue.. Attaching the atricore.log file.. PFA
Also attaching the appliance configuration..


====================================================================
Debug Information

  Unknown error

Message:
Caused by:

org.atricore.idbus.kernel.main.mediation.IdentityMediationFault: urn:org:atricore:idbus:error:fatal:null:null:null: at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:161) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.pr
ocess(CamelMediationEndpoint.java:311) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59) at
org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.jav
a:470) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:1
21) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64) at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98) at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64) at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at
org.mortbay.jetty.Server.handle(Server.java:326) at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at
org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) Caused by:
java.lang.NullPointerException at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:88) at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:43) at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133) ...
51 more
Caused by:

java.lang.NullPointerException at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:88) at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:43) at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.pr
ocess(CamelMediationEndpoint.java:311) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59) at
org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.jav
a:470) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:1
21) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64) at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98) at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64) at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at
org.mortbay.jetty.Server.handle(Server.java:326) at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at
org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)




Comments
Comment by Lutfi Kaddoura [ 10/Oct/12 3:31 PM ]
Hi

when i tried the JOSSO2 Quick Start example im getting the same exact issue.
does this have to do with resolving the authenticated login from the idp and matching it with the SP1 indentity sources
?
shouldnt all the identity value share the same credintals repository ?
any help is appreciated.
[JOSSO-430] Getting error like "An error occured while processing your
request" after providing credentials and hitting login Created: 18/Sep/12 Updated:
22/Nov/12
Status:                 Open
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          None

Type:                   Task                               Priority:               Major
Reporter:               Hari Prasad                        Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                         Votes:                  1


Description
Hi
Am new to JOSSO2.3 and trying to implement JOSSO single sign on to partnerapp.

Am able to get josso login page when i hit http://localhost:8080/partnerapp

I provided username and password in the login page and submitted. Here am getting the following error

Can anybody please help me to guide me the issue...

Error
============================
  Unknown error

Message:
Caused by:

org.atricore.idbus.kernel.main.mediation.IdentityMediationFault: urn:org:atricore:idbus:error:fatal:null:null:null: at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:161) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.pr
ocess(CamelMediationEndpoint.java:311) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59) at
org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.jav
a:470) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:1
21) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64) at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98) at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64) at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at
org.mortbay.jetty.Server.handle(Server.java:326) at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at
org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) Caused by:
java.lang.NullPointerException at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:88) at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:43) at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133) ...
51 more
Caused by:

java.lang.NullPointerException at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:88) at
org.atricore.idbus.capabilities.josso.main.producers.AssertionConsumerProducer.doProcess(AssertionConsumerPro
ducer.java:43) at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.pr
ocess(CamelMediationEndpoint.java:311) at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43) at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59) at
org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189) at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:115) at
org.apache.camel.processor.Pipeline.process(Pipeline.java:89) at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87) at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82) at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52) at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41) at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.jav
a:470) at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:1
21) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64) at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98) at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64) at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at
org.mortbay.jetty.Server.handle(Server.java:326) at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at
org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)



Comments
Comment by Mimi Greg [ 22/Nov/12 10:18 AM ]
Used josso-ce-2.3.0 with JBOSS 5.1.0GA
I followed the quick stard guide and got exactly the same behaviour... i google my thouble and just find that
Unresolved JIRA. No solutions, no hints, no way to know what's wrong... i give up and study another SSO solution
(no time to wait one or two month) sorry
[JOSSO-429] SAML 2 HTTP Redirect binding produces locks/delays
Created: 14/Sep/12 Updated: 14/Sep/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Identity Bus, SAML2 Support
Affects Version/s:      JOSSO 2.3.0
Fix Version/s:          JOSSO 2.4.0

Type:                   Bug                               Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela         Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Unresolved                        Votes:      0
[JOSSO-428] Session Expired page produces error Created: 14/Sep/12                                Updated:
14/Sep/12
Status:               Open
Project:              JOSSO
Component/s:          Atricore Identity Bus
Affects Version/s:    JOSSO 2.3.0
Fix Version/s:        JOSSO 2.4.0

Type:                 Bug                                Priority:              Minor
Reporter:             Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:           Unresolved                         Votes:                 0


Description
[MarkupContainer [Component id = _extend9]]. This means that you declared wicket:id=status in your markup, but
that you either did not add the component to your page at all, or that the hierarchy does not match.
[markup = bundle://191.0:1/org/atricore/idbus/capabilities/sso/ui/page/SessionExpiredPage_josso2.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-
strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
...
      <!--
      <div>
         <p>
            <strong>
               <span wicket:id="status"/>
            </strong>
            <br/><span wicket:id="secStatus"/>
            <br/><span wicket:id="details"/>
         </p>

       <div class="footer"></div>
    </div>
    -->


, index = 26, current = '<span wicket:id="status">' (line 50, column 21)]
      at
org.apache.wicket.markup.MarkupStream.throwMarkupException(MarkupStream.java:474)[129:org.ops4j.pax.wicket.
service:0.8.2]
[JOSSO-427] Not able to see Josso login page in my own
webapplcation.. Created: 14/Sep/12 Updated: 14/Sep/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console, Atricore Identity Bus, Tomcat 7
Affects Version/s:      JOSSO 2.3.0
Fix Version/s:          None

Type:                   Task                               Priority:               Major
Reporter:               Hari Prasad                        Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                         Votes:                  0

Attachments:               Josso Issue.docx

Description
Issue : When we hit the url http://localhost:8080/LoginApp we are not able to see the josso SSO effcts but getting the
normal page what we developed normally. I also replaced my web application with the index page provided by
sample partner application. But this page showing that "You Logged in as anonymous user" and aslo a login button.
As am newbie to JOSSO2.3, Can anyone please guide me weather we have to prepare index page by our own to
redirect josso_user_login or framework provides. And also suggest me what prerequisits need to make our
application to work with JOSSO.
Even also i found that there is no Josso.war file in the josso2.3 installation structure.
Please guide me for doing things in josso and good links for getting through the JOSSO other than www.josso.org . I
gone through this site but still need more information to get my work done.
Please help me as i need it to done ASAP..
Thanks in advance...

This is our web.xml from LoginApp
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd">

<display-name>LoginApp</display-name>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/forms/*</url-pattern>
<url-pattern>/</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>


Also attaching the procedure I followed to achieve the JOSSO sso. I dont know weather i did correct or wrong. But I
followed the procedure provided www.josso.org link. Please correct me if am wrong anywhere and also suggest me
the solution for my problem..
Thnanks in advance..
[JOSSO-426] Logout from googleapps results in
IllegalArgumentException Created: 11/Sep/12 Updated: 11/Sep/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Identity Bus
Affects Version/s:      JOSSO 2.3.0
Fix Version/s:          None

Type:                   Bug                                 Priority:               Major
Reporter:               Chris Bush                          Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                  0
Environment:            josso-ce-2.3.0 on Mac OS X 10.6.8 Java(TM) SE Runtime Environment (build 1.6.0_35-b10-
                        428-10M3811) Java HotSpot(TM) 64-Bit Server VM (build 20.10-b01-428, mixed mode)


Description
Signing out from GoogleApps on the SingleLogoutService url results in an IllegalArgumentException.

http://localhost:8081/IDBUS/BASE-IDP/BASEIDP/SAML2/SLO/SOAP

Stack trace from atricore.log follows:

2012-09-11 22:08:30,911 | TRACE | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2 91
| 170 - org.atricore.idbus.kernel.main - 1.3.0 | IDBUS SERVLET SERVICE START AT 1347415710911
(1979063457@qtp-2145986093-23)
2012-09-11 22:08:31,031 | DEBUG | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2
551 | 170 - org.atricore.idbus.kernel.main - 1.3.0 | Scanning in 2 Identity Mediation Units for IDBus Http Camel
Consumer [idbus:/IDBUS/BASE-IDP/BASEIDP/SAML2/SLO/SOAP]
2012-09-11 22:08:31,032 | TRACE | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2
557 | 170 - org.atricore.idbus.kernel.main - 1.3.0 | Scanning Identity Mediation Unit [base-a2cadius-mediation-unit] for
IDBus Http Camel Consumer [idbus:/IDBUS/BASE-IDP/BASEIDP/SAML2/SLO/SOAP]
2012-09-11 22:08:31,032 | TRACE | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2
584 | 170 - org.atricore.idbus.kernel.main - 1.3.0 | HTTP Consumer for consumer key [idbus:/IDBUS/BASE-
IDP/BASEIDP/SAML2/SLO/SOAP] found
2012-09-11 22:08:31,033 | TRACE | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2
463 | 170 - org.atricore.idbus.kernel.main - 1.3.0 | Received COOKIES [JSESSIONID=ae7rxb6x3gfs.idbus-web-001;
BASEIDP_STATE=idCC6D365902AA7A2D; JSESSIONID=12g3i6j3wm2ph.idbus-web-001]
2012-09-11 22:08:31,033 | TRACE | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 57 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Reading HTTP Servlet Request
2012-09-11 22:08:31,034 | DEBUG | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 62 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Setting IDBus Cookie header for JSESSIONID=ae7rxb6x3gfs.idbus-web-
001
2012-09-11 22:08:31,034 | DEBUG | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 62 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Setting IDBus Cookie header for
BASEIDP_STATE=idCC6D365902AA7A2D
2012-09-11 22:08:31,034 | DEBUG | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 62 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Setting IDBus Cookie header for JSESSIONID=12g3i6j3wm2ph.idbus-
web-001
2012-09-11 22:08:31,034 | DEBUG | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 71 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Publishing HTTP Session as Camel header
org.atricore.idbus.http.HttpSession
2012-09-11 22:08:31,036 | INFO | tp-2145986093-23 | PhaseInterceptorChain | ache.cxf.common.logging.LogUtils
345 | - - | Interceptor has thrown exception, unwinding now
java.lang.IllegalArgumentException: Null InputStream is not a valid argument
at com.ctc.wstx.stax.WstxInputFactory.createSR(WstxInputFactory.java:595)[72:woodstox-core-asl:4.0.5]
at com.ctc.wstx.stax.WstxInputFactory.createXMLStreamReader(WstxInputFactory.java:316)[72:woodstox-core-
asl:4.0.5]
at
org.apache.cxf.interceptor.StaxInInterceptor.handleMessage(StaxInInterceptor.java:83)[124:org.apache.cxf.bundle:2.
2.2]
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)[124:org.apache.cxf.bundl
e:2.2.2]
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:89)[124:org.apache.cxf.bu
ndle:2.2.2]
at
org.apache.camel.component.cxf.transport.CamelDestination.incoming(CamelDestination.java:157)[151:org.apache.
camel.camel-cxf:1.6.1]
at
org.apache.camel.component.cxf.transport.CamelDestination$ConsumerProcessor.process(CamelDestination.java:1
81)[151:org.apache.camel.camel-cxf:1.6.1]
at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43)[148:org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59)[148:org.apache.camel.camel-
core:1.6.1]
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)[148:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[148:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)[148:
org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)[148:o
rg.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)[148:org.apache.camel.camel
-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)[148:org.apache.camel.camel
-core:1.6.1]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)[148:org.apache.camel.camel-core:1.6.1]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)[148:org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[148:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)[148:
org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)[148:o
rg.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)[148:org.apache.camel.ca
mel-core:1.6.1]
at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)[148:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)[148:org.apache.ca
mel.camel-core:1.6.1]
at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.doService(OsgiIDBusServlet2.jav
a:470)[170:org.atricore.idbus.kernel.main:1.3.0]
at
org.atricore.idbus.kernel.main.mediation.camel.component.http.OsgiIDBusServlet2.service(OsgiIDBusServlet2.java:1
21)[170:org.atricore.idbus.kernel.main:1.3.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[105:org.apache.geronimo.specs.geronimo-
servlet_2.5_spec:1.1.2]
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)[110:or
g.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98)[110:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)[1
10:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)[106:org.apache.servicemix.bundles.jett
y-bundle:6.1.22.2]
at org.mortbay.jetty.Server.handle(Server.java:326)[106:org.apache.servicemix.bundles.jetty-bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)[106:org.apache.servic
emix.bundles.jetty-bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)[106:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)[106:org.apache.servicemix.bundles
.jetty-bundle:6.1.22.2]
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)[106:org.apache.servicemix.bu
ndles.jetty-bundle:6.1.22.2]
2012-09-11 22:08:31,042 | DEBUG | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 78 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Writing HTTP Servlet Response
2012-09-11 22:08:31,042 | TRACE | tp-2145986093-23 | IDBusHttpBinding | .component.http.IDBusHttpBinding 100 |
170 - org.atricore.idbus.kernel.main - 1.3.0 | Writting HTTP Servlet Response
2012-09-11 22:08:31,043 | TRACE | tp-2145986093-23 | OsgiIDBusServlet2 | component.http.OsgiIDBusServlet2
128 | 170 - org.atricore.idbus.kernel.main - 1.3.0 | IDBUS SERVLET SERVICE END AT 1347415711043 TOOK: 132
ms(1979063457@qtp-2145986093-23)

Results in ugly soap fault for browser logging out:

<soap:Envelope><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Null InputStream is not
a valid argument</faultstring></soap:Fault></soap:Body></soap:Envelope>
[JOSSO-425] JOSSO2 project does not build due to missing console
dependencies Created: 09/Sep/12 Updated: 09/Sep/12
Status:                Open
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     JOSSO 2.3.0
Fix Version/s:         None

Type:                  Bug                                 Priority:               Major
Reporter:              Robert Shanahan                     Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Unresolved                          Votes:                  0
Environment:           linux centos 5.6


Description
The community edition of JOSSO2 does not fully build. The distribution module depends on atricore console
jars/bundles that are not available in the atricore public repos. Even using the console bundles from the installed
distribution does not work because there are compile time dependencies defined in the poms that are jar'd with the
bundles.
[JOSSO-423] Branding List : Add actions column between description
and type, and move edit/delete icons there (similar to appliance
lifecycle) Created: 18/Jul/12 Updated: 06/Sep/12 Resolved: 23/Jul/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-422] Branding Settings: Add global button for publishing
branding changes: Publish Changes (by the 'Create New Branding'
button) Created: 18/Jul/12 Updated: 06/Sep/12 Resolved: 23/Jul/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-421] Branding Update: Upload bundle is not working, it should
be optional when it does. Created: 18/Jul/12 Updated: 06/Sep/12 Resolved: 09/Aug/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Bug                         Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-420] Connections not deleted from appliance definition upon
entity removal Created: 29/Jun/12 Updated: 29/Jun/12
Status:                Open
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.4.0

Type:                  Bug                                Priority:              Minor
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Goran Nastov
Resolution:            Unresolved                         Votes:                 0


Description
This actually occurs when removing a local SP/IDP on version 2.3.0 (master), the activation connection stills
referenced somewhere. Since we're making lots of changes for 2.3.1, it's worth making sure that connections are
properly deleted when sps/idps , resources, services, etc are removed from model.
[JOSSO-419] Reversed texts on property sheets after flash version
update Created: 27/Jun/12 Updated: 27/Jun/12 Resolved: 27/Jun/12
Status:              Resolved
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Bug                         Priority:   Blocker
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0

Attachments:            screen-01.png
[JOSSO-418] HTTP Service configuration should also expose follow
redirects include/exclude urls Created: 01/Jun/12 Updated: 06/Sep/12 Resolved: 01/Aug/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Improvement                         Priority:               Critical
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                  0


Description
Only when follow redirect is set to true, these properties should be enabled. (add a group , like the SSL setup)

Labels for the fields should be Include URLs , Exclude URLs

Comments
Comment by Sebastian Gonzalez Oyuela [ 24/Jul/12 7:43 AM ]
URLs should be valid URLs , as validated by the JAVA URL class. (scheme://domain:port/path/....)
[JOSSO-417] HTTP Service configuration should also expose the
property followRedirects with the label : Optimize Redirects (checkbox)
Created: 01/Jun/12 Updated: 06/Sep/12 Resolved: 12/Jul/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Improvement                         Priority:   Critical
Reporter:               Sebastian Gonzalez Oyuela           Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0
[JOSSO-416] SLO Fails on two node cluster setup Created: 01/Jun/12          Updated: 06/Sep/12
Resolved: 24/Jul/12
Status:               Closed
Project:              JOSSO
Component/s:          SAML2 Support
Affects Version/s:    None
Fix Version/s:        JOSSO 2.3.0

Type:                 Bug                         Priority:   Blocker
Reporter:             Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:           Fixed                       Votes:      0
[JOSSO-415] External providers must support empty context in location
fields Created: 01/Jun/12 Updated: 01/Jun/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                New Feature                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:          Unresolved                  Votes:      0
[JOSSO-414] JOSSO resource locations must allow query strings on the
last locatin field. Created: 01/Jun/12 Updated: 01/Jun/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                New Feature                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:          Unresolved                  Votes:      0
[JOSSO-413] JOSSO ISAPI Agent should support applications
definitions with multiple base URIs Created: 01/Jun/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.7

Type:                  New Feature                        Priority:               Blocker
Reporter:              Sebastian Gonzalez Oyuela          Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                  0


Description
The baseUri property must be interpreted as a CSV of URIs. On initialization, the value should be parsed and the
array of URIs stored as part of the configuration.

The following method should be updated, to match an application based on any of the URIs
PartnerAppConfig *AbstractSSOAgent::getPartnerAppConfig(const string & path)

The property can contain a single URI as it does today
As system administrator, I want to be able to proxy an external SAML 2.0 IdP   (JOSSO-410)



  [JOSSO-411] SAML 2.0 entities federated connection side should also
have a provider channel w/ the override option Created: 01/Jun/12 Updated: 29/Jun/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Sub-task                         Priority:                Major
Reporter:            Sebastian Gonzalez Oyuela        Assignee:                Goran Nastov
Resolution:          Unresolved                       Votes:                   0
[JOSSO-410] As system administrator, I want to be able to proxy an
external SAML 2.0 IdP Created: 01/Jun/12 Updated: 29/Jun/12
Status:                Open
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 2.4.0

Type:                  New Feature                         Priority:               Major
Reporter:              Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:            Unresolved                          Votes:                  0

Sub-Tasks:              Key                 Summary                 Type          Status      Assignee
                        JOSSO-411           SAML 2.0 entities      Sub-task       Open        Goran Nastov
                                            federated connectio...

Description
From the user perspective, the proxy will be created when 'override provider settings' is selected for a SAML 2.0 IDP
(from saml 2.0 drawer) is selected

Comments
Comment by Sebastian Gonzalez Oyuela [ 29/Jun/12 8:05 AM ]
Changes have been implemented in the transform engine, only front-end changes are required
[JOSSO-409] Activation does not store license file locally Created: 21/May/12
Updated: 06/Sep/12 Resolved: 01/Aug/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Bug                         Priority:   Blocker
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Cannot Reproduce            Votes:      0
[JOSSO-408] Add Microstrategy execution environment modeling
support Created: 21/May/12 Updated: 19/Jun/12 Resolved: 19/Jun/12
Status:              Resolved
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                New Feature                 Priority:   Blocker
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-407] The HTTP binding address and port must be also
configured in the kernel CFG, as part of the local servlet endpoint Created:
17/May/12 Updated: 06/Sep/12 Resolved: 01/Aug/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Bug                         Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
As a system administrator, I want to be able to manage custom branding definitions using a GUI   (JOSSO-402)



  [JOSSO-406] As a system administrator, I want to be able to delete a
branding definition Created: 16/May/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Sub-task                      Priority:             Major
Reporter:              Sebastian Gonzalez Oyuela     Assignee:             Sebastian Gonzalez Oyuela
Resolution:            Fixed                         Votes:                0


Description
Built-in brandings cannot be deleted
As a system administrator, I want to be able to manage custom branding definitions using a GUI       (JOSSO-402)



  [JOSSO-405] As a system administrator, I want to be able to update a
custom branding definition Created: 16/May/12 Updated: 06/Sep/12 Resolved: 09/Aug/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Sub-task                           Priority:                Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:                Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                   0


Description
Built-in brandings cannot be updated.

Custom branding definitions can be updated in all properties except for the name
As a system administrator, I want to be able to manage custom branding definitions using a GUI   (JOSSO-402)



  [JOSSO-404] As system administrator, I want to be able to configure a
new custom branding Created: 16/May/12 Updated: 06/Sep/12 Resolved: 09/Aug/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Sub-task                              Priority:      Major
Reporter:               Sebastian Gonzalez Oyuela             Assignee:      Sebastian Gonzalez Oyuela
Resolution:             Fixed                                 Votes:         0


Description
The branding creation should be based on a wizard:

The first screen containing common information to all branding types
* name (required)
 * description (optional)
 * type (required from list of values, 'Custom' only available for now).

The second screen containing specific information to custom branding type.
* Bundle URI (required, in the format of group/name/version)
* Bundle file (JAR, uploaded)
* Web ID (optional)
As a system administrator, I want to be able to manage custom branding definitions using a GUI        (JOSSO-402)



  [JOSSO-403] As a system administrator, I want to be able to access
the list of available brandings Created: 16/May/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Sub-task                            Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                  0


Description
The list must display branding name, description, type (built-in, custom, simple) and web id
[JOSSO-402] As a system administrator, I want to be able to manage
custom branding definitions using a GUI Created: 16/May/12 Updated: 06/Sep/12 Resolved:
01/Aug/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  New Feature                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0

Sub-Tasks:             Key            Summary                 Type       Status Assignee
                       JOSSO-403      As a system             Sub-task   Closed Sebastian Gonzalez Oyuela
                                      administrator, I want
                                      to ...
                       JOSSO-404      As system               Sub-task   Closed Sebastian Gonzalez Oyuela
                                      administrator, I want
                                      to be...
                       JOSSO-405      As a system             Sub-task   Closed Sebastian Gonzalez Oyuela
                                      administrator, I want
                                      to ...
                       JOSSO-406      As a system             Sub-task   Closed Sebastian Gonzalez Oyuela
                                      administrator, I want
                                      to ...

Description
A new 'Branding Service' element should be available in the System Settings, Local Services drawer to allow
branding management.
[JOSSO-401] When opening an identity appliance in the modeler, the
model navigation tree on the left should be expanded only for the first
level (entities, etc) Created: 15/May/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Trivial
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-400] JOSSO installer for Liferay 6 broken Created: 07/May/12                                    Updated: 06/Sep/12
Resolved: 07/May/12
Status:                 Closed
Project:                JOSSO
Component/s:            Liferay Portal Agent
Affects Version/s:      JOSSO 1.8.6
Fix Version/s:          JOSSO 1.8.7

Type:                   Bug                                  Priority:                Major
Reporter:               Gianluca Brigandi                    Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:                   0


Description
The Liferay 6 installer command is not able to install Jaas configuration and it's not referencing the agent-bin's axis
distribution.
[JOSSO-399] Latest google bot not recognized upon auto login Created:
04/May/12 Updated: 06/Sep/12 Resolved: 07/May/12
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.6
Fix Version/s:         JOSSO 1.8.7

Type:                  Improvement                 Priority:   Major
Reporter:              Gianluca Brigandi           Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-398] Automatic login is always attempted for http request with
no referers Created: 04/May/12 Updated: 06/Sep/12 Resolved: 07/May/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8.4
Fix Version/s:       JOSSO 1.8.7

Type:                Bug                 Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:      0
[JOSSO-397] Error creating bean with name 'josso-identity-store' defined
Created: 18/Apr/12 Updated: 18/Apr/12
Status:                 Open
Project:                JOSSO
Component/s:            Tomcat 6.0 Agent
Affects Version/s:      JOSSO 1.8
Fix Version/s:          None

Type:                   Bug                                Priority:               Major
Reporter:               Ilaiyaraja                         Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                         Votes:                  0


Description
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'josso-
identity-store' defined in class path resourc
e [josso-gateway-stores.xml]: Initialization of bean failed; nested exception is
org.springframework.beans.InvalidPropertyException: Invalid property
'functionsQueryString' of bean class [org.josso.gateway.identity.service.store.db.JDBCIdentityStore]: No property
'functionsQueryString' found
[JOSSO-396] When saving persitence configuration, a warning message
must be displayed telling that appliances and users information will be
lost, since a new DB will be created / used Created: 03/Apr/12 Updated: 06/Sep/12 Resolved:
19/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:      Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:         0
[JOSSO-395] Support new properties when configuring Persistence
Service (System Settings) Created: 03/Apr/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Improvement                         Priority:           Major
Reporter:              Sebastian Gonzalez Oyuela           Assignee:           Sebastian Gonzalez Oyuela
Resolution:            Fixed                               Votes:              0


Description
A new group with the following properties should be available:

connectionUrl
connectionUsername
connectionPassword
connectionDriver.

They should be enabled only if users sets 'Use External DB' to true.

The connection driver must be a combo with valid JDBC Drivers, and connection urls should be defaulted based on
the selected driver (se db identity store form on appliance modeling)

Changes about properties load/storage must be implemented in ConsolePersitenceServiceConfigurationHandler.
[JOSSO-394] Username must be read-only, when configuring Persitence
Service (System Settings) Created: 03/Apr/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-393] When updating HTTP configuration, show a message
telling the user to connect to the new IP/Port if changed, do not wait for
'Save' result since JETTY will restart with the new port. Created: 03/Apr/12 Updated:
06/Sep/12 Resolved: 19/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  Improvement                 Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-392] Set the 'Local Services' drawer element on top of 'Live
Services' Created: 03/Apr/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-391] As a system administrator, I want to be able to configure
the Artifact Queue Manger service Created: 03/Apr/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                New Feature                 Priority:        Blocker
Reporter:            Sebastian Gonzalez Oyuela   Assignee:        Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:           0
[JOSSO-390] Support configuration for SAML 2.0 Request TTL and
Timestamp validation tolerance when defining SAML Providers (IDP/SP)
Created: 03/Apr/12 Updated: 04/Jul/12 Resolved: 04/Jul/12
Status:                  Resolved
Project:                 JOSSO
Component/s:             Atricore Console
Affects Version/s:       None
Fix Version/s:           JOSSO 2.4.0

Type:                    Improvement                        Priority:              Blocker
Reporter:                Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:              Fixed                              Votes:                 0


Description
Two new fields should be added to internal SAML 2.0 section in SP and IdP definitions (entities drawer): (At provider
level, and override in federated connection)

Message TTL (seconds, >=0 , default 300)

External Message TTL tolerance (seconds, >=0 , default 300)

Comments
Comment by Sebastian Gonzalez Oyuela [ 29/Jun/12 8:00 AM ]
The value represents seconds, must be an intenger >= 0, defaulted to 300 (5 min)
[JOSSO-389] Make SAML Providers tolerance configurable Created: 03/Apr/12
Updated: 01/Aug/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console, SAML2 Support
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   Improvement                       Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela         Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Unresolved                        Votes:      0


Description
The value is currently set to 5 minutes
[JOSSO-388] Mask keystore and key password fields when configuring
providers' certificate keystore Created: 26/Mar/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:      Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:         0
[JOSSO-387] Implement Ajax layer for Service Configuration Manager
Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 19/Jun/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   New Feature                         Priority:           Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:           Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:              0


Description
Add DTOs for configuration objects and crate ajax methods for ServiceConfigurationManagerAjaxService that mirror
the back-end methods.

All the beans are already configured and wired. (console-services)

Implement incomplete back-end methods (console-settings)
[JOSSO-386] As a system administrator I want to be able to configure
the Log service using a GUI Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:               Closed
Project:              JOSSO
Component/s:          Atricore Console
Affects Version/s:    None
Fix Version/s:        JOSSO 2.3.0

Type:                 New Feature                       Priority:              Major
Reporter:             Sebastian Gonzalez Oyuela         Assignee:              Sebastian Gonzalez Oyuela
Resolution:           Fixed                             Votes:                 0


Description
In the System Settings section, under the Local Services drawer, a new element named Log Service should be
added.
The following information should be captured by the corresponding form:

Service Mode (combo: Development, Production)

Custom Appenders (table, users should be able to add, remove rows from these table)
Name | File | Category | Level |
[JOSSO-385] As a system administrator, I want to be able to configure
the Management service using a GUI Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   New Feature                      Priority:              Major
Reporter:               Sebastian Gonzalez Oyuela        Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                            Votes:                 0


Description
In the System Settings section , under the Local Services drawer, a new Item for Management Service should be
available.
The following information needs to be captured by the corresponding form:

RMI Registry port (int, not null , 1-65535)
RMI Server port (int, not null , 1-65535)
Service URL (string, read only)
[JOSSO-384] As a system administrator, I want to be able to configure
the Persistence service using a GUI Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  New Feature                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0


Description
In the System Settings section , under the Local Services drawer, a new Item for Persiscente Service should be
available.
The following information needs to be captured by the corresponding form:

port (int, not null 1-65535)
username (string, not null)
password (password, not null)
password confirmation (password, not null, match password)
[JOSSO-383] As a system administrator, I want to be able to configure
the SSH service using a GUI Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  New Feature                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0


Description
In the System Settings section , under the Local Services drawer, a new Item for SSH Service should be available.
The following information needs to be captured by the corresponding form:




Comments
Comment by Sebastian Gonzalez Oyuela [ 14/Mar/12 3:48 PM ]
Port (int, not null 1-65535)
Bind Addrss (ip address, can be null)
[JOSSO-382] As a system administrator, I want to be able to configure
the HTTP service using a GUI Created: 14/Mar/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                  Closed
Project:                 JOSSO
Component/s:             Atricore Console
Affects Version/s:       None
Fix Version/s:           JOSSO 2.3.0

Type:                    New Feature                        Priority:              Major
Reporter:                Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:              Fixed                              Votes:                 0


Description
In the System Settings section , under the Local Services drawer, a new Item for HTTP Service should be available.
The following information needs to be captured by the corresponding form:

Server Id (string, not null 1-65535)
Port: (int , not null)
Bind address (comma separated list of IP addresses, can be null)

Session Timeout (int, not null)

Max header buffer size (int, not null)
Disable session URL (checkbox)

Enable SSL (checkbox)

(SSL Group)
Port (int, not null 1-65535 if ssl enabled)
Keystore path (string, not null if ssl enabled)
Keystore password (password, not null if ssl enabled)
Key password (password, not null if ssl enabled)

Comments
Comment by Sebastian Gonzalez Oyuela [ 03/May/12 12:52 PM ]
If no bind address is present in the list, an error message should read:

"You need to add at least one bind address, use 0.0.0.0 to bind to all addreses"
[JOSSO-381] DB Identity Store password in property sheet must be
hidden, and a 2nd field for confirmation purposes must be added Created:
07/Mar/12 Updated: 27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   Improvement                 Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                       Votes:      0


Comments
Comment by Goran Nastov [ 27/Jun/12 9:22 PM ]
This is implemented on idp-proxy branch.
[JOSSO-380] Display SAML entity ID for internal SAML 2.0 providers
Created: 03/Mar/12 Updated: 01/Jun/12
Status:                  Open
Project:                 JOSSO
Component/s:             Atricore Console
Affects Version/s:       None
Fix Version/s:           JOSSO 2.4.0

Type:                    Improvement                     Priority:                  Minor
Reporter:                Sebastian Gonzalez Oyuela       Assignee:                  Goran Nastov
Resolution:              Unresolved                      Votes:                     0


Description
Display

Entity ID
Base 64 enc. Entity ID

Comments
Comment by Sebastian Gonzalez Oyuela [ 03/Mar/12 10:38 AM ]
Entity ID is normaly : http://localhost:8081/IDBUS/IDA1/IDP/SAML2/MD (or similar)
[JOSSO-379] Users should be able to select the appliance branding
upon appliance creation Created: 01/Mar/12 Updated: 06/Sep/12 Resolved: 16/May/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-378] Display SP Initiated SSO/SLO urls on the SP SAML 2.0
section Created: 29/Feb/12 Updated: 01/Jun/12
Status:               Open
Project:              JOSSO
Component/s:          Atricore Console
Affects Version/s:    None
Fix Version/s:        JOSSO 2.4.0

Type:                 Improvement                       Priority:   Major
Reporter:             Sebastian Gonzalez Oyuela         Assignee:   Goran Nastov
Resolution:           Unresolved                        Votes:      0


Comments
Comment by Sebastian Gonzalez Oyuela [ 03/Mar/12 10:41 AM ]
Look at SPJOSSOActivationTransformer.java , line 79
Support multiple protocols when configuring a local IDP   (JOSSO-369)



  [JOSSO-377] Display IDP initiated URL as a link, so that users can
select or click it Created: 29/Feb/12 Updated: 01/Jun/12
Status:               Open
Project:              JOSSO
Component/s:          Atricore Console
Affects Version/s:    None
Fix Version/s:        JOSSO 2.4.0

Type:                 Sub-task                          Priority:              Major
Reporter:             Sebastian Gonzalez Oyuela         Assignee:              Goran Nastov
Resolution:           Unresolved                        Votes:                 0


Comments
Comment by Sebastian Gonzalez Oyuela [ 03/Mar/12 10:31 AM ]
Look at AbstractSPChannelTransformer (lin 532), you need to add the atricore_sp_alias=<value> parameter to the
URL, i.e.:

http://localhost:8081/IDBUS/IDA1/IDP/SAML2/SSO/IDP_INITIATE?atricore_sp_alias=
[JOSSO-375] As a System Architect, I wan to be able to export the
generated josso agent config for execution environments that support it
Created: 29/Feb/12 Updated: 27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                         Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela           Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0


Comments
Comment by Sebastian Gonzalez Oyuela [ 12/Mar/12 5:47 PM ]
Extending the internface with a method exportJosso1Configuration to
com.atricore.idbus.console.lifecycle.main.spi.ApplianceBuilder

Look at TransformerApplianceBuilderImpl, line 119 aprox
[JOSSO-374] Set default version to 7 when adding a Tomcat execution
environment Created: 28/Feb/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Improvement                 Priority:   Trivial
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-373] Remove idp and authn type from the IDP's list of available
authentication schemes. For instance, if the element is named wia,
instead of showing idp1-wia-authn, the user should see wia on the list.
Created: 25/Feb/12 Updated: 06/Sep/12 Resolved: 27/Jun/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Improvement                         Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela           Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0
[JOSSO-372] Use Identity Provider / Service Provider inside the 'external'
protocol drawers (instead of, for example, OpenID IdP) Created: 24/Feb/12 Updated:
27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   Improvement                 Priority:   Minor
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:             Fixed                       Votes:      0
[JOSSO-371] Use OAuth 2.0 and OpenID 2.0 when referring to the
protocols in the drawer sections' names Created: 24/Feb/12 Updated: 27/Jun/12 Resolved:
27/Jun/12
Status:              Resolved
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Improvement                 Priority:      Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Goran Nastov
Resolution:          Fixed                       Votes:         0
[JOSSO-370] Support modeling JOSSO 1.x and JOSSO 2.x resources
Created: 24/Feb/12 Updated: 27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                         Priority:             Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:             Goran Nastov
Resolution:             Fixed                               Votes:                0


Description
The information previously defined in the Activation connection must now be stored as a JOSSO 1.x resource. The
resources will have a one to one 'Service' connection to a Service Provider (internal only).

The JOSSO 1.X resources only will have a one to many 'Activation' connection with an execution environment.

Both service and activation connection have only a name, therefore the creation form must not be displayed.
[JOSSO-369] Support multiple protocols when configuring a local IDP
Created: 24/Feb/12 Updated: 01/Jun/12
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                        Priority:              Major
Reporter:               Sebastian Gonzalez Oyuela          Assignee:              Goran Nastov
Resolution:             Unresolved                         Votes:                 0

Sub-Tasks:              Key                Summary                  Type         Status      Assignee
                        JOSSO-377          Display IDP initiated    Sub-task     Open        Goran Nastov
                                           URL as a link, ...

Description
When an IDP is defined, multiple protocols may be involved. The current 'Contract' section needs to be divided into
multiple sections, one for each supported protocol: SAML 2.0, OAuth 2.0, OpenID 2.0. All sections other than SAML
must have an enabled checkbox set by default to false.
[JOSSO-368] Support modeling external OAuth 2.0 SP Created: 24/Feb/12          Updated:
27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                 Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:             Fixed                       Votes:      0
[JOSSO-367] Support modeling external OAuth 2.0 IdP Created: 24/Feb/12         Updated:
27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                 Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:             Fixed                       Votes:      0
[JOSSO-366] Support modeling external OpenID SP Created: 24/Feb/12             Updated:
27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                 Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:             Fixed                       Votes:      0
[JOSSO-365] Support modeling external OpenID IdPs Created: 24/Feb/12           Updated:
27/Jun/12 Resolved: 27/Jun/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   New Feature                 Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:             Fixed                       Votes:      0
[JOSSO-364] Add Coldfusion 9 support Created: 20/Feb/12     Updated: 06/Sep/12 Resolved:
20/Feb/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8.5, JOSSO 2.2.0
Fix Version/s:       JOSSO 2.2.2

Type:                New Feature                Priority:   Major
Reporter:            Gianluca Brigandi          Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                      Votes:      0
[JOSSO-363] Support setting custom URI value for triggering Agent-
initiated SSO actions Created: 16/Feb/12 Updated: 16/Feb/12
Status:              Open
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.6

Type:                Improvement         Priority:   Minor
Reporter:            Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:          Unresolved          Votes:      0
[JOSSO-362] Allow remote location activation URLs to use TCP ports
larger than 9999 Created: 16/Feb/12 Updated: 01/Aug/12
Status:                Open
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 2.4.0

Type:                  Bug                                 Priority:              Minor
Reporter:              Sebastian Gonzalez Oyuela           Assignee:              Goran Nastov
Resolution:            Unresolved                          Votes:                 0


Description
Users must be able to specify a different location for agent's back channel (SOAP) base endpoint using a location
field (without context nor URI). The default value must be the appliance base location (http://&lt;host&gt;:port/
[JOSSO-361] Support consuming Gateway web services using JAX-WS
Created: 16/Feb/12 Updated: 06/Sep/12 Resolved: 16/Feb/12
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.5
Fix Version/s:          JOSSO 1.8.6

Type:                   Improvement                          Priority:               Major
Reporter:               Gianluca Brigandi                    Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:                  0


Comments
Comment by Gianluca Brigandi [ 16/Feb/12 9:04 AM ]
Tested with JDK6's JAX-WS implementation. Should work with any JAX-WS compliant implementation such as
Apache CXF and Axis2.
Therefore, Axis is not longer required when relying on JAX-WS stubs.

Here's a sample agent descriptor enabling JAX-WS support for consuming JOSSO Gateway's web services:

<s:beans xmlns:s="http://www.springframework.org/schema/beans"
       xmlns:servlet="urn:org:josso:agent:generic-servlet"
       xmlns:agent="urn:org:josso:agent:core"
       xmlns:protocol="urn:org:josso:protocol:client:jaxws"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
       urn:org:josso:agent:generic-servlet http://www.josso.org/schema/josso-servlet-agent.xsd
       urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd
       urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd">

   <servlet:agent name="josso-servlet-agent" sessionAccessMinInterval="1000" disableJaas="true" >
      ...
      ...
      <gatewayServiceLocator>
           <protocol:jaxws-service-locator endpoint="localhost:8080" />
      </gatewayServiceLocator>
      ....
      ....
   </servlet-agent>
</s:beans>




Comment by Aaron Donovan [ 16/Apr/12 12:13 PM ]
This example configuration isn't correct. The uri and xsd for the protocol is wrong. It should read
urn:org:josso:protocol:client:jaxws http://www.josso.org/schema/josso-protocol-jaxws-client.xsd.
[JOSSO-360] JOSSO throws "Outbound relaying failed. No Principal
found. Verify your SSO Agent Configuration" + Cannot find message
associated with key jaasRealm.unexpectedError Created: 06/Feb/12 Updated: 06/Feb/12
Status:                 Open
Project:                JOSSO
Component/s:            Tomcat 6.0 Agent
Affects Version/s:      JOSSO 1.8.5
Fix Version/s:          None

Type:                   Bug                                 Priority:               Major
Reporter:               David Maria Nayagam                 Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                  0
Environment:            Tomcat 6.0, JOSSO 1.8.5, Windows 7, Java 1.6

Attachments:               JOSSO_Error.zip          JOSSO_XML.zip

Description
Hi

I have done the below setup:

Gateway server setup
1. JOSSO gateway was installed successfully
2. JOSSO agent was installed successfully
3. MYSQL DB Set up was done for authentication.
4. In josso-gateway-db-store.xml, i have given the below setup:
 <db-istore:jdbc-store
         id="josso-identity-store"
         driverName="com.mysql.jdbc.Driver"
         connectionURL="jdbc:mysql://localhost:3306/mysql"
         connectionName="root"
         connectionPassword="root"
         userQueryString="SELECT LOGIN AS NAME FROM JOSSO_USER WHERE LOGIN = ?"
         rolesQueryString="SELECT NAME AS ROLE FROM JOSSO_USER_ROLE WHERE LOGIN = ?"
         credentialsQueryString="SELECT LOGIN AS USERNAME, PASSWORD FROM JOSSO_USER WHERE
LOGIN = ?"
         userPropertiesQueryString="SELECT NAME, VALUE FROM JOSSO_USER_PROPERTY WHERE LOGIN =
?"
         resetCredentialDml="UPDATE JOSSO_USER SET PASSWORD = ? WHERE LOGIN = ?"
         relayCredentialQueryString="SELECT LOGIN FROM JOSSO_USER WHERE #?# = ?"
/>
5. On "josso-gateway-config.xml", the reference of josso-gateway-db-store.xml given.
6. When I access http://localhost:8080/josso/signon/login.do. It shows Login for credentials. I entered the userid/pwd.
7. Authentication was success; It redirects to http://localhost:8080/josso/signon/usernamePasswordLogin.do and
shows the session id "JOSSO Session ID CEF9462ADFD40E4FBA3FFA62D75B91DF"

Partner app Setup:
i used the sample app "josso-partner-tomcat-web-1.8.5" as a partner app.
1. I specified my partner app context in "josso-agent-config.xml" file as below:
<agent:partner-app id="josso-partner-tomcat-web-1.8.5" context="/josso-partner-tomcat-web-1.8.5"
defaultResource="/index.jsp">
2. Re-start the tomcat server.
3. When I access http://localhost:8080/josso-partner-tomcat-web-1.8.5/index.jsp, it is says "You're an anonymous
user." And asking as to press "Login" button to login to SSO.
4. When I press "Login" button, it re-directs to the below URL and shows SSO Login page.
http://localhost:8080/josso/signon/login.do?josso_back_to=http://localhost:8080/josso-partner-tomcat-web-
1.8.5/josso_security_check&josso_partnerapp_id=josso-partner-tomcat-web-1.8.5
5. It shows Login for credentials. I entered the userid/pwd.
6. Authentication was success; It redirects to the below URL,
http://localhost:8080/josso-partner-tomcat-web-1.8.5/josso_security_check?josso_assertion_id=8625A192F93531DE
7. It generates the session id successfully, but it is not re-direct to the requested web page, instead, it throws below
error in front-end
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:551)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
java.lang.Thread.run(Unknown Source)
8. But in the server.log, it shows the below error as well:
Feb 2, 2012 4:24:07 PM org.apache.catalina.realm.JAASRealm authenticate
SEVERE: Cannot find message associated with key jaasRealm.unexpectedError
java.lang.SecurityException: Unable to locate a login configuration
       at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
       at java.lang.reflect.Constructor.newInstance(Unknown Source)
       at java.lang.Class.newInstance0(Unknown Source)
       at java.lang.Class.newInstance(Unknown Source)
       at javax.security.auth.login.Configuration$3.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
       at javax.security.auth.login.LoginContext$1.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.init(Unknown Source)
       at javax.security.auth.login.LoginContext.<init>(Unknown Source)
       at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:383)
       at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:323)
       at org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95)
       at org.josso.agent.AbstractSSOAgent.execute(AbstractSSOAgent.java:378)
       at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:291)
       at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:545)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
       at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Unable to locate a login configuration


Thanks & Regards
David

Comments
Comment by David Maria Nayagam [ 06/Feb/12 6:04 AM ]
i am also attaching screen shots and all JOSSO XML config files
[JOSSO-359] NPE when emitting assertion from previous sessino. The
fix is to use the STS to do it Created: 04/Feb/12 Updated: 01/Jun/12 Resolved: 01/Jun/12
Status:              Resolved
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.4.0

Type:                Bug                         Priority:      Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:         0
Add IdP Support for multiple authentication schemes     (JOSSO-355)



 [JOSSO-356] The Identity Architect should be able to connect multiple
Authentication elements to an Identity Provider Created: 04/Feb/12 Updated: 06/Sep/12
Resolved: 22/Feb/12
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Sub-task                         Priority:    Critical
Reporter:               Sebastian Gonzalez Oyuela        Assignee:    Sebastian Gonzalez Oyuela
Resolution:             Fixed                            Votes:       0


Comments
Comment by Sebastian Gonzalez Oyuela [ 08/Feb/12 12:12 PM ]
Remaning activities after last update:

Use colored table to display configured authentication mechanisms.
Add authentication mechanism icon to the table
Fix problem when renaming idp and authentication mechanism
Add missing '-' to the mechanism name
[JOSSO-355] Add IdP Support for multiple authentication schemes Created:
04/Feb/12 Updated: 06/Sep/12 Resolved: 01/Jun/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console, Atricore Identity Bus
Affects Version/s:     None
Fix Version/s:         JOSSO 2.3.0

Type:                  New Feature                         Priority:            Critical
Reporter:              Sebastian Gonzalez Oyuela           Assignee:            Sebastian Gonzalez Oyuela
Resolution:            Fixed                               Votes:               0

Sub-Tasks:              Key            Summary                   Type    Status Assignee
                        JOSSO-356      The Identity Architect Sub-task   Closed Sebastian Gonzalez Oyuela
                                       should be able...
[JOSSO-354] Implement SAML 2.0 HTTP Redirect binding signature Created:
30/Jan/12 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 2.2.2

Type:                  Improvement                 Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-353] CLONE -JOSSO + PHP: SoapFault exception Created: 29/Dec/11
Updated: 29/Dec/11
Status:                 Open
Project:                JOSSO
Component/s:            PHP Agent
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          JOSSO 1.8.4

Type:                   Bug                                Priority:              Critical
Reporter:               Gopalakrishnan Shanmugam           Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Unresolved                         Votes:                 0
Environment:            Windows XP, Tomcat 6 with JOSSO 1.8.3 GW deployed, XAMPP with PHP agent and
                        sample app, Apache Directory Server on localhost


Description
Hi Support Team,
i tried to install JOSSO Agent for PHP and excute the sample application. It seems that Agent crash on Soap
feedback from JOSSO GW:

I have a single Windows Host with a Tomcat instance (listening on 8080) for the JOSSO GW and an Apache/PHP
(XAMPP) where i installed the PHP Agent and the sample app.
any help would be appreciated.

When i recall the sample app, i'm prompted for credentials and then it crash:
1. in the gw log i see:

INFO: Fri Nov 12 12:36:05 CET 2010 - sso-user - info - user1 - authenticationSuc cess=success -
authScheme=basic-authentication,ssoSessionId=5F62295BBD63E7BCA40A
1EA9EFBD6407

2. in browser i see: (this is the URL dislpayed: http://localhost/josso-php-partnerapp/josso-security-
check.php?josso_assertion_id=A688F83D1C355CBA)
Fatal error: Uncaught SoapFault exception: [Client] SoapClient::SoapClient() [<a
href='soapclient.soapclient'>soapclient.soapclient</a>]: Invalid parameters in C:\xampp\php\PEAR\josso-php-
inc\class.jossoagent.php:703 Stack trace: #0 C:\xampp\php\PEAR\josso-php-inc\class.jossoagent.php(703):
SoapClient->SoapClient('http://localhos...&#39;, false, '', '', '', '') #1 C:\xampp\php\PEAR\josso-php-
inc\class.jossoagent.php(521): jossoagent->getIdentityProvdierSoapClient() #2 C:\xampp\htdocs\josso-php-
partnerapp\josso-security-check.php(37): jossoagent->resolveAuthenticationAssertion('A688F83D1C355CB...') #3
{main} thrown in C:\xampp\php\PEAR\josso-php-inc\class.jossoagent.php on line 703

Is there something i can do?
Many thanks.
Marco



Comments
Comment by Gopalakrishnan Shanmugam [ 29/Dec/11 4:43 AM ]
Hi Supporting Team,
I faced this issue in JOSSO 1.8.5 with PHP 5.3.5 XAMP. Kindly, check and do the needful.
Thanks
Gopalakrishnan S
Comment by Gopalakrishnan Shanmugam [ 29/Dec/11 4:44 AM ]
Fatal error: Uncaught SoapFault exception: [Client] SoapClient::SoapClient() [<a
href='soapclient.soapclient'>soapclient.soapclient</a>]: Invalid parameters in D:\xampp\php\includes\josso-php-
inc\class.jossoagent.php:743 Stack trace: #0 D:\xampp\php\includes\josso-php-inc\class.jossoagent.php(743):
SoapClient->SoapClient('http://10.10.28...&#39;, false, '', '', '', '') #1 D:\xampp\php\includes\josso-php-
inc\class.jossoagent.php(541): jossoagent->getIdentityProvdierSoapClient() #2 D:\xampp\htdocs\fcm\josso-security-
check.php(37): jossoagent->resolveAuthenticationAssertion('8BDD67782508D1D...') #3 {main} thrown in
D:\xampp\php\includes\josso-php-inc\class.jossoagent.php on line 743
[JOSSO-352] Use /josso/agent.sso ISAPI extension instead of
/josso/JOSSOIsapiAgent.dll Created: 01/Dec/11 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Improvement                 Priority:          Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:          Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:             0
[JOSSO-351] Passive authentication request creates a new session if
remember me token is present Created: 29/Nov/11 Updated: 06/Sep/12 Resolved: 29/Nov/11
Status:                 Closed
Project:                JOSSO
Component/s:            SSO Gateway
Affects Version/s:      JOSSO 1.8.5
Fix Version/s:          JOSSO 1.8.6

Type:                   Bug                                 Priority:              Major
Reporter:               Gianluca Brigandi                   Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                 0


Description
Every time a passive (i.e. optional) authentication request is submitted to the gateway, and there is a valid remember
me token, it will drop the existent session and create a new one
[JOSSO-350] Can we use JOSSO in ASP.NET application? Created: 04/Nov/11
Updated: 04/Nov/11
Status:                        Open
Project:                       JOSSO
Component/s:                   None
Affects Version/s:             None
Fix Version/s:                 None

Type:                          Bug                                            Priority:   Major
Reporter:                      Senthilkumar Rajendran                         Assignee:   Sebastian Gonzalez Oyuela
Resolution:                    Unresolved                                     Votes:      0


Description
As per our requirement , we have to redirect to aspx page (asp.net application page) from jsp.
We done all the confguration as mentioned in JOSSO help site. But I couldn't work out.

Configuration Steps we did,

1. Installed ISAPI Agent and registery
2. Created virutual directory as "josso" which folder contains jossoisapiagent.dll under "Default web site". This folder
contains bin, config and log folders.
3. Created virutual directory as "partnerapp" for partner application which contains asp.net application under "Default
web site"

4. In josso-agent-config.ini,
------------------------------------------------------------------------------------
[agent]
gatewayEndpoint=IPAddress:port
gatewayLoginUrl=http://IPAddress:port/josso/signon/login.do

HTTP Basic Authentication setup
basicUserId=xxx
basicPassword=xxx

;; ---------------------------------------------------------
;; SSO Partner Applications
;;
;; All sections starting with 'partnerapp' will be treated
;; as partner app declarations.
;; ---------------------------------------------------------

[partnerapp.1]
base-uri=/partnerapp
splash-resource=http://IPAddress/partnerapp/default.aspx

;; ---------------------------------------------------------
;; SSO Security Constraints for 'Applications'
;;
;; All sections starting with 'security-constraint' will be treated
;; as security constraint declarations
;; ---------------------------------------------------------

[security-constraint.admin]

;; Comma separated list of required roles (optional)
;; Do not leave empty spaces between elements!
roles=role1,admin
;; Comma separated list of base uris for this constraint (required)
;; Do not leave empty spaces between elements!
base-uris=/public/.*\.pdf,/admin/[sS]ec_.*\.*,/partnerapp

[security-constraint.public]
base-uris=/public
-----------------------------------------------------------------------------------------------------------------


Shall we use JOSSO in ASP.NET application? If Yes, Please guide me on this.


Thanking you..
[JOSSO-349] SLO Fails when session expires Created: 03/Nov/11                             Updated: 06/Sep/12
Resolved: 01/Aug/12
Status:               Closed
Project:              JOSSO
Component/s:          Atricore Identity Bus
Affects Version/s:    None
Fix Version/s:        JOSSO 2.3.0

Type:                 Bug                                Priority:             Critical
Reporter:             Sebastian Gonzalez Oyuela          Assignee:             Sebastian Gonzalez Oyuela
Resolution:           Fixed                              Votes:                0


Description
011-11-02 17:03:08,401 | ERROR | pool-12-thread-1 | SingleLogoutProducer | p.producers.SingleLogoutProducer
400 | 184 - org.atricore.idbus.capabilities.sso.main - 1.3.0.SNAPSHOT | Error performing SLO for SP :
http://192.168.2.78:8081/IDBUS/ABB-QA/B2B/SAML2/MD
java.lang.ClassCastException: org.atricore.idbus.capabilities.sso.main.idp.SSOIDPMediator cannot be cast to
org.atricore.idbus.capabilities.sso.main.sp.SamlR2SPMediator
at
org.atricore.idbus.capabilities.sso.main.idp.producers.SingleLogoutProducer.validateResponse(SingleLogoutProduce
r.java:224)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.producers.SingleLogoutProducer.performSlo(SingleLogoutProducer.java:
397)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.producers.SingleLogoutProducer.doProcessIdPInitiatedLogoutRequest(Si
ngleLogoutProducer.java:130)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.producers.SingleLogoutProducer.doProcess(SingleLogoutProducer.java:9
4)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.producers.SingleLogoutProducer.doProcess(SingleLogoutProducer.java:7
6)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelProducer.process(AbstractCamelProducer.java:133)[1
72:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43)[151:org.apache.camel.camel-core:1.6.1]
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)[151:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[151:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)[151:
org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)[151:o
rg.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)[151:org.apache.camel.camel
-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)[151:org.apache.camel.camel
-core:1.6.1]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:115)[151:org.apache.camel.camel-core:1.6.1]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:89)[151:org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[151:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)[151:
org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)[151:o
rg.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)[151:org.apache.camel.ca
mel-core:1.6.1]
at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)[151:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)[151:org.apache.ca
mel.camel-core:1.6.1]
at
org.atricore.idbus.kernel.main.mediation.camel.component.binding.CamelMediationEndpoint$ConsumerProcessor.pr
ocess(CamelMediationEndpoint.java:311)[172:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.apache.camel.impl.converter.AsyncProcessorTypeConverter$ProcessorToAsyncProcessorBridge.process(Async
ProcessorTypeConverter.java:43)[151:org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:59)[151:org.apache.camel.camel-
core:1.6.1]
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:84)[151:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[151:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:189)[151:org.apache.camel.camel
-core:1.6.1]
at
org.apache.camel.processor.DeadLetterChannel.process(DeadLetterChannel.java:133)[151:org.apache.camel.camel
-core:1.6.1]
at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:68)[151:org.apach
e.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.proceed(StreamCachingInterceptor.java:87)[151:
org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.interceptor.StreamCachingInterceptor.process(StreamCachingInterceptor.java:82)[151:o
rg.apache.camel.camel-core:1.6.1]
at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:52)[151:org.apache.camel.ca
mel-core:1.6.1]
at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:41)[151:org.apache.camel.camel-
core:1.6.1]
at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:66)[151:org.apache.ca
mel.camel-core:1.6.1]
at
org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:47)[151:org.apache.camel.camel-
core:1.6.1]
at org.apache.camel.impl.ProducerCache.sendExchange(ProducerCache.java:151)[151:org.apache.camel.camel-
core:1.6.1]
at org.apache.camel.impl.ProducerCache.send(ProducerCache.java:88)[151:org.apache.camel.camel-core:1.6.1]
at
org.apache.camel.impl.DefaultProducerTemplate.send(DefaultProducerTemplate.java:93)[151:org.apache.camel.ca
mel-core:1.6.1]
at
org.apache.camel.impl.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:110)[151:org.apache.cam
el.camel-core:1.6.1]
at
org.apache.camel.impl.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:116)[151:org.apache.cam
el.camel-core:1.6.1]
at
org.atricore.idbus.capabilities.sso.main.binding.SsoLocalBinding.sendMessage(SsoLocalBinding.java:199)[184:org.at
ricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelMediator.sendMessage(AbstractCamelMediator.java:3
38)[172:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.mediation.camel.AbstractCamelMediator.sendMessage(AbstractCamelMediator.java:3
25)[172:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.IdPSessionEventListener.triggerIdPInitiatedSLO(IdPSessionEventListener
.java:128)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.IdPSessionEventListener.invalidateSession(IdPSessionEventListener.java
:91)[184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.capabilities.sso.main.idp.IdPSessionEventListener.handleEvent(IdPSessionEventListener.java:46)[
184:org.atricore.idbus.capabilities.sso.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.SSOSessionEventManager.fireSessionEvent(SSOSessionEventManager.java:
37)[172:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.BaseSessionImpl.fireSessionEvent(BaseSessionImpl.java:234)[172:org.atricor
e.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.BaseSessionImpl.expire(BaseSessionImpl.java:181)[172:org.atricore.idbus.ker
nel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.BaseSessionImpl.isValid(BaseSessionImpl.java:100)[172:org.atricore.idbus.ke
rnel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.idojos.ehcachesessionstore.EHCacheSessionStore.loadByValid(EHCacheSessionStore.java:219)[
180:org.atricore.idbus.idojos.ehcachesessionstore:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.service.SSOSessionManagerImpl.checkValidSessions(SSOSessionManagerI
mpl.java:408)[172:org.atricore.idbus.kernel.main:1.3.0.SNAPSHOT]
at
org.atricore.idbus.kernel.main.session.service.SessionMonitor.run(SSOSessionMonitor.java:52)[172:org.atricore.idbu
s.kernel.main:1.3.0.SNAPSHOT]
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)[:1.6.0_26]
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(Unknown Source)[:1.6.0_26]
at java.util.concurrent.FutureTask.runAndReset(Unknown Source)[:1.6.0_26]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(Unknown
Source)[:1.6.0_26]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodic(Unknown
Source)[:1.6.0_26]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)[:1.6.0_26]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)[:1.6.0_26]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)[:1.6.0_26]
at java.lang.Thread.run(Unknown Source)[:1.6.0_26]
[JOSSO-348] ISAPI Issue for JOSSO 1.8.5 Created: 25/Oct/11                             Updated: 25/Oct/11
Status:                  Open
Project:                 JOSSO
Component/s:             ISAPI Agent
Affects Version/s:       JOSSO 1.8.5
Fix Version/s:           None

Type:                    Bug                                    Priority:          Critical
Reporter:                Rajkumar                               Assignee:          Sebastian Gonzalez Oyuela
Resolution:              Unresolved                             Votes:             0
Environment:             Windows 2003, IIS 6.0, Classical ASP applications

Attachments:                 josso-agent-config.zip

Description
I have installed and configure JOSSO 1.8.5 on my JBOSS 5.1.X. I am able to add 2 partner application in JBoss and
able to put these under josso. And this is perfectly running fine. But i am facing issue when i am connecting to an
ASP application deployed on IIS 6.0 to this setup. After logging into the JBOSS partner app(via the Josso gateway), i
tried accessing the asp link. The asp browser says "page cannot be found". I followed the setup for JOSSO IIS agent
and related configuration. And i used the josso-partner-asp-1.8.5-.zip that comes with josso package as the partner
application. Can you please let me know if i am missing any details/steps.

I am attaching the josso iis agent config file + the log output with this ticket

Thanks in advance

Rajkumar S
[JOSSO-347] Support per-federation channel branding Created: 20/Oct/11       Updated:
06/Sep/12 Resolved: 20/Oct/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.2.0
Fix Version/s:          JOSSO 2.3.0

Type:                   New Feature         Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed               Votes:      0
[JOSSO-346] Simplify branding by supporting plain XHTML for
templating Created: 20/Oct/11 Updated: 06/Sep/12 Resolved: 20/Oct/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.2.0
Fix Version/s:         JOSSO 2.3.0

Type:                  Improvement                        Priority:               Major
Reporter:              Gianluca Brigandi                  Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                  0


Description
This approach enforces a clear separation of presentation and business logic and allows templates to be edited with
conventional WYSIWYG design tools
[JOSSO-345] Support mix and matching SSO stacks Created: 20/Oct/11          Updated:
01/Jun/12 Resolved: 20/Oct/11
Status:                 Resolved
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.2.0
Fix Version/s:          JOSSO 2.4.0

Type:                   Improvement         Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:             Fixed               Votes:      0
[JOSSO-344] Support OpenID v1.1 and v2 Created: 20/Oct/11   Updated: 01/Jun/12 Resolved:
20/Oct/11
Status:              Resolved
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.2.0
Fix Version/s:       JOSSO 2.4.0

Type:                New Feature         Priority:     Major
Reporter:            Gianluca Brigandi   Assignee:     Gianluca Brigandi
Resolution:          Fixed               Votes:        0
[JOSSO-343] Support rebranding built-in identity capabilities's UIs from
identity appliances Created: 20/Oct/11 Updated: 06/Sep/12 Resolved: 20/Oct/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.2.0
Fix Version/s:       JOSSO 2.3.0

Type:                Improvement         Priority:     Major
Reporter:            Gianluca Brigandi   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:        0
[JOSSO-342] Allow identity capabilities to contribute their own UI Created:
20/Oct/11 Updated: 06/Sep/12 Resolved: 20/Oct/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 2.3.0

Type:                   Improvement                Priority:   Major
Reporter:               Gianluca Brigandi          Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                      Votes:      0
[JOSSO-341] Support identity appliance-specific branding Created: 20/Oct/11
Updated: 06/Sep/12 Resolved: 20/Oct/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.2.0
Fix Version/s:         JOSSO 2.3.0

Type:                  Improvement         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-340] JOSSO Liferay 6 Agent installer generates invalid josso-
agent-config.xml when liferay home directory includes whitespaces
Created: 20/Oct/11 Updated: 06/Sep/12 Resolved: 03/Apr/12
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.6
Fix Version/s:          JOSSO 1.8.6

Type:                   Bug                                 Priority:              Minor
Reporter:               Gianluca Brigandi                   Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                 0


Description
generated schema locations for the josso agent configuration descriptor are invalid given that they include
whitespaces . Schema locations whitespaces should be escaped.
[JOSSO-339] IDP Property sheet requires large screen size to fit Created:
19/Oct/11 Updated: 01/Jun/12 Resolved: 28/Feb/12
Status:                 Resolved
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      None
Fix Version/s:          JOSSO 2.4.0

Type:                   Bug                                 Priority:       Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:       Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:          0


Comments
Comment by Sebastian Gonzalez Oyuela [ 28/Feb/12 8:12 AM ]
The new way to present different contract (protocols) options solves this
[JOSSO-338] Allow users to specify SSO Session timeout Created: 19/Oct/11
Updated: 06/Sep/12 Resolved: 19/Oct/11
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.2.2

Type:                  Improvement                 Priority:   Critical
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-337] Cann't find single sign on Server Created: 15/Oct/11                                               Updated: 14/Sep/12
Status:                        Open
Project:                       JOSSO
Component/s:                   Atricore Console, JBoss 5.0 Agent
Affects Version/s:             JOSSO 2.2.0
Fix Version/s:                 None

Type:                          Bug                                               Priority:          Critical
Reporter:                      David Maria Nayagam                               Assignee:          Sebastian Gonzalez Oyuela
Resolution:                    Unresolved                                        Votes:             1
Environment:                   windows xp and windows 7

Attachments:                        idAppliance-2-1.0.2.zip                josso-agent-config.xml       JOSSO_START_IMG.bmp

Description
hi,

i have created sample Identity Appliace (appliance Attached) and deployed , Started well. (Attached screen shot).

i am trying to get the "SINGLE SIGN ON SCREEN" but page can't be found error is comming:

tryed in many ways:
http://jb51.demo.atricore.com/partnerapp2/protected
------------------------------------------------------------------------------
jb51.demo.atricore.com/partnerapp2/protected
------------------------------------------------------------------------------
http://jb51.demo.atricore.com/partnerapp2

i tryed in many ways not possible to get the SSO Screen.

i used: JBOSS 5.X (JOSSO_AGENT_CONFIG.xml also attached).

SERVICE PROVIDER URL: http: jb51.demo.atricore.com 80 partnerapp2

please any one help me out ... Its very urgent to decide we can use JOSSO .



Comments
Comment by Sebastian Gonzalez Oyuela [ 17/Oct/11 8:43 AM ]
Have you activated the execution environment (JBoss 5.1) after starting the appliance ? This must be done only
once.
Make sure to restart JBoss after activation.

To activate the execution environment go to the Appliance Modeler view, select your JBoss element definition, and
go to the activation section on the property sheet at the bottom. click re-activate and roll the mouse out of the form.
Comment by Evan Schnell [ 01/May/12 3:42 PM ]
I have exactly the same problem, except with tomcat 6.0.

I have recreated everything several times. Both appliance and tomcat. Reactivated as described. Verified URLs etc.
All logs are empty of errors; even with debug on. All servers are active per the osgi commands. I am just trying to
repeat what I saw in the demo video and am dying of 404s.
Comment by Gayanath [ 15/May/12 4:31 PM ]
HEY EVAN DID YOU FIX YOU ISSUE WITH JOSSO + TC YET?
Comment by Hari Prasad [ 14/Sep/12 6:54 AM ]
Am using josso2.3 community edition. Am also facing the same problem like not able find that josso login page in my
application. The login page forwarding to "/josso_user_login/". Even i didnt find josso.war in the installation directory.
Is this war really need for doing josso SSO for making our applicaiton josso enabled. Please confirm me regarding.
[JOSSO-336] Enlarge 'JOSSO Activation' creation form to make room for
new path element on application location Created: 14/Oct/11 Updated: 06/Sep/12 Resolved:
04/Feb/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Improvement                 Priority:    Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:    Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:       0
[JOSSO-335] JOSSO 2.2 After deployment, Start Error Created: 14/Oct/11                                         Updated:
14/Oct/11 Resolved: 14/Oct/11
Status:                  Resolved
Project:                 JOSSO
Component/s:             JBoss 5.0 Agent
Affects Version/s:       JOSSO 2.2.0
Fix Version/s:           None

Type:                    Bug                                  Priority:                Major
Reporter:                David Maria Nayagam                  Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Duplicate                            Votes:                   0
Environment:             windows 7

Attachments:                build-atricore.log       idAppliance-1-1.0.8.zip        start-atricore.log

Description
Hi ,

I am new to JOSSO 2.2. i have created sample IDENTITY APPLIANCE(attached) and build that appliance. while
build that appliance i am getting error(attahed build.log) and deployed . while starting time also i am getting error like
"THERE WAS AN ERROR STARTING APPLIANCE" (attached start.log)



please any one help me out. i am with past 4 days.

Comments
Comment by Sebastian Gonzalez Oyuela [ 14/Oct/11 6:11 AM ]
Take a look at http://www.atricore.org/jira/browse/JOSSO-334 , there is a work-around for this.
Comment by David Maria Nayagam [ 14/Oct/11 11:44 PM ]
hi Sebatian,

i followed your ways, but i am getting error on during the build time itself, Her i have pasted my error. Please need
your help to resolve.

=========================================================================================
==========

0:14:37,031 | WARN | 00@qtp-1748341-0 | SamlR2IdPTransformer | ransformers.SamlR2IdPTransformer 139 | 189 -
com.atricore.idbus.console.lifecycle.main - 1.1.0 | Using Sample keystore for signing : idp-1-samlr2-config
00:14:37,031 | WARN | 00@qtp-1748341-0 | SamlR2IdPTransformer | ransformers.SamlR2IdPTransformer 145 | 189
- com.atricore.idbus.console.lifecycle.main - 1.1.0 | Using Sample keystore for encryption : idp-1-samlr2-config
00:14:37,093 | INFO | 00@qtp-1748341-0 | DefaultFileReplicator | org.apache.commons.vfs.VfsLog 122 | 57 -
org.apache.servicemix.bundles.commons-vfs - 1.0.0.1 | Using "C:\DOCUME~1\david\LOCALS~1\Temp\vfs_cache"
as temporary files store.
00:14:42,656 | WARN | 00@qtp-1748341-0 | MavenEmbeddedRuntime | enEmbeddedRuntime$EmbeddedLogger
319 | 183 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.2.0 | Unable to get artifact org.apache.felix:maven-
bundle-plugin:maven-plugin:2.1.0 from repository central-mirror (osgi://atricore-central): URL
[mvn:org.apache.felix/maven-bundle-plugin/2.1.0/jar] could not be resolved.
org.apache.maven.wagon.TransferFailedException: URL [mvn:org.apache.felix/maven-bundle-plugin/2.1.0/jar] could
not be resolved.
at
org.atricore.idbus.kernel.common.wagon.osgi.OsgiWagon.fillInputData(OsgiWagon.java:45)[183:org.atricore.idbus.bu
ndles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.wagon.StreamWagon.getInputStream(StreamWagon.java:116)[183:org.atricore.idbus.bundles.ap
ache-maven-v3_0:1.2.0]
at
org.apache.maven.wagon.StreamWagon.getIfNewer(StreamWagon.java:88)[183:org.atricore.idbus.bundles.apache-
maven-v3_0:1.2.0]
at org.apache.maven.wagon.StreamWagon.get(StreamWagon.java:61)[183:org.atricore.idbus.bundles.apache-
maven-v3_0:1.2.0]
at
org.apache.maven.repository.legacy.DefaultWagonManager.getRemoteFile(DefaultWagonManager.java:345)[183:or
g.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.repository.legacy.DefaultWagonManager.getArtifact(DefaultWagonManager.java:99)[183:org.atric
ore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.repository.legacy.DefaultWagonManager.getArtifact(DefaultWagonManager.java:150)[183:org.atri
core.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.artifact.resolver.DefaultArtifactResolver.resolve(DefaultArtifactResolver.java:251)[183:org.atricore.
idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.artifact.resolver.DefaultArtifactResolver.resolve(DefaultArtifactResolver.java:507)[183:org.atricore.
idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.repository.legacy.LegacyRepositorySystem.resolve(LegacyRepositorySystem.java:325)[183:org.a
tricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.plugin.internal.DefaultPluginDependenciesResolver.resolve(DefaultPluginDependenciesResolver.j
ava:123)[183:org.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultProjectBuildingHelper.resolveExtensionArtifacts(DefaultProjectBuildingHelper.java:
340)[183:org.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultProjectBuildingHelper.createProjectRealm(DefaultProjectBuildingHelper.java:204)[
183:org.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultModelBuildingListener.buildExtensionsAssembled(DefaultModelBuildingListener.jav
a:106)[183:org.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.model.building.ModelBuildingEventCatapult$1.fire(ModelBuildingEventCatapult.java:43)[183:org.a
tricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.model.building.DefaultModelBuilder.fireEvent(DefaultModelBuilder.java:888)[183:org.atricore.idbu
s.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:288)[183:org.atricore.idbus.bu
ndles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:271)[183:org.atricore.idbus.bu
ndles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:449)[183:org.atricore.idbus.bundles.
apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:455)[183:org.atricore.idbus.bundles.
apache-maven-v3_0:1.2.0]
at
org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:284)[183:org.atricore.idbus.bundles.
apache-maven-v3_0:1.2.0]
at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:402)[183:org.atricore.idbus.bundles.apache-
maven-v3_0:1.2.0]
at
org.apache.maven.DefaultMaven.getProjectsForMavenReactor(DefaultMaven.java:351)[183:org.atricore.idbus.bundl
es.apache-maven-v3_0:1.2.0]
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:163)[183:org.atricore.idbus.bundles.apache-
maven-v3_0:1.2.0]
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:95)[183:org.atricore.idbus.bundles.apache-maven-
v3_0:1.2.0]
at
org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.executeMaven(MavenEmbeddedRuntime.java:433)[183:
org.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.doExecute(MavenEmbeddedRuntime.java:126)[183:org.
atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
com.atricore.idbus.console.lifecycle.main.transform.transformers.ApplianceBuilderTransformer.after(ApplianceBuilder
Transformer.java:76)
at com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:1585)
at com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walkAny(ReflexiveIde
ntityApplianceDefinitionWalker.java:131)
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walk(ReflexiveIdentity
ApplianceDefinitionWalker.java:42)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:113)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:87)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.buildAppliance(TransformerAp
plianceBuilderImpl.java:150)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.build(TransformerApplianceBui
lderImpl.java:39)
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildAppliance(IdentityAppli
anceManagementServiceImpl.java:2038)
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildIdentityAppliance(Ident
ityApplianceManagementServiceImpl.java:218)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:18
3)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy79.buildIdentityAppliance(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:58)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.jav
a:131)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:11
9)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLIntercept
or.java:56)
at org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:39)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.osgi.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.jav
a:59)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.jav
a:131)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:11
9)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy88.buildIdentityAppliance(Unknown Source)
at
com.atricore.idbus.console.services.impl.IdentityApplianceManagementAjaxServiceImpl.buildIdentityAppliance(Identit
yApplianceManagementAjaxServiceImpl.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at
flex.messaging.services.remoting.adapters.JavaAdapter.invoke(JavaAdapter.java:406)[191:com.atricore.idbus.consol
e.web:1.1.0]
at
flex.messaging.services.RemotingService.serviceMessage(RemotingService.java:183)[191:com.atricore.idbus.consol
e.web:1.1.0]
at
flex.messaging.MessageBroker.routeMessageToService(MessageBroker.java:1417)[191:com.atricore.idbus.console.
web:1.1.0]
at
flex.messaging.endpoints.AbstractEndpoint.serviceMessage(AbstractEndpoint.java:878)[191:com.atricore.idbus.cons
ole.web:1.1.0]
at
flex.messaging.endpoints.amf.MessageBrokerFilter.invoke(MessageBrokerFilter.java:121)[191:com.atricore.idbus.co
nsole.web:1.1.0]
at
flex.messaging.endpoints.amf.LegacyFilter.invoke(LegacyFilter.java:158)[191:com.atricore.idbus.console.web:1.1.0]
at
flex.messaging.endpoints.amf.SessionFilter.invoke(SessionFilter.java:49)[191:com.atricore.idbus.console.web:1.1.0]
at
flex.messaging.endpoints.amf.BatchProcessFilter.invoke(BatchProcessFilter.java:67)[191:com.atricore.idbus.console
.web:1.1.0]
at
flex.messaging.endpoints.amf.SerializationFilter.invoke(SerializationFilter.java:146)[191:com.atricore.idbus.console.w
eb:1.1.0]
at
flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:274)[191:com.atricore.idbus.console.
web:1.1.0]
at
flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:377)[191:com.atricore.idbus.console.web:
1.1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[99:org.apache.geronimo.specs.geronimo-
servlet_2.5_spec:1.1.2]
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)[100:org.apache.servicemix
.bundles.jetty-bundle:6.1.22.2]
at
org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[103:org.ops4j.pax.web.p
ax-web-runtime:0.7.2]
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)[100:org.apache.servicemix
.bundles.jetty-bundle:6.1.22.2]
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)[104:or
g.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98)[104:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)[1
04:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)[100:org.apache.servicemix.bundles.jett
y-bundle:6.1.22.2]
at org.mortbay.jetty.Server.handle(Server.java:326)[100:org.apache.servicemix.bundles.jetty-bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)[100:org.apache.servicemix.bun
dles.jetty-bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)[100:org.apache.servicemix.bundles
.jetty-bundle:6.1.22.2]
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)[100:org.apache.servicemix.bu
ndles.jetty-bundle:6.1.22.2]
Caused by: java.lang.RuntimeException: URL [mvn:org.apache.felix/maven-bundle-plugin/2.1.0/jar] could not be
resolved.
at
org.ops4j.pax.url.mvn.internal.Connection.getInputStream(Connection.java:195)[183:org.atricore.idbus.bundles.apac
he-maven-v3_0:1.2.0]
at org.ops4j.pax.url.mvn.internal.AetherBridgeConnection.getInputStream(AetherBridgeConnection.java:68)
at java.net.URL.openStream(URL.java:1009)[:1.6.0]
at
org.atricore.idbus.kernel.common.wagon.osgi.OsgiWagon.fillInputData(OsgiWagon.java:37)[183:org.atricore.idbus.bu
ndles.apache-maven-v3_0:1.2.0]
... 109 more
00:14:42,703 | ERROR | 00@qtp-1748341-0 | MavenEmbeddedRuntime | ndles.maven.MavenEmbeddedRuntime
438 | 183 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.2.0 | Maven build has errors ...
00:14:42,703 | ERROR | 00@qtp-1748341-0 | MavenEmbeddedRuntime | ndles.maven.MavenEmbeddedRuntime
442 | 183 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.2.0 | 1:Some problems were encountered while
processing the POMs:
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique:
org.atricore.idbus.bundles:org.atricore.idbus.bundles.josso-ws-v1_2:jar -> duplicate declaration of version 1.2.0 @
[ERROR] Unresolveable build extension: Plugin org.apache.felix:maven-bundle-plugin:2.1.0 or one of its
dependencies could not be resolved: URL [mvn:org.apache.felix/maven-bundle-plugin/2.1.0/jar] could not be
resolved.
  org.apache.felix:maven-bundle-plugin:maven-plugin:2.1.0

from the specified remote repositories:
  central-mirror (osgi://atricore-central, releases=true, snapshots=false)
 @
[ERROR] Unknown packaging: bundle @

org.apache.maven.project.ProjectBuildingException: Some problems were encountered while processing the POMs:
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique:
org.atricore.idbus.bundles:org.atricore.idbus.bundles.josso-ws-v1_2:jar -> duplicate declaration of version 1.2.0 @
[ERROR] Unresolveable build extension: Plugin org.apache.felix:maven-bundle-plugin:2.1.0 or one of its
dependencies could not be resolved: URL [mvn:org.apache.felix/maven-bundle-plugin/2.1.0/jar] could not be
resolved.
 org.apache.felix:maven-bundle-plugin:maven-plugin:2.1.0

from the specified remote repositories:
  central-mirror (osgi://atricore-central, releases=true, snapshots=false)
 @
[ERROR] Unknown packaging: bundle @

at org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:293)
at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:402)
at org.apache.maven.DefaultMaven.getProjectsForMavenReactor(DefaultMaven.java:351)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:163)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:95)
at org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.executeMaven(MavenEmbeddedRuntime.java:433)
at org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.doExecute(MavenEmbeddedRuntime.java:126)
at
com.atricore.idbus.console.lifecycle.main.transform.transformers.ApplianceBuilderTransformer.after(ApplianceBuilder
Transformer.java:76)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:1585)[189:com.
atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:86)[189:com.atr
icore.idbus.console.lifecycle.main:1.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walkAny(ReflexiveIde
ntityApplianceDefinitionWalker.java:131)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walk(ReflexiveIdentity
ApplianceDefinitionWalker.java:42)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:113)
[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:87)[
189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.buildAppliance(TransformerAp
plianceBuilderImpl.java:150)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.build(TransformerApplianceBui
lderImpl.java:39)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildAppliance(IdentityAppli
anceManagementServiceImpl.java:2038)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildIdentityAppliance(Ident
ityApplianceManagementServiceImpl.java:218)[189:com.atricore.idbus.console.lifecycle.main:1.1.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:18
3)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy79.buildIdentityAppliance(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:58)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.jav
a:131)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:11
9)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLIntercept
or.java:56)
at org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.
[JOSSO-334] Missing jta-1.0.1B.jar dependency on offline systems
causes java.lang.RuntimeException Created: 12/Oct/11 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.2.0
Fix Version/s:         JOSSO 2.2.2

Type:                  Bug                               Priority:       Critical
Reporter:              Sebastian Gonzalez Oyuela         Assignee:       Sebastian Gonzalez Oyuela
Resolution:            Duplicate                         Votes:          0

Attachments:               javax-jta-1.0.1B.zip

Comments
Comment by Sebastian Gonzalez Oyuela [ 12/Oct/11 9:27 AM ]
As a work-around until next release you can do:

1. Tear down JOSSO
2. Remove all content from $JOSSO_HOME/data/work/maven/repository/
3. Extract the attached zip in $JOSSO_HOME/data/work/maven/repository/
4. Start JOSSO

The error should be gone
[JOSSO-333] Suppoort for 'path' element on parnter application
activation location Created: 11/Oct/11 Updated: 06/Sep/12 Resolved: 11/Oct/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Improvement                 Priority:    Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:    Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:       0
[JOSSO-332] SubjectConfirmationData is missing an attribute Created: 05/Oct/11
Updated: 06/Oct/11
Status:                        Open
Project:                       JOSSO
Component/s:                   SAML2 Support
Affects Version/s:             JOSSO 2.2.0
Fix Version/s:                 None

Type:                          Bug                                            Priority:                       Major
Reporter:                      Juha Majuri                                    Assignee:                       Sebastian Gonzalez Oyuela
Resolution:                    Unresolved                                     Votes:                          0
Environment:                   Windows XP, JRE 1.6.0_27


Description
SubjectConfirmationData element should contain attribute InResponseTo when the response is for AuthnStatement.

SAML Core document states that the attribute is optional, but SAML Profiles states the following. IMO this makes the
attribute mandatory when response is for AuthnRequest.

From SAML Profiles:
---------------------------------------------------------------------------------------------------------------------------------------------------
• The set of one or more assertions MUST contain at least one <AuthnStatement> that reflects the
authentication of the principal to the identity provider.

• At least one assertion containing an <AuthnStatement> MUST contain a <Subject> element with
at least one <SubjectConfirmation> element containing a Method of
urn:oasis:names:tc:SAML:2.0:cm:bearer. If the identity provider supports the Single Logout
profile, defined in Section 4.4, any such authentication statements MUST include a SessionIndex
attribute to enable per-session logout requests by the service provider.

• The bearer <SubjectConfirmation> element described above MUST contain a
<SubjectConfirmationData> element that contains a Recipient attribute containing the service
provider's assertion consumer service URL and a NotOnOrAfter attribute that limits the window
during which the assertion can be delivered. It MAY contain an Address attribute limiting the client
address from which the assertion can be delivered. It MUST NOT contain a NotBefore attribute. If
the containing message is in response to an <AuthnRequest>, then the InResponseTo attribute
MUST match the request's ID.
---------------------------------------------------------------------------------------------------------------------------------------------------

Comments
Comment by Juha Majuri [ 06/Oct/11 2:00 AM ]
Forgot to mention that currently Josso2 is not compatible with Spring Security SAML2 implementation.
[JOSSO-331] JIRA Seraph Authenticator does not support multiple user
directories configured in JIRA. Created: 27/Sep/11 Updated: 06/Sep/12 Resolved: 05/Oct/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.6

Type:                Bug                         Priority:     Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:        0
[JOSSO-330] Changing the applinace realm does not update all the
stored values. Created: 27/Sep/11 Updated: 06/Sep/12 Resolved: 01/Jun/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.3.0

Type:                Bug                         Priority:   Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-329] Support ORACLE JDBC 5 and 6 drivers Created: 20/Sep/11                Updated:
06/Sep/12 Resolved: 04/Feb/12
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 2.2.2

Type:                  Improvement                 Priority:   Minor
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-328] Support configuring session inactive timeout intervale on
IDP Created: 15/Sep/11 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Improvement                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-327] Can't access Josso web console..even if it showed started
successfully on command prompt Created: 15/Sep/11 Updated: 15/Sep/11
Status:                 Open
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      JOSSO 2.2.0
Fix Version/s:          None

Type:                   Bug                               Priority:              Major
Reporter:               mahesh bhole                      Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Unresolved                        Votes:                 0
Environment:            RHEL 6.0

Attachments:                error.JPG

Description
Josso console was working fine for sometime.Just after the restart it showed started successfully on command
prompt but can not access it via browser.
using http://localhost:8081/atricore-console/

Here is the snippet from atricore log


java.lang.Exception: Could not start bundle mvn:org.apache.activemq/activemq-ra/5.3.2 in feature(s) activemq-5.3.2:
Constraint violation for package 'javax.transaction.xa' when resolving module 139.0 between existing import
41.0.javax.transaction.xa BLAMED ON [[139.0] package; (package=javax.transaction.xa)] and uses constraint
120.0.javax.transaction.xa BLAMED ON [[139.0] package;
(&(package=javax.resource.spi.endpoint)(version>=1.5.0)(!(version>=2.0.0))), [127.0] package;
(package=javax.transaction.xa)]
at
org.apache.karaf.features.internal.FeaturesServiceImpl.installFeatures(FeaturesServiceImpl.java:353)[38:org.apache
.karaf.features.core:2.2.1]
at
org.apache.karaf.features.internal.FeaturesServiceImpl$1.run(FeaturesServiceImpl.java:968)[38:org.apache.karaf.fea
tures.core:2.2.1]
Caused by: org.osgi.framework.BundleException: Constraint violation for package 'javax.transaction.xa' when
resolving module 139.0 between existing import 41.0.javax.transaction.xa BLAMED ON [[139.0] package;
(package=javax.transaction.xa)] and uses constraint 120.0.javax.transaction.xa BLAMED ON [[139.0] package;
(&(package=javax.resource.spi.endpoint)(version>=1.5.0)(!(version>=2.0.0))), [127.0] package;
(package=javax.transaction.xa)]
at org.apache.felix.framework.Felix.resolveBundle(Felix.java:3449)
at org.apache.felix.framework.Felix.startBundle(Felix.java:1727)
at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:922)
at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:909)
at
org.apache.karaf.features.internal.FeaturesServiceImpl.installFeatures(FeaturesServiceImpl.java:350)[38:org.apache
.karaf.features.core:2.2.1]

Please find the attachment.

Please suggest.

Thanks,
Mahesh
[JOSSO-326] History not working on JOSSO command line console Created:
12/Sep/11 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Identity Bus
Affects Version/s:     None
Fix Version/s:         JOSSO 2.2.2

Type:                  Bug                         Priority:   Trivial
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-325] Javax JTA 1.0.1b
(repository/javax/transaction/jta/1.0.1B/jta-1.0.1B.jar) is required by
idbus planning engine, but version 1.1 is disrtibuted with JOSSO Created:
07/Sep/11 Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 2.2.2

Type:                   Bug                                   Priority:                Major
Reporter:               Sebastian Gonzalez Oyuela             Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                                 Votes:                   1


Comments
Comment by mahesh bhole [ 15/Sep/11 1:31 AM ]
How to add jta-1.0.1B.jar manually in josso??
I tried copying this file manually where 1.1 resides.But does not not work.
I am still getting error as Failure to resolve javax/transaction/jta/1.0.1B/jta-1.0.1B.pom from osgi://atricore-central was
cached in the local repository.
Please suggest

Thanks,
Mahesh
[JOSSO-324] IIS Agent fails to read windows registry in WOW64 mode
Created: 26/Aug/11 Updated: 06/Sep/12 Resolved: 26/Aug/11
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.6

Type:                  Bug                                  Priority:             Blocker
Reporter:              Sebastian Gonzalez Oyuela            Assignee:             Sebastian Gonzalez Oyuela
Resolution:            Work as Designed                     Votes:                0


Comments
Comment by Sebastian Gonzalez Oyuela [ 26/Aug/11 12:17 PM ]
The windows registry needs to be properly configured for 32bit applications running in 64bit OS
[JOSSO-323] JIRA/Confluence administrator functions cannot be
accessed Created: 26/Aug/11 Updated: 06/Sep/12 Resolved: 12/Sep/11
Status:              Closed
Project:             JOSSO
Component/s:         Confluence Extension, JIRA Extension
Affects Version/s:   JOSSO 1.8.5
Fix Version/s:       JOSSO 1.8.6

Type:                Bug                              Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela        Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                            Votes:      0
[JOSSO-322] BindUsernamePasswordAuthScheme not supported by
VirtualIdentityStore Created: 25/Aug/11 Updated: 25/Aug/11 Resolved: 25/Aug/11
Status:                  Resolved
Project:                 JOSSO
Component/s:             Bind Auth Scheme, LDAP Identity Store, Virtual Identity Store
Affects Version/s:       JOSSO 1.8.5
Fix Version/s:           None

Type:                    Bug                                  Priority:                Major
Reporter:                Christoph Grotz                      Assignee:                Gianluca Brigandi
Resolution:              Fixed                                Votes:                   0
Environment:             any


Description
I ran into the following problem. Currently the VirtualIdentityStore only supports the normal CredentialStore
implementation as soon as you try to use a BindUsernamePasswordAuthScheme you get an exception that the
VirtualIdentity Store doesn't implement the BindableCredentialStore.

Comments
Comment by Gianluca Brigandi [ 25/Aug/11 9:35 AM ]
A virtual identity store is not a BindableCredentialStore for not restricting the authentication options to those building
on the outcome of bind operation. Try mixing into the standard UsernamePassswordAuthScheme a virtual identity
store encompassing your preferred bindable credential store (e.g. ldap)
Comment by Christoph Grotz [ 25/Aug/11 9:44 AM ]
Of course this could be the solution, but if your using a MS Active Directory you won't get the userPassword field
when reading the user data, so you need to use the bind. I now configured the BindUsernamePasswordAuthScheme
to directly use the ldap-identity store and the UsernamePassswordAuthScheme to use the the virtual-identity-
provider. But in this case I needed to customize the check method in the AuthenticatorImpl to support multiple "basic-
authentication" implementations.
Comment by Gianluca Brigandi [ 25/Aug/11 9:52 AM ]
What I'm suggesting, considering that AD relies on a bind operation for authentication, is to use the
LDAPBindIdentityStore as one of the inner/backing stores of your virtual store. Then link the
UsernamePasswordAuthScheme bean with the virtual identity store one.
Comment by Christoph Grotz [ 25/Aug/11 9:55 AM ]
Ok, but when I'm doing this, I am not able to authenticate against the AD. Am I missing something?
Comment by Gianluca Brigandi [ 25/Aug/11 10:36 AM ]
Please discard my previous comment. You still need to use the BindUsernamePasswordAuthScheme, whereas you
need to mix in a VirtualBindIdentityStore instead of a VirtualidentityStore bean.

Here's an example :

<vis:virtual-bind-store
         id="josso-identity-store">

     <vis:sources>
       <vis:source alias="source-1">
          <vis:backing-store>
                         <ldap-istore:ldap-bind-store
                              id="identity-store-1"
                              initialContextFactory="com.sun.jndi.ldap.LdapCtxFactory"
                              providerUrl="ldap://xxx.xxx.xxx.xxx:389"
                              securityPrincipal="stiger@FOO.COM"
                            securityCredential="XXXX"
                            securityAuthentication="simple"
                            ldapSearchScope="SUBTREE"
                            usersCtxDN="ou=People,dc=foo,dc=com"
                            principalUidAttributeID="sAMAccountName"
                            principalLookupAttributeID="sAMAccountName"
                            uidAttributeID="member"
                            rolesCtxDN="cn=PeopleUsers,dc=foo,dc=com"
                            roleAttributeID="sAMAccountName"
                            credentialQueryString="uid=sAMAccountName"
                            userPropertiesQueryString="mail=email,cn=description,employeeid=employeeid,name
=name"
                                alwaysUseBindCredentials="true"
                                />
         </vis:backing-store>
      </vis:source>
      <vis:source alias="source-2">
         <vis:backing-store>
                          <ldap-istore:ldap-bind-store
                                id="identity-store-2"
                                initialContextFactory="com.sun.jndi.ldap.LdapCtxFactory"
                                providerUrl="ldap://XXX.XXX.XXX.XXX:389"
                                securityPrincipal="stiger@FOO.COM"
                                securityCredential="XXXX"
                                securityAuthentication="simple"
                                ldapSearchScope="SUBTREE"
                                usersCtxDN="ou=Employees,dc=foo,dc=com"
                                principalUidAttributeID="sAMAccountName"
                                principalLookupAttributeID="sAMAccountName"
                                uidAttributeID="member"
                                rolesCtxDN="ou=EmployeeUsers,dc=foo,dc=com"
                                roleAttributeID="sAMAccountName"
                                credentialQueryString="uid=sAMAccountName"
                                userPropertiesQueryString="mail=email,cn=description"
                                alwaysUseBindCredentials="true"
                                />
         </vis:backing-store>
      </vis:source>
   </vis:sources>
   <vis:mapping-policy>
      <vis:rule-based-mapping-policy>
         <vis:user-mapping-rules>
            <vis:select-all-users/>
            <vis:merge-properties/>
         </vis:user-mapping-rules>
         <vis:roles-mapping-rules>
            <vis:select-all-roles/>
            <vis:merge-roles/>
         </vis:roles-mapping-rules>
         <vis:credentials-mapping-rules>
            <vis:select-all-credentials/>
            <vis:merge-credentials/>
         </vis:credentials-mapping-rules>
         <vis:uid-mapping-rules>
            <vis:select-first-uid/>
            <vis:qualify-uid namespace="dc=foo,dc=com"/>
         </vis:uid-mapping-rules>
         <vis:bind-mapping-rules>
            <vis:bind-on-any-source/>
         </vis:bind-mapping-rules>
         <vis:user-exists-mapping-rules>
            <vis:user-exists-on-any-source/>
            </vis:user-exists-mapping-rules>
         </vis:rule-based-mapping-policy>
      </vis:mapping-policy>
</vis:virtual-bind-store>
[JOSSO-321] Import button size differs from other buttons Created: 23/Aug/11
Updated: 06/Sep/12 Resolved: 04/Feb/12
Status:                Closed
Project:               JOSSO
Component/s:           Atricore Console
Affects Version/s:     None
Fix Version/s:         JOSSO 2.2.2

Type:                  Improvement                 Priority:   Trivial
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-320] Changing appliance base location does not change
binding URL for execution environments Created: 23/Aug/11 Updated: 06/Sep/12 Resolved:
04/Feb/12
Status:              Closed
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Bug                         Priority:     Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:        0
[JOSSO-318] Generate Agent configuracion file for JEE Execution
environments Created: 12/Aug/11 Updated: 01/Jun/12
Status:              Open
Project:             JOSSO
Component/s:         Atricore Console
Affects Version/s:   JOSSO 2.2.0
Fix Version/s:       JOSSO 2.4.0

Type:                Improvement                 Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Unresolved                  Votes:      0
[JOSSO-317] JOSSO 1.8.X pom is not found the first time an appliance is
built, and there is no internet connection. Created: 12/Aug/11 Updated: 06/Sep/12 Resolved:
03/Apr/12
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.2.2

Type:                Bug                         Priority:      Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:         0
[JOSSO-316] Add local basic authentication URL support in ISAPI Agent
Created: 12/Aug/11 Updated: 06/Sep/12 Resolved: 12/Sep/11
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.6

Type:                  New Feature                          Priority:   Minor
Reporter:              Sebastian Gonzalez Oyuela            Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                                Votes:      0
[JOSSO-315] Allow users to specify the back channel endpoint when
activating an execution environment Created: 12/Aug/11 Updated: 01/Jun/12
Status:                Open
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 2.4.0

Type:                  Improvement                        Priority:               Minor
Reporter:              Sebastian Gonzalez Oyuela          Assignee:               Goran Nastov
Resolution:            Unresolved                         Votes:                  0


Description
The back channel endpoint applies only to JOSSO 1 Resources, and it's basically a location field
[JOSSO-314] Add local logout URL to IIS Agent Created: 09/Aug/11         Updated: 06/Sep/12
Resolved: 12/Sep/11
Status:               Closed
Project:              JOSSO
Component/s:          ISAPI Agent
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.6

Type:                 Improvement                 Priority:   Minor
Reporter:             Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:           Fixed                       Votes:      0
[JOSSO-313] JOSSO ISAPI Agent generated file has invalid path to log
file and agent config (there is a missing slash) Created: 02/Aug/11 Updated: 02/Aug/11
Status:              Open
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       None

Type:                Bug                         Priority:    Blocker
Reporter:            Sebastian Gonzalez Oyuela   Assignee:    Unassigned
Resolution:          Unresolved                  Votes:       0
[JOSSO-312] JOSSO ISAPI Agent default login strategy does not ignore
configured referres Created: 02/Aug/11 Updated: 12/Aug/11
Status:              Open
Project:             JOSSO
Component/s:         ISAPI Agent
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.6

Type:                Bug                         Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Unresolved                  Votes:      0
[JOSSO-311] Use of circular redirect patterns create issues for certain
clients, like IE, in certain environments Created: 29/Jul/11 Updated: 21/Sep/11
Status:                  Open
Project:                 JOSSO
Component/s:             JBoss 5.0 Agent
Affects Version/s:       JOSSO 1.8.5
Fix Version/s:           JOSSO 1.8.6

Type:                    Bug                                  Priority:                Major
Reporter:                Marc Elliott                         Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Unresolved                           Votes:                   0
Environment:             Ubuntu, Windows, HttpUnit

Attachments:                recursive-redirect.pcap

Description
The JBoss server agent's use of cyclical redirects causes problems with clients that check for recursive redirects.

I saw a lot of issues in IE that may be related to this, particularly in an architecture where the jboss server runs in http
mode behind a webserver or loadbalancer that handles the SSL on the front end and therefore adds to the number of
redirects used in any particular login or logout action.

I was unable to attain a wireshark for that scenario because that environment has moved on with our project.

I did see similar issues when I attempted to develop a HttpUnit test for our gateway. This is the source code of the
test. Note that the problem only occurs on the second visit to the protected resource.

{code}
/**
* Tests the login/logout routines. Includes cases for authentication
* failures and authorization failures.
*
* @throws IOException
* @throws SAXException
*/
@Test
public void loginLogout() throws IOException, SAXException {
HttpUnitOptions.setExceptionsThrownOnScriptError(false);

String urlRoot = this.getFilterProperties().get("josso.proxy.server")
+ "";

WebConversation wc = new WebConversation();

log.info("Get the initial page");
WebRequest req = new GetMethodWebRequest(urlRoot + "/josso");
WebResponse resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Info".equals(resp.getTitle()));

log.info("Get the login page");
req = new GetMethodWebRequest(urlRoot + "/josso/signon/login.do");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login".equals(resp.getTitle()));
log.info("Login as user");
WebForm f = resp.getForms()[0];
f.setParameter("josso_username", "user");
f.setParameter("josso_password", "Password1");
f.submit();
resp = wc.getCurrentPage();
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login Result".equals(resp.getTitle()));

log.info("Logout");
req = new GetMethodWebRequest(urlRoot + "/josso/signon/logout.do");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Info".equals(resp.getTitle()));

req = new GetMethodWebRequest(urlRoot + "/josso/signon/login.do");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login".equals(resp.getTitle()));

f = resp.getForms()[0];
f.setParameter("josso_username", "user");
f.setParameter("josso_password", "BadPassword");
f.submit();
resp = wc.getCurrentPage();
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login".equals(resp.getTitle()));

log.info("Access the jmx-console");
req = new GetMethodWebRequest(urlRoot + "/jmx-console");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login".equals(resp.getTitle()));

log.info("login as admin");
f = resp.getForms()[0];
f.setParameter("josso_username", "admin");
f.setParameter("josso_password", "Password1");
f.submit();
resp = wc.getCurrentPage();
log.info("Page title: " + resp.getTitle());
assert (resp.getTitle().contains("JBoss JMX Management Console"));

log.info("logout");
req = new GetMethodWebRequest(urlRoot + "/josso/signon/logout.do");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Info".equals(resp.getTitle()));

// creating a new conversation appears to avoid the
// redundant redirection issue we have with JOSSO
// when accessing a protected resource the
// second time around ... this is a JOSSO bug
// that will need to be dealt with at some point
//wc = new WebConversation();

log.info("Access the jmx-console");
req = new GetMethodWebRequest(urlRoot + "/jmx-console");
resp = wc.getResponse(req);
log.info("Page title: " + resp.getTitle());
assert ("Mobile Messenger - Login".equals(resp.getTitle()));
log.info("login as user");
f = resp.getForms()[0];
f.setParameter("josso_username", "user");
f.setParameter("josso_password", "Password1");
boolean error = false;
try {
f.submit();
} catch (HttpException e) {
// yes, we are expecting an http authorization error here
error = true;
}
assert (error);

}
{code}

Comments
Comment by Gianluca Brigandi [ 01/Aug/11 8:26 AM ]
Where is the redundant http redirect pointing to (e.g. Gateway URI or Partner application URI) ? Can you include a
dump of the requests and responses mediated through the http unit test ?
In order to come up with a first diagnostic of the potential issue an http traffic dump (e.g. generated with wireshark,
tamperdata, etc.) as well as JOSSO Gateway and Agents logs would be needed.
Comment by Gianluca Brigandi [ 03/Aug/11 9:48 AM ]
Your issue might be related to this one http://www.josso.org/jira/browse/JOSSO-312 which is currently on progress.
I'd suggest you keep an eye on the git updates of the ISAPI Agent in case you can't wait for the upcoming release .
Comment by Marc Elliott [ 21/Sep/11 4:06 PM ]
Here is a wireshark presenting the case of a user who logged into one josso domain then navigated to an application
protected by another. IE detects a circular redirect and gives a stupid error. Navigating to the URL directly or even
just hitting return forwards the user on to the login page with out incident.
[JOSSO-310] Add JBoss 7 Support Created: 25/Jul/11   Updated: 25/Jul/11
Status:              Open
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8.5
Fix Version/s:       JOSSO 1.8.6

Type:                New Feature         Priority:           Minor
Reporter:            Gianluca Brigandi   Assignee:           Unassigned
Resolution:          Unresolved          Votes:              1
[JOSSO-309] Add support for JBoss 6 Created: 25/Jul/11                         Updated: 06/Sep/12 Resolved: 02/Aug/11
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 6.0 Agent
Affects Version/s:      JOSSO 1.8.5
Fix Version/s:          JOSSO 1.8.6

Type:                   New Feature                        Priority:              Major
Reporter:               Gianluca Brigandi                  Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                              Votes:                 0


Comments
Comment by Gianluca Brigandi [ 02/Aug/11 4:15 PM ]
The JBoss 6 support is based on the JBoss 5 (JASPI) Agent, whereas the installation procedure differs.

Therefore, use the following commands to install under jboss 6 :

For installing the gateway under JBoss 6 run :

$ gateway install -t $JBOSS_HOME --platform jb6

For installing the agent under JBoss 6 run :

$ agent install --target $JBOSS_HOME --jboss-instance default --platform jb6

For installing the sample applications run :

$ samples install --target $JBOSS_HOME --platform jb6
[JOSSO-308] Deliver an installer artifact for JOSSO2 Created: 25/Jul/11                                Updated:
06/Sep/12 Resolved: 04/Feb/12
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.2.0
Fix Version/s:          JOSSO 2.2.2

Type:                   New Feature                          Priority:                Minor
Reporter:               Gianluca Brigandi                    Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:                   0


Description
There are users that are unable to open the zip correctly due to an older/non up-to-date OS or non maven friendly
deflater.
More over, it would be nice to be able to conduct pre and post installation checks (e.g. JVM location, available
memory, etc.), among other activities, in order to automate and guarantee seamless JOSSO2 execution.

A viable Free/OS alternative is lzPack which provides maven support : www.lzpack.org

Alternatively, there is a more sophisticated (and commercial) alternative : install4j - www.ej-
technologies.com/products/install4j/overview.html
One interesting advantage of the latter is that it can bundle a JRE.




Comments
Comment by Sebastian Gonzalez Oyuela [ 25/Jul/11 4:17 PM ]
Since JBoss has recently released JBoss AS 7.0 GA, we should also consider adding support for this version.
[JOSSO-307] Drop Tanuki's Java Service Wrapper Created: 25/Jul/11                  Updated: 06/Sep/12
Resolved: 12/Aug/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.2.0
Fix Version/s:          JOSSO 2.2.2

Type:                   Improvement                      Priority:   Major
Reporter:               Gianluca Brigandi                Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                            Votes:      0


Description
Port to yajsw : http://sourceforge.net/projects/yajsw/
[JOSSO-306] Release JOSSO 2.2.0 Created: 14/Jul/11   Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Task                Priority:            Blocker
Reporter:            Gianluca Brigandi   Assignee:            Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:               0
[JOSSO-305] Build errors with identity appliances are not reported back
to the client Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                 Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:          Fixed               Votes:      0
[JOSSO-304] Enhanced performance of SPML service Created: 14/Jul/11                  Updated:
12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Improvement                   Priority:   Major
Reporter:               Gianluca Brigandi             Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                         Votes:      0


Comments
Comment by Gianluca Brigandi [ 14/Jul/11 10:51 AM ]
Leveraged JAXB object pool from SPML web service
[JOSSO-303] Improve error reporting for SSO/SLO Created: 14/Jul/11   Updated: 12/Aug/11
Resolved: 14/Jul/11
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 2.1.0
Fix Version/s:        JOSSO 2.2.0

Type:                 Improvement         Priority:    Major
Reporter:             Gianluca Brigandi   Assignee:    Sebastian Gonzalez Oyuela
Resolution:           Fixed               Votes:       0
[JOSSO-302] Subject's name identifier can be set on a per-channel basis
Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          None

Type:                   Improvement                         Priority:   Major
Reporter:               Gianluca Brigandi                   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0
[JOSSO-301] Remove security token format and semantics coupling
from identity plans Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Improvement         Priority:        Major
Reporter:            Gianluca Brigandi   Assignee:        Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:           0
[JOSSO-300] Support multi-identity appliance Integrated Windows
Authentication Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Improvement         Priority:     Major
Reporter:            Gianluca Brigandi   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:        0
[JOSSO-299] Switch to Stax-based pull parsing Created: 14/Jul/11   Updated: 12/Aug/11
Resolved: 14/Jul/11
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 2.1.0
Fix Version/s:        JOSSO 2.2.0

Type:                 Improvement         Priority:     Major
Reporter:             Gianluca Brigandi   Assignee:     Gianluca Brigandi
Resolution:           Fixed               Votes:        0
[JOSSO-298] Render password expiration date in a human-readable
form Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Improvement         Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:      0
[JOSSO-297] Introduce password policy control detection Created: 14/Jul/11
Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.1.0
Fix Version/s:         JOSSO 2.2.0

Type:                  Improvement         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-296] Do not qualify SSO user properties Created: 14/Jul/11   Updated: 12/Aug/11
Resolved: 14/Jul/11
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 2.1.0
Fix Version/s:        JOSSO 2.2.0

Type:                 Improvement         Priority:     Major
Reporter:             Gianluca Brigandi   Assignee:     Sebastian Gonzalez Oyuela
Resolution:           Fixed               Votes:        0
[JOSSO-295] Do not use seconds granularity when presenting password
policy warnings to the user Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Improvement          Priority:         Minor
Reporter:            Gianluca Brigandi    Assignee:         Sebastian Gonzalez Oyuela
Resolution:          Fixed                Votes:            0
[JOSSO-294] Mediation Logger uses trace to log incoming messages
Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Bug                                 Priority:   Minor
Reporter:               Gianluca Brigandi                   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0
[JOSSO-293] IIS Agent is not working against a JOSSO2 Identity
Provider Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                 Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:      0
[JOSSO-292] Enhance the performance of the SAML2 identity capability
Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Improvement                         Priority:   Major
Reporter:               Gianluca Brigandi                   Assignee:   Gianluca Brigandi
Resolution:             Fixed                               Votes:      0


Comments
Comment by Gianluca Brigandi [ 14/Jul/11 10:26 AM ]
Implemented JAXB object caching improved the performance by ~50%
[JOSSO-291] Retrofit JOSSO2 to Apache Karaf 2.2.1 Created: 14/Jul/11        Updated:
12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Improvement         Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:             Fixed               Votes:      0
[JOSSO-290] JAAS realm does not registers correctly upon a
redeployinment of the contribuiting bundle Created: 14/Jul/11 Updated: 12/Aug/11   Resolved:
14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                    Priority:         Blocker
Reporter:            Gianluca Brigandi      Assignee:         Gianluca Brigandi
Resolution:          Fixed                  Votes:            0
[JOSSO-289] Support unspecified isPassive attribute in Authentication
Request Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                 Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:      0
[JOSSO-288] Deflating is not working correctly with the SAML HTTP
Redirect Binding Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                 Priority:     Major
Reporter:            Gianluca Brigandi   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:        0
[JOSSO-287] Support Integrated Windows Authentication by building on
the SPNEGO standard Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                New Feature         Priority:    Major
Reporter:            Gianluca Brigandi   Assignee:    Gianluca Brigandi
Resolution:          Fixed               Votes:       0
[JOSSO-286] Ldap Policy warnings are not presented to the user Created:
14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Bug                        Priority:   Minor
Reporter:               Gianluca Brigandi          Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                      Votes:      0
[JOSSO-285] Enhance SSL support in LDAP identity stores Created: 14/Jul/11
Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.1.0
Fix Version/s:         JOSSO 2.2.0

Type:                  Improvement         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-284] Remove POST submission timeout for SSO messages
Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Improvement                         Priority:   Major
Reporter:               Gianluca Brigandi                   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:      0
[JOSSO-283] LDAPS connection from identity stores cannot find SSL
stubs Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 2.1.0
Fix Version/s:       JOSSO 2.2.0

Type:                Bug                 Priority:   Major
Reporter:            Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:      0
[JOSSO-282] Do not rely on W3C-hosted XSD schemas Created: 14/Jul/11         Updated:
12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          JOSSO 2.2.0

Type:                   Improvement         Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed               Votes:      0
[JOSSO-281] Show progress while establishing SSO session Created: 14/Jul/11
Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 2.1.0
Fix Version/s:         JOSSO 2.2.0

Type:                  Improvement         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-280] Add Ldap Password Policy Support Created: 14/Jul/11    Updated: 12/Aug/11
Resolved: 14/Jul/11
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 2.1.0
Fix Version/s:        JOSSO 2.2.0

Type:                 New Feature         Priority:   Major
Reporter:             Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:           Fixed               Votes:      0
[JOSSO-279] Deliver JOSSO support for Atlassian Confluence Created: 14/Jul/11
Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.4
Fix Version/s:         JOSSO 1.8.5

Type:                  New Feature         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-278] Deliver JOSSO support for Atlassian JIRA Created: 14/Jul/11       Updated:
12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.4
Fix Version/s:          JOSSO 1.8.5

Type:                   New Feature         Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed               Votes:      0
[JOSSO-277] Windows ISAPI Agent automatic login is not fully
supported Created: 14/Jul/11 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         ISAPI Agent
Affects Version/s:   JOSSO 1.8.4
Fix Version/s:       JOSSO 1.8.5

Type:                Improvement         Priority:     Critical
Reporter:            Gianluca Brigandi   Assignee:     Sebastian Gonzalez Oyuela
Resolution:          Fixed               Votes:        0
[JOSSO-276] Apache Tomcat 7 Agent is not building Created: 14/Jul/11     Updated:
12/Aug/11 Resolved: 14/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.4
Fix Version/s:          JOSSO 1.8.5

Type:                   Bug                 Priority:   Major
Reporter:               Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed               Votes:      0
[JOSSO-275] java.lang.RuntimeException:
com.atricore.idbus.console.lifecycle.main.exception.IdentityServerExce
ption: Cannot start appliance 7 using feature IA Created: 25/Jun/11 Updated: 12/Oct/11
Resolved: 08/Jul/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.1.0
Fix Version/s:          None

Type:                   Bug                                 Priority:                Major
Reporter:               Rene Eykelberg                      Assignee:                Gianluca Brigandi
Resolution:             Fixed                               Votes:                   0
Environment:            windows 7 (x64),
                        java version "1.6.0_25"
                        Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
                        Java HotSpot(TM) 64-Bit Server VM (build 20.0-b11, mixed mode)

Attachments:               atricore.first.startup.log     atricore.log

Description
I've created an Identity Aplliance with name: IA, realm name: net.internalcorp.localdomain.localhost Appliance
location: http://localhost.localdomain.internalcorp.net:8081/idbus/ia. saved the appliance an then deployed it. After
that I was not able to start it. display-exceptions command showed the folllowing error:

java.lang.RuntimeException: com.atricore.idbus.console.lifecycle.main.exception.IdentityServerException: Cannot
start applian
ce 7 using feature IA
      at
com.atricore.idbus.console.lifecycle.command.ManagementCommandSupport.doExecute(ManagementCommandSu
pport.java:40)
      at
org.apache.karaf.shell.console.OsgiCommandSupport.execute(OsgiCommandSupport.java:38)[18:org.apache.karaf.
shell.co
nsole:2.1.0]
      at
org.apache.felix.gogo.commands.basic.AbstractCommand.execute(AbstractCommand.java:35)[18:org.apache.karaf.
shell.co
nsole:2.1.0]
      at
org.apache.felix.gogo.runtime.shell.CommandProxy.execute(CommandProxy.java:50)[18:org.apache.karaf.shell.cons
ole:2
.1.0]
      at
org.apache.felix.gogo.runtime.shell.Closure.execute(Closure.java:229)[18:org.apache.karaf.shell.console:2.1.0]
      at
org.apache.felix.gogo.runtime.shell.Closure.executeStatement(Closure.java:162)[18:org.apache.karaf.shell.console:2
.1.0]
      at org.apache.felix.gogo.runtime.shell.Pipe.run(Pipe.java:101)[18:org.apache.karaf.shell.console:2.1.0]
      at org.apache.felix.gogo.runtime.shell.Closure.execute(Closure.java:79)[18:org.apache.karaf.shell.console:2.1.0]
      at
org.apache.felix.gogo.runtime.shell.CommandSessionImpl.execute(CommandSessionImpl.java:71)[18:org.apache.ka
raf.she
ll.console:2.1.0]
      at org.apache.karaf.shell.console.jline.Console.run(Console.java:169)[18:org.apache.karaf.shell.console:2.1.0]
      at java.lang.Thread.run(Thread.java:662)[:1.6.0_25]
Caused by: com.atricore.idbus.console.lifecycle.main.exception.IdentityServerException:
com.atricore.idbus.console.lifecycle.
main.exception.IdentityServerException: Cannot start appliance 7 using feature IA
      at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.manageIdentityApplianceLif
eC
ycle(IdentityApplianceManagementServiceImpl.java:493)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_25]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_25]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_25]
      at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_25]
      at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
      at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:18
3)
      at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
      at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
      at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
      at $Proxy90.manageIdentityApplianceLifeCycle(Unknown Source)
      at
com.atricore.idbus.console.lifecycle.command.StartApplianceCommand.doExecute(StartApplianceCommand.java:25
)
      at
com.atricore.idbus.console.lifecycle.command.ManagementCommandSupport.doExecute(ManagementCommandSu
pport.java:37)
      ... 10 more
Caused by: com.atricore.idbus.console.lifecycle.main.exception.IdentityServerException: Cannot start appliance 7
using featur
e IA
      at
com.atricore.idbus.console.lifecycle.main.impl.FeaturesBasedApplianceDeployer.start(FeaturesBasedApplianceDepl
oyer
.java:197)
      at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.startAppliance(IdentityAppli
anceManagementServiceImpl.java:1812)
      at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.manageIdentityApplianceLif
eC
ycle(IdentityApplianceManagementServiceImpl.java:469)
      ... 23 more
Caused by: java.lang.RuntimeException: URL
[mvn:net.internalcorp.localdomain.localhost.ia/net.internalcorp.localdomain.localh
ost.ia.idau/1.0.1] could not be resolved.
      at org.ops4j.pax.url.mvn.internal.Connection.getInputStream(Connection.java:195)
      at java.net.URL.openStream(URL.java:1010)[:1.6.0_25]
      at org.apache.karaf.features.internal.FeaturesServiceImpl.installBundleIfNeeded(FeaturesServiceImpl.java:550)
      at org.apache.karaf.features.internal.FeaturesServiceImpl.doInstallFeature(FeaturesServiceImpl.java:400)
      at org.apache.karaf.features.internal.FeaturesServiceImpl.installFeatures(FeaturesServiceImpl.java:245)
      at org.apache.karaf.features.internal.FeaturesServiceImpl.installFeature(FeaturesServiceImpl.java:234)
      at org.apache.karaf.features.internal.FeaturesServiceImpl.installFeature(FeaturesServiceImpl.java:230)
      at org.apache.karaf.features.internal.FeaturesServiceImpl.installFeature(FeaturesServiceImpl.java:221)
      at
com.atricore.idbus.console.lifecycle.main.impl.FeaturesBasedApplianceDeployer.start(FeaturesBasedApplianceDepl
oyer
.java:195)
      ... 25 more
Comments
Comment by Gianluca Brigandi [ 25/Jun/11 3:57 PM ]
Looks like an attempt has been made for starting an identity appliance that hasn't been installed successfully. By
examining the attached log dump, there are several fatal errors that occur on identity appliance build time. Make sure
that you're running JOSSO CE from a host capable of connecting to the internet. The first time JOSSO is run, several
artifacts are downloaded from maven repositories located in the cloud.

Comment by Rene Eykelberg [ 26/Jun/11 4:24 AM ]
I've made a fresh install of josso-ce-2.1.0. Made sure that my computer is connected to internet and run atricore.bat.
In the atricore.log I saw nothing that pointed to download errors. The only errors I saw were
java.sql.SQLWarning: The new index is a duplicate of an existing index: SQL110626110922440. I include the
atricore.first.startup.log were can find the whole start up conversation
Comment by Gianluca Brigandi [ 27/Jun/11 8:00 AM ]
We've never tested JOSSO2 under Windows 7 whereas the underlying JVM should protect it from any potential
incompatibility. We did test it successfully under Windows Server environments, namely Windows 2003 and Windows
2008.

Please try the following :

a. Tear down JOSSO CE
b. Remove the $JOSSO2_HOME/data folder
c. Restart JOSSO CE

In case the issue persists, please try to run JOSSO CE under a Windows 2003/2008/XP OSes. If this works, it means
that the issue is due to an incompatibility with WIndows 7 and not an environment-related issue.
Comment by Rene Eykelberg [ 01/Jul/11 1:13 PM ]
I've installed josso-ce-2.1.0 on my windows xp sp3 box and the errors were similar when I'm running josso-ce-2.1.0
on windows 7 (as described above). Can you upload a complete working bundle of josso-ce-2.1.0 so I can see it
works, as company we are evaluating federation software and I'm very impressed about the concept and simplicity of
josso. What I missed on the system requirements of josso2 is what kind OS type and version linux (ubuntu, fedora ...)
/windows (2003, 2008...) what kind of java version sun (jre/jdk 1.5 +) /ibm java). At the moment I'm testing OpenAm
en TFIM both well documented. The federation I've build with josso (and not worked see above) I had simulated with
OpenAm and it works, this means not that openam is better then josso (I believe in the concept).
Comment by Yura Nakonechnyy [ 04/Jul/11 6:34 AM ]
Was experiencing the same problem. After examining the logs it was found out that before the mentioned above error
another one popped up:

12:29:40,052 | ERROR | tp-1804451569-10 | MavenEmbeddedRuntime | ndles.maven.MavenEmbeddedRuntime 440
| 171 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.1.0 | 1:Failed to execute goal on project
com.logivations.w2mo.logivationsia.idau: Unable to get dependency information for org.jbpm.jbpm3:jbpm-
jpdl:jar:3.3.1.GA: Failed to process POM for org.jbpm.jbpm3:jbpm-jpdl:jar:3.3.1.GA: Non-resolvable parent POM
org.jbpm.jbpm3:jbpm:3.3.1.GA for org.jbpm.jbpm3:jbpm-jpdl:3.3.1.GA: Failed to resolve POM for
org.jbpm.jbpm3:jbpm:3.3.1.GA due to Error transferring file
  org.jbpm.jbpm3:jbpm:pom:3.3.1.GA

I'm not sure, but it seems that during some phase, the framework was not able to load on the fly mentioned in the
logs 'jbpm' dependency. Because everything else was downloaded successfully, it seems that this might be a
problem of repository from where this dependency should have been downloaded.

After navigating to "<josso-home-directory>\data\work\maven\repository\org\jbpm\jbpm3\jbpm\3.3.1.GA\" it was found
out that it doesn't contain 'jbpm-3.3.1.GA.pom' file.
This file was found here:
http://maven.glassfish.org/content/groups/glassfish/org/jbpm/jbpm3/jbpm/3.3.1.GA/jbpm-3.3.1.GA.pom
and placed manually in the above mentioned location.

At first it didn't work as well, but after stopping Atricore Console, starting it again and creating new appliance, I was
able to deploy and start it.
Hope this helps
Comment by Gianluca Brigandi [ 04/Jul/11 1:36 PM ]
For some reason jboss removed the jbpm 3.3.1.GA POM descriptor from their repository. Considering that JOSSO2
relies on this artifact, the whole identity appliance build fails.As a workaround, we've pushed such pom file to our
maven repository used by JOSSO2 CE. This way you do not need to manually copy the pom file to the local
repository (as Yuri did as a workaround - thanks!).

Before retrying a build make sure to remove this file :
$JOSSO2_HOME/data/work/maven/repository/org/jbpm/jbpm3/jbpm/3.3.1.GA/jbpm-3.3.1.GA.pom.lastUpdated

In order to avoid this type of errors, the upcoming release will bundle the POM files for the artifacts JOSSO2 depends
on so that these are not fetched by non controlled maven repositories.




Comment by bayu anggorojati [ 12/Oct/11 8:09 AM ]
Dear Gianluca,

I am using Josso 2.2.0 and running on Ubuntu 11.04, and having the same problem as Rene. After reading Yura's
comment, I found an error here:
Failed to execute goal on project localhost.coba.idau: Failure to resolve javax/transaction/jta/1.0.1B/jta-1.0.1B.jar
from http://repository.jboss.com/maven2 was cached in the local repository. Resolution will not be reattempted until
the update interval of jboss has elapsed or updates are forced. Original error: Error transferring file
  javax.transaction:jta:jar:1.0.1B

So, I did what Yura did (went to dir JOSSO_HOME/data/work/maven/repository/javax/transaction/jta/1.0.1B), but
instead of downloading jta-1.0.1B.jar, I renamed the jta-1.0.1B.jar.lastUpdated into jta-1.0.1B.jar. Then I delete the
current appliance and re-create the same appliance from scratch. However, another error appears when I build the
appliance, which looks like this:

14:37:29,508 | ERROR | 6@qtp-21549984-1 | MavenEmbeddedRuntime | ndles.maven.MavenEmbeddedRuntime
438 | 183 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.2.0 | Maven build has errors ...
14:37:29,509 | ERROR | 6@qtp-21549984-1 | MavenEmbeddedRuntime | ndles.maven.MavenEmbeddedRuntime
442 | 183 - org.atricore.idbus.bundles.apache-maven-v3_0 - 1.2.0 | 1:Failed to execute goal org.apache.felix:maven-
bundle-plugin:2.1.0:bundle (default-bundle) on project localhost.coba.idau: Error calculating classpath for project
MavenProject: localhost.coba:localhost.coba.idau:1.0.2 @ /home/bayu/JOSSO/josso-ce-
2.2.0/data/work/maven/projects/coba/project/idau/pom.xml
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.felix:maven-bundle-
plugin:2.1.0:bundle (default-bundle) on project localhost.coba.idau: Error calculating classpath for project
MavenProject: localhost.coba:localhost.coba.idau:1.0.2 @ /home/bayu/JOSSO/josso-ce-
2.2.0/data/work/maven/projects/coba/project/idau/pom.xml
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:141)[183:org.atricore.idbus.bundles.ap
ache-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:77)[183:org.atricore.idbus.bundles.apa
che-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:69)[183:org.atricore.idbus.bundles.apa
che-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:82)[183:org.atri
core.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:54)[183:org.atri
core.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.singleThreadedBuild(DefaultLifecycleExecutor.java:218)[183:or
g.atricore.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:190)[183:org.atricore.idb
us.bundles.apache-maven-v3_0:1.2.0]
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:246)[183:org.atricore.idbus.bundles.apache-
maven-v3_0:1.2.0]
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:95)[183:org.atricore.idbus.bundles.apache-maven-
v3_0:1.2.0]
at org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.executeMaven(MavenEmbeddedRuntime.java:433)
at org.atricore.idbus.bundles.maven.MavenEmbeddedRuntime.doExecute(MavenEmbeddedRuntime.java:126)
at
com.atricore.idbus.console.lifecycle.main.transform.transformers.ApplianceBuilderTransformer.after(ApplianceBuilder
Transformer.java:76)
at com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:1585)
at com.atricore.idbus.console.lifecycle.main.transform.TransformerVisitor.leave(TransformerVisitor.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walkAny(ReflexiveIde
ntityApplianceDefinitionWalker.java:131)
at
com.atricore.idbus.console.lifecycle.main.transform.ReflexiveIdentityApplianceDefinitionWalker.walk(ReflexiveIdentity
ApplianceDefinitionWalker.java:42)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:113)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformationEngine.transform(TransformationEngine.java:87)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.buildAppliance(TransformerAp
plianceBuilderImpl.java:150)
at
com.atricore.idbus.console.lifecycle.main.transform.TransformerApplianceBuilderImpl.build(TransformerApplianceBui
lderImpl.java:39)
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildAppliance(IdentityAppli
anceManagementServiceImpl.java:2038)
at
com.atricore.idbus.console.lifecycle.main.impl.IdentityApplianceManagementServiceImpl.buildIdentityAppliance(Ident
ityApplianceManagementServiceImpl.java:218)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:18
3)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy79.buildIdentityAppliance(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:58)
at org.springframework.osgi.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.jav
a:131)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:11
9)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLIntercept
or.java:56)
at org.springframework.osgi.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:39)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.osgi.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.jav
a:59)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.jav
a:131)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:11
9)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy102.buildIdentityAppliance(Unknown Source)
at
com.atricore.idbus.console.services.impl.IdentityApplianceManagementAjaxServiceImpl.buildIdentityAppliance(Identit
yApplianceManagementAjaxServiceImpl.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
at
flex.messaging.services.remoting.adapters.JavaAdapter.invoke(JavaAdapter.java:406)[191:com.atricore.idbus.consol
e.web:1.1.0]
at
flex.messaging.services.RemotingService.serviceMessage(RemotingService.java:183)[191:com.atricore.idbus.consol
e.web:1.1.0]
at
flex.messaging.MessageBroker.routeMessageToService(MessageBroker.java:1417)[191:com.atricore.idbus.console.
web:1.1.0]
at
flex.messaging.endpoints.AbstractEndpoint.serviceMessage(AbstractEndpoint.java:878)[191:com.atricore.idbus.cons
ole.web:1.1.0]
at
flex.messaging.endpoints.amf.MessageBrokerFilter.invoke(MessageBrokerFilter.java:121)[191:com.atricore.idbus.co
nsole.web:1.1.0]
at
flex.messaging.endpoints.amf.LegacyFilter.invoke(LegacyFilter.java:158)[191:com.atricore.idbus.console.web:1.1.0]
at
flex.messaging.endpoints.amf.SessionFilter.invoke(SessionFilter.java:49)[191:com.atricore.idbus.console.web:1.1.0]
at
flex.messaging.endpoints.amf.BatchProcessFilter.invoke(BatchProcessFilter.java:67)[191:com.atricore.idbus.console
.web:1.1.0]
at
flex.messaging.endpoints.amf.SerializationFilter.invoke(SerializationFilter.java:146)[191:com.atricore.idbus.console.w
eb:1.1.0]
at
flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:274)[191:com.atricore.idbus.console.
web:1.1.0]
at
flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:377)[191:com.atricore.idbus.console.web:
1.1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[99:org.apache.geronimo.specs.geronimo-
servlet_2.5_spec:1.1.2]
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)[100:org.apache.servicemix
.bundles.jetty-bundle:6.1.22.2]
at
org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[103:org.ops4j.pax.web.p
ax-web-runtime:0.7.2]
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)[100:org.apache.servicemix
.bundles.jetty-bundle:6.1.22.2]
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)[104:or
g.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.ops4j.pax.web.service.jetty.internal.ConfigurableHttpServiceContext.handle(ConfigurableHttpServiceContext.java
:98)[104:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)[1
04:org.ops4j.pax.web.pax-web-jetty:0.7.2]
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)[100:org.apache.servicemix.bundles.jett
y-bundle:6.1.22.2]
at org.mortbay.jetty.Server.handle(Server.java:326)[100:org.apache.servicemix.bundles.jetty-bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)[100:org.apache.servicemix.bun
dles.jetty-bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)[100:org.apache.servicemix.bundles.jetty-
bundle:6.1.22.2]
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)[100:org.apache.servicemix.bundles
.jetty-bundle:6.1.22.2]
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)[100:org.apache.servicemix.bu
ndles.jetty-bundle:6.1.22.2]
Caused by: org.apache.maven.plugin.MojoExecutionException: Error calculating classpath for project MavenProject:
localhost.coba:localhost.coba.idau:1.0.2 @ /home/bayu/JOSSO/josso-ce-
2.2.0/data/work/maven/projects/coba/project/idau/pom.xml
at org.apache.felix.bundleplugin.BundlePlugin.execute(BundlePlugin.java:242)
at org.apache.felix.bundleplugin.BundlePlugin.execute(BundlePlugin.java:229)
at
org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:105)[183:org.atri
core.idbus.bundles.apache-maven-v3_0:1.2.0]
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:133)[183:org.atricore.idbus.bundles.ap
ache-maven-v3_0:1.2.0]
... 93 more
Caused by: java.util.zip.ZipException: error in opening zip file
at java.util.zip.ZipFile.open(Native Method)[:1.6.0_26]
at java.util.zip.ZipFile.<init>(ZipFile.java:127)[:1.6.0_26]
at java.util.zip.ZipFile.<init>(ZipFile.java:144)[:1.6.0_26]
at aQute.lib.osgi.ZipResource.build(ZipResource.java:40)
at aQute.lib.osgi.ZipResource.build(ZipResource.java:33)
at aQute.lib.osgi.Jar.<init>(Jar.java:36)
at org.apache.felix.bundleplugin.BundlePlugin.getClasspath(BundlePlugin.java:742)
at org.apache.felix.bundleplugin.BundlePlugin.execute(BundlePlugin.java:238)
... 96 more

Any hints of what might go wrong? Thank you for your help

/bayu
Comment by Sebastian Gonzalez Oyuela [ 12/Oct/11 9:27 AM ]
Take a look at http://www.atricore.org/jira/browse/JOSSO-334
Comment by bayu anggorojati [ 12/Oct/11 2:17 PM ]
Dear Sebastian,

That did it! Thanks a lot..

/bayu
[JOSSO-274] Changes to user roles does not affect existing sessions
Created: 13/Jun/11 Updated: 12/Aug/11
Status:                 Open
Project:                JOSSO
Component/s:            LDAP Identity Store, Memory Session Store, SSO Gateway, Tomcat 5.5 Agent
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          JOSSO 1.8.6

Type:                   Bug                                  Priority:                Major
Reporter:               Aaron Reffett                        Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Unresolved                           Votes:                   0
Environment:            JOSSO 1.8.3, Tomcat 5.5, Tomcat 5.5 Agent, web.xml security-constraints


Description
If a user's role information is changed in the identity store, but the user has active sessions, the new role information
is not propagated to the active sessions cached by the agents.

Steps to reproduce:

1) Log in as a user with some set of roles (for illustration: RoleA and RoleB)
2) Verify on the SSO gateway info page that a valid session with these roles exists
3) Access a protected partner application - this will cache the SSO User with the agent
3) Remove a role from the user via the identity store that would remove the user's right to access the partner
application
4) Verify again on the SSO gateway that the role has been removed
5) Refresh the partner application - the user still has access
6) Do something that invalidates the session - wait until timeout or destroy the servlet session
7) Refresh the partner application - now the user is properly denied access

Attaching a debugger and walking through the request pipeline the Tomcat Agent refreshes the session by contacting
the gateway which only checks that the session is valid, not that the principal roles have changed, and does not
inform the agent that the roles have changed. This causes the agent to maintain its cached user with out of date role
information. This condition will persist until the gateway invalidates the session - either a logout or by inactivity
timeout.

A partial workaround is to reduce the inactivity timeout on the session manager to 1 minute, 0 causes assertion
resolution to fail (session expires immediately).

Comments
Comment by Sebastian Gonzalez Oyuela [ 12/Aug/11 7:39 AM ]
Consider also JOSSO-273
[JOSSO-273] JOSSO always requires authentication/authorization
process whenever clicking on any links on GUI after login successfully
Created: 16/May/11 Updated: 12/Aug/11
Status:                Open
Project:               JOSSO
Component/s:           JBoss 5.0 Agent, JBoss 6.0 Agent
Affects Version/s:     JOSSO 1.8.4
Fix Version/s:         JOSSO 1.8.6

Type:                  Bug                                Priority:               Major
Reporter:              Ngo Duc Trieu                      Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Unresolved                         Votes:                  0
Environment:           JOSSO 1.8.4 integrated with JBOSS 5.1.0.GA


Description
My web application runs on JBoss 5.1.0.GA. Following guidelines from JOSSO site, install JOSSO agent and JOSSO
gateway successfully and edit web context file (My-App.War/WEB-INF/context.xml) as follows:

<Context cookies="true" crossContext="true">
<Valve className="org.josso.jb5.agent.JOSSOJASPIAuthenticator" />
</Context>

Then, login into my web application successfully. After that, whenever clicking any links on GUI, observer that
JOSSO gateway sends requests to database for querying username, password and roles. It means that
Authentication/Authorization process is re-run. This raises a performance problem of the app. Expected behavior is
that Authentication/Authorization process is only run once at login time.
[JOSSO-272] Apache sometimes crashes with a segmentation fault
when automatic login strategy isn't configured Created: 13/Apr/11 Updated: 12/Aug/11
Resolved: 14/Apr/11
Status:               Closed
Project:              JOSSO
Component/s:          Apache HTTP 2.2 Agent
Affects Version/s:    JOSSO 1.8.3
Fix Version/s:        JOSSO 1.8.4

Type:                 Bug                     Priority:       Major
Reporter:             Goran Nastov            Assignee:       Goran Nastov
Resolution:           Fixed                   Votes:          0
[JOSSO-271] Add AutoLoginDisabled directive Created: 13/Apr/11         Updated: 12/Aug/11
Resolved: 14/Apr/11
Status:               Closed
Project:              JOSSO
Component/s:          Apache HTTP 2.2 Agent
Affects Version/s:    JOSSO 1.8.3
Fix Version/s:        JOSSO 1.8.4

Type:                 Improvement                 Priority:   Major
Reporter:             Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:           Fixed                       Votes:      0
[JOSSO-270] Include a fall-back to LDAP X.509 userCertificate lookup in
getUID Created: 13/Apr/11 Updated: 13/Apr/11
Status:                 Open
Project:                JOSSO
Component/s:            LDAP Identity Store
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          None

Type:                   Improvement                         Priority:                Major
Reporter:               Aaron Reffett                       Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                   0

Attachments:               LDAPIdentityStore-x509-uid-fallback.patch

Description
The LDAPIdentityStore getUID method for handling UID lookup by X.509 certificate assumed the backing LDAP can
handle userCertificate binary search filters. While this may work on some LDAP providers it is not guaranteed that the
LDAP provider implements certificateExactMatch or handles it in this way. OpenLDAP 2.4 in later versions does, but
2.3 does not.

Attached is a patch that attempts a fallback that does the certificate equality matching in-application if the LDAP
returned no results from the userCertificate search that should ensure greater portability across LDAP providers.
[JOSSO-269] josso integrating with spring security Created: 29/Mar/11                               Updated:
29/Mar/11
Status:                 Open
Project:                JOSSO
Component/s:            Tomcat 6.0 Agent
Affects Version/s:      JOSSO 2.0.2
Fix Version/s:          None

Type:                   Task                                Priority:               Major
Reporter:               soundar                             Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                  0
Environment:            windows(java)


Description
i'm developing sso system for the we need spring security integration with josso 2.0.0..
pls give brief idea(logic) hoe to integrate with spring security..
I refer spring-security-contects code but it's not configure with postgresql database
[JOSSO-268] IIS Installer error when update configuration selected, but
no previous configuration exists Created: 23/Mar/11 Updated: 12/Aug/11 Resolved: 24/Mar/11
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.4

Type:                 Bug                                Priority:              Major
Reporter:             Sebastian Gonzalez Oyuela          Assignee:              Dusan Fisic
Resolution:           Fixed                              Votes:                 0


Description
Installing JOSSO Agent Configuration files
  Installing [josso-agent-config.ini] [OK ] Created file:///tmp/config/josso-agent-config.ini
  Installing [JOSSO-ISAPI-Config.reg] [OK ] Created file:///tmp/config/JOSSO-ISAPI-Config.reg
  Installing [JOSSO-ISAPI-EventLog.reg] [OK ] Created file:///tmp/config/JOSSO-ISAPI-EventLog.reg
  UpdateAgentConfiguration [ERROR] null
[JOSSO-267] Remove regex2.dll from IIS distribution Created: 23/Mar/11                              Updated:
12/Aug/11 Resolved: 24/Mar/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.4

Type:                  Improvement                       Priority:             Major
Reporter:              Sebastian Gonzalez Oyuela         Assignee:             Dusan Fisic
Resolution:            Fixed                             Votes:                0


Description
The regex2.dll is no longer used by JOSSO ISAPI Agent, therefore we need to remove it from the project and make
sure that the installer is still working.
When attempting to "activate" a JBoss 5.x Service provider using "Reactivate" box, an error is thrown that
says "Unsupported platform jb5" (JOSSO-264)


   [JOSSO-266] Create snapshot based on JOSSO 2.0.2 with the JBoss 5
fix activation included Created: 23/Feb/11 Updated: 12/Aug/11 Resolved: 25/Feb/11
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 5.0 Agent
Affects Version/s:      JOSSO 2.0.2
Fix Version/s:          JOSSO 2.1.0

Type:                   Sub-task                          Priority:             Major
Reporter:               Gianluca Brigandi                 Assignee:             Dejan Maric
Resolution:             Fixed                             Votes:                0


Description
the changeset for the JBoss 5.x fix should be merged into the JOSSO 2.0.3 branch. From this branch generate a
SNAPSHOT release.



Comments
Comment by Dejan Maric [ 25/Feb/11 6:30 AM ]
Created josso 2.0.3 branch with jboss 5 activation fix.
[JOSSO-265] Error occurs when accessing an expired session that
wasn't removed from the session store Created: 23/Feb/11 Updated: 06/Sep/12 Resolved:
18/Aug/11
Status:                  Closed
Project:                 JOSSO
Component/s:             SSO Gateway
Affects Version/s:       JOSSO 1.8.2, JOSSO 1.8.3, JOSSO 1.8.4, JOSSO 1.8.5
Fix Version/s:           JOSSO 1.8.6

Type:                    Bug                                  Priority:                Minor
Reporter:                m weghofer                           Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Fixed                                Votes:                   1
Environment:             tomcat 6.0.26, java 1.6.0_06, Red Hat Enterprise Linux Server release 5.5


Description
An exception occurs when accessing a web page after "maxInactiveInterval".
The Session-Timout works fine with in memory sessions. After changing to database stored sessions an exception is
thrown.
We set up josso as cluster of two josso-gateways, so we need db-stored sessions.
As a workaround we've set maxInactiveInterval="-1", so the session never times out.

message description
The server encountered an internal error () that prevented it from fulfilling this request.

exception
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:551)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
java.lang.Thread.run(Thread.java:619)


the Josso_Session Table:

SESSION_ID VARCHAR2(64 BYTE) No
USERNAME VARCHAR2(128 BYTE) No
CREATION_TIME NUMBER No
LAST_ACCESS_TIME NUMBER No
ACCESS_COUNT NUMBER No
MAX_INACTIVE_INTERVAL NUMBER No
VALID NUMBER(1,0) No


from the gateway-stores.xml

<db-sstore:datasource-store
    id="josso-session-store"
    dsJndiName="java:comp/env/jdbc/josso"
    loadQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME,
ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE SESSION_ID = ?"
    loadAllQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME,
ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION"
     insertDml="INSERT INTO JOSSO_SESSION VALUES (?, ?, ?, ?, ?, ?, ?)"
     updateDml="UPDATE JOSSO_SESSION SET USERNAME = ?, CREATION_TIME = ?, LAST_ACCESS_TIME
= ?, ACCESS_COUNT = ?, MAX_INACTIVE_INTERVAL = ?, VALID = ? WHERE SESSION_ID = ?"
     sizeQuery="SELECT COUNT(1) FROM JOSSO_SESSION"
     keysQuery="SELECT SESSION_ID FROM JOSSO_SESSION"
     loadByUserNameQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME,
ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE USERNAME = ?"
     loadByValidQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME,
ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE VALID = ?"
     loadByLastAccessTimeQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME,
LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE
LAST_ACCESS_TIME = ?"
     deleteDml="DELETE FROM JOSSO_SESSION WHERE SESSION_ID = ?"
     deleteAllDml="DELETE FROM JOSSO_SESSION" />


Tomcat log:

2011-02-18 12:52:59|TP-Processor7|DEBUG|DeserializationContext|Popped element stack to
org.apache.axis.message.SOAPBody:Body
2011-02-18 12:52:59|TP-Processor7|DEBUG|DeserializationContext|Exit: DeserializationContext::endElement()
2011-02-18 12:52:59|TP-
Processor7|DEBUG|ProjectResourceBundle|org.apache.axis.i18n.resource::handleGetObject(value00)
2011-02-18 12:52:59|TP-Processor7|DEBUG|RPCProvider| value:
org.josso.gateway.ws._1_2.protocol.AccessSessionRequestType@2970fc9a
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOContext|Created context in thread TP-Processor7
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOGatewayImpl|SSOContext created from token
org.josso.gateway.session.service.SSOSessionManager/CAE8EE92BAF42888DBF2EE8CF512C709 for
SecurityDomain josso
2011-02-18 12:52:59|TP-Processor7|DEBUG|DbSessionStore|Loaded session:
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOSessionManagerSOAPBindingImpl|About to access session
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOSessionManagerImpl|[accessSession()] trying session :
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|DbSessionStore|Loaded session:
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOContext|Created context in thread TP-Processor7
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOGatewayImpl|SSOContext created from token
org.josso.gateway.session.service.SSOSessionManager/CAE8EE92BAF42888DBF2EE8CF512C709 for
SecurityDomain josso
2011-02-18 12:52:59|TP-Processor7|DEBUG|DbSessionStore|Loaded session:
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SpringJMXSSOEventManagerImpl|Received SSO Event Notification :
destroySession
2011-02-18 12:52:59|TP-Processor7|DEBUG|SpringJMXSSOEventManagerImpl|Handling notification to listener :
org.josso.gateway.audit.service.SSOAuditManagerImpl@10fb9bd
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOAuditManagerImpl|handling sso event :
SSOSessionEvent['CAE8EE92BAF42888DBF2EE8CF512C709','destroySession']
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOAuditManagerImpl|Creating Audit Trail form SSO event
2011-02-18 12:52:59|TP-Processor7|INFO|AUDIT|Fri Feb 18 12:52:59 UTC 2011 - sso-session - info - klm -
destroySession=success - ssoSessionId=CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SpringJMXSSOEventManagerImpl|Sent notification :
SSOSessionEvent['CAE8EE92BAF42888DBF2EE8CF512C709','destroySession']
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOSessionManagerImpl|[accessSession()] invalid session :
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOSessionManagerImpl|[accessSession()] ended for session :
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|SSOSessionManagerSOAPBindingImpl|JOSSO Session not found :
CAE8EE92BAF42888DBF2EE8CF512C709
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader|loadClass(org.apache.axis.utils.NetworkUtils,
false)
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader| Searching local repositories
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader| findClass(org.apache.axis.utils.NetworkUtils)
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader| Loading class from local repository
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader|loadClass(java.net.UnknownHostException,
false)
2011-02-18 12:52:59|TP-Processor7|DEBUG|WebappClassLoader|loadClass(java.net.InetAddress, false)
2011-02-18 12:52:59|TP-
Processor7|DEBUG|ProjectResourceBundle|org.apache.axis.i18n.resource::handleGetObject(toAxisFault00)
2011-02-18 12:52:59|TP-Processor7|DEBUG|enterprise|Mapping Exception to AxisFault
java.lang.reflect.InvocationTargetException
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)




Comments
Comment by Sebastian Gonzalez Oyuela [ 18/Aug/11 4:38 PM ]
The configured loadByLastAccessTimeQuery property value will not retrieve any expired sessions and therefore
these sessions are never removed from the store. The correct value should be:

loadByLastAccessTimeQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME,
ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE LAST_ACCESS_TIME
&lt; ?"
Note that the WHERE condition was changed to less than instead of equals to.

This will solve most of the problems.

There will still be a time-window between session expiration and actual session cleanup that will produce this error for
any session store. This time-window depends on the sessionmanager's sessionMonitorInterval property value, default
to 10 seconds.
Comment by Sebastian Gonzalez Oyuela [ 18/Aug/11 4:53 PM ]
Changing org.josso.gateway.signon.LoginAction.canRelay method to the following solves the problem:

     SSOSession s = SSOContext.getCurrent().getSession();
     return s!= null && s.isValid();
[JOSSO-264] When attempting to "activate" a JBoss 5.x Service provider
using "Reactivate" box, an error is thrown that says "Unsupported
platform jb5" Created: 22/Feb/11 Updated: 12/Aug/11 Resolved: 23/Feb/11
Status:                Closed
Project:               JOSSO
Component/s:           JBoss 5.0 Agent
Affects Version/s:     JOSSO 2.0.2
Fix Version/s:         JOSSO 2.1.0

Type:                  Bug                                 Priority:              Major
Reporter:              Gianluca Brigandi                   Assignee:              Dejan Maric
Resolution:            Fixed                               Votes:                 0

Sub-Tasks:             Key                     Summary                 Type       Status        Assignee
                       JOSSO-266               Create snapshot         Sub-task   Closed        Dejan Maric
                                               based on JOSSO
                                               2.0.2 ...

Comments
Comment by Dejan Maric [ 23/Feb/11 8:55 AM ]
JBoss 5.x activation enabled.
[JOSSO-263] Do not submit a heart-beat (i.e. access session) event for
every request the Agent handles. Heart-beat events should be submitted
within a specified time interval. Created: 16/Feb/11 Updated: 12/Aug/11 Resolved: 17/Feb/11
Status:               Closed
Project:              JOSSO
Component/s:          Apache HTTP 2.2 Agent
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.4

Type:                 Improvement                       Priority:              Blocker
Reporter:             Gianluca Brigandi                 Assignee:              Goran Nastov
Resolution:           Fixed                             Votes:                 0


Description
For every heart-beat event that has been submitted store the corresponding timestamp using an http cookie (e.g.
LAST_ACCESS_TS. If the heart-beat timeout has not been reached do not submit the heart-beat event (e.g. access
session).
[JOSSO-262] Do not refresh user and entitlement information from the
JOSSO Gateway. For now, store such information in a base64-encoded
cookie value identified as "JOSSO_SECURITY_CONTEXT". Created: 16/Feb/11
Updated: 12/Aug/11 Resolved: 17/Feb/11
Status:                Closed
Project:               JOSSO
Component/s:           Apache HTTP 2.2 Agent
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.4

Type:                  Improvement                    Priority:             Blocker
Reporter:              Gianluca Brigandi              Assignee:             Goran Nastov
Resolution:            Fixed                          Votes:                0


Comments
Comment by Goran Nastov [ 02/Mar/11 6:12 PM ]
Implemented user/entitlement caching using Apache shared memory (cookie based caching removed).
[JOSSO-261] Test Connection and Test Query not working Created: 14/Feb/11
Updated: 27/Oct/12 Resolved: 15/Feb/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 2.0.2
Fix Version/s:          None

Type:                   Bug                                  Priority:              Major
Reporter:               Marshal Jayason                      Assignee:              Gianluca Brigandi
Resolution:             Fixed                                Votes:                 0
Environment:            Windows 7


Description
I create a DB Identity source

Name : DB-ID1
Driver: JDBC ODBC Bridge
connection url : jdbc:mysql://localhost:3306/test_db
username=xyz
password=xyz

and clicked Test Connection. I didnt get any response. I'm using MySQL not sure whether I should give a different
driver. Drop down is showing only one item though

Thank You
Marshal

Comments
Comment by Marshal Jayason [ 15/Feb/11 2:05 PM ]
I forgot to mention that I'm facing this issue while using Josso2 visual designer
Comment by Gianluca Brigandi [ 15/Feb/11 3:05 PM ]
Make sure that :
* The MySQL ODBC driver is installed in the host running JOSSO2
* A DSN (Data Source Name) for the database holding user and entitlement tables has been setup

The connection URL should have the following format :
jdbc:odbc:DSN[;user=xxx][;password=xxx]
Comment by Marshal Jayason [ 15/Feb/11 3:40 PM ]
How to ensure MySQL ODBC driver is installed in the host running JOSSO2 ?
Comment by Gianluca Brigandi [ 16/Feb/11 6:50 AM ]
Go to your control panel then Administrative Tools > Data Sources(ODBC)
Preview

The System DSN tab should show the MySQL entry.

For more information refer to Microsoft official documentation.



Comment by Srdjan [ 27/Oct/12 7:01 AM ]
Hello,
I have the same problem, when I click test database I don't get any action at all, not any error or response, like
program is dead.
I have tried mysql and sql server connection trough ODBC Data Source Administrator and test was successful.
Can you help me please.

Thanks,

Srdjan
[JOSSO-260] Support Apache Tomcat 7.0.8 and newer Created: 11/Feb/11   Updated:
12/Aug/11 Resolved: 14/Feb/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.3
Fix Version/s:         JOSSO 1.8.4

Type:                  New Feature         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Goran Nastov
Resolution:            Fixed               Votes:      0
[JOSSO-259] Support excluding specific types of resources from being
handled by the JOSSO Agent for Apache Web Server Created: 11/Feb/11 Updated:
12/Aug/11 Resolved: 11/Feb/11
Status:                Closed
Project:               JOSSO
Component/s:           Apache HTTP 2.2 Agent
Affects Version/s:     JOSSO 1.8.3
Fix Version/s:         JOSSO 1.8.4

Type:                  Improvement                       Priority:                Major
Reporter:              Gianluca Brigandi                 Assignee:                Goran Nastov
Resolution:            Fixed                             Votes:                   0


Description
Ignored (aka excluded) resources should be specified using a regular expression

Comments
Comment by Goran Nastov [ 11/Feb/11 3:06 PM ]
Example of configuring ignored resources:

IgnoredResource "images/.*"
IgnoredResource "css/.*"
[JOSSO-258] Not able to launch Josso2 atricore-console Created: 08/Feb/11
Updated: 12/Aug/11 Resolved: 08/Feb/11
Status:                 Closed
Project:                JOSSO
Component/s:            Atricore Console
Affects Version/s:      JOSSO 2.0.2
Fix Version/s:          None

Type:                   Bug                                   Priority:               Major
Reporter:               Marshal Jayason                       Assignee:               Gianluca Brigandi
Resolution:             Fixed                                 Votes:                  0
Environment:            Windows 7

Attachments:                atricore.log

Description
1) Downloaded Josso2.
2) Ran atricore.bat from bin

C:\JOSSO2_HOME\bin>atricore.bat
The system cannot find the file specified.
The system cannot find the file specified.
     __ _____ _____ _____ _____ ___
  __| | | __| __| | |_ |
 | | | | |__ |__ | | | | _|
 |_____|_____|_____|_____|_____| |___|

 JOSSO 2 (2.0.2)
 Atricore Console (1.0.0-m3) http://localhost:8081/atricore-console/
 Atricore Identity Bus (1.0.1)

 Apache Felix Karaf (1.6.0)


Hit '<tab>' for a list of available commands
and '[cmd] --help' for help on a specific command.

Hit '<ctrl-d>' or type 'osgi:shutdown' to shutdown Atricore Identity Bus.

karaf@josso2>
karaf@josso2> 2011-02-08 15:59:59.479 GMT : Apache Derby Network Server - 10.5.
ed and ready to accept connections on port 1527
IDBus Identity Mediation Unit 'idau-default' started in 561ms

4) I copied the url http://localhost:8081/atricore-console/ and tried it on a browser expecting the atricore-console GUI.
Didnt work.

Please let me know if I'm missing any step here

Comments
Comment by Gianluca Brigandi [ 08/Feb/11 10:26 AM ]
Looks like that port 8081 is already in use by another application, hence the JOSSO2 web container cannot be bound
to it
...
11:08:49,097 | INFO | guration Updater | JettyServerImpl | e.jetty.internal.JettyServerImpl 72 | 90 -
org.ops4j.pax.web.pax-web-jetty - 0.7.2 | Pax Web available at [0.0.0.0]:[8081]
11:08:49,113 | WARN | guration Updater | NIOSocketConnectorWrapper | ternal.NIOSocketConnectorWrapper 45 |
90 - org.ops4j.pax.web.pax-web-jetty - 0.7.2 | Connection on port 8081 cannot be open. Reason: Address already in
use: bind
...

Either make sure that port 8081 is not taken upon starting up JOSSO2 or bind to a different address or change
JOSSO2's default PAX Web Container port to one that is not taken
Comment by Marshal Jayason [ 08/Feb/11 10:45 AM ]
Thank You for the quick response

How to change JOSSO2's default PAX Web Container port ?
Comment by Gianluca Brigandi [ 08/Feb/11 11:12 AM ]
in the $JOSSO2_HOME/etc/org.ops4j.pax.web.cfg descriptor, set the org.osgi.service.http.port property value to the
preferred PAX Web TCP/IP port and restart.
Comment by Marshal Jayason [ 08/Feb/11 11:23 AM ]
It is working. Thanks a lot. I'll follow the video to do next.

I have aquestion regarding Josso's Capability

I have a portal application that has userid-1 for User A and another child application (accessed from portal) that has
userid-2 for User A. Can I apply single sign on using Josso in such a scenario. Could you please brief the approach.
Portal uses database and child app(COTS) uses LDAP.

Thank You for the Help
Comment by Gianluca Brigandi [ 08/Feb/11 12:42 PM ]
Your type of scenarios are supported whereas more detail would be needed. Please submit this to the sourceforge
help forum or contact Atricore (www.atricore.com) in case commercial support is preferred.
[JOSSO-257] Implement ISAPI Agent installation Created: 25/Jan/11                                Updated: 12/Aug/11
Resolved: 27/Jan/11
Status:                    Closed
Project:                   JOSSO
Component/s:               ISAPI Agent
Affects Version/s:         None
Fix Version/s:             JOSSO 1.8.4

Type:                      New Feature                       Priority:             Major
Reporter:                  Sebastian Gonzalez Oyuela         Assignee:             Dusan Fisic
Resolution:                Fixed                             Votes:                0


Description
The installer should get the following parameters:

platform (-p) : iis, iis-x64

target (-t) : folder where agent will be installed.

The target folder should contain the following elements after install:

bin/JOSSOIsapiAgent.dll
log/
config/josso-agent-config.ini
config/*.reg

The registry update files should be generated using the proper path, taken from the target parameter.

If possible, permissions should be added to IIS user on folder / files as necessary. The user name should be optional
argument, default to W2003 IIS user.




Comments
Comment by Dusan Fisic [ 27/Jan/11 2:57 PM ]
Implemented, documentation on
http://www.josso.org/confluence/display/JOSSO1/Setup+JOSSO+Agent+-+ISAPI
[JOSSO-256] You don't have permission to access josso_security_check
on this server. Created: 24/Jan/11 Updated: 12/Aug/11 Resolved: 11/Feb/11
Status:                   Closed
Project:                  JOSSO
Component/s:              Apache HTTP 2.2 Agent
Affects Version/s:        JOSSO 1.8.3
Fix Version/s:            JOSSO 1.8.4

Type:                     Bug                                    Priority:                 Major
Reporter:                 Eric Blix                              Assignee:                 Goran Nastov
Resolution:               Work as Designed                       Votes:                    0
Environment:              apache-httpd-2.2.17
                          apache-tomcat-6.0.29

Attachments:                  httpd.conf

Description
While upgrading to 1.8.3 I started getting the following error.

Forbidden
You don't have permission to access /manager/html/josso_security_check on this server.

Debug showed the following.

[Mon Jan 24 10:28:29 2011] [debug] mod_auth_josso.c(726): [client 127.0.0.1] Soap error... error code: [3], error
message: [(null)], referer:
https://localhost/josso/signon/login.do?josso_partnerapp_host=localhost&josso_partnerapp_ctx=/manager/html&joss
o_back_to=https://localhost:443/manager/html/josso_security_check
[Mon Jan 24 10:28:29 2011] [debug] mod_auth_josso.c(540): [client 127.0.0.1] Outbound relaying failed for assertion
id [882292A07E9CAA32], no Principal found., referer:
https://localhost/josso/signon/login.do?josso_partnerapp_host=localhost&josso_partnerapp_ctx=/manager/html&joss
o_back_to=https://localhost:443/manager/html/josso_security_check

I've attached a sample config file to demonstrate the issue.



Comments
Comment by Eric Blix [ 24/Jan/11 1:05 PM ]
You indicate this is resolved in JOSSO 1.8.4. Do you have a eta on a JOSSO 1.8.4 beta or a JOSSO 1.8.4 full
release?

Thanks.
Comment by Goran Nastov [ 25/Jan/11 10:12 AM ]
I'm not sure if it's already fixed (I'll have to test it), it's just planned to be fixed for 1.8.4 release. I don't know when
1.8.4 is planned to be released but you could always get the latest Apache agent from JOSSO1 git (git clone
git://josso.git.sourceforge.net/gitroot/josso/josso1).
Comment by Goran Nastov [ 09/Feb/11 2:09 PM ]
Did you upgrade the gateway to 1.8.3?
Comment by Eric Blix [ 09/Feb/11 2:19 PM ]
Yes, both the agent and gateway are 1.8.3. Both created from the ground up with the only changes to the gateway
being the visual appearance and back end that we use to store the user name and passwords.
Even with the GatewayLoginUrl and GatewayLogoutUrl using https if I change the GatewayEndpoint to port 80 the
issue goes away.
Comment by Goran Nastov [ 09/Feb/11 4:50 PM ]
It looks like a problem with back channel communication (web service calls) when using SSL.

1) You built josso apache agent with openssl support, right (using --enable-openssl as argument when calling
configure)?

2) You have to set additional josso apache module config parameters:

 GatewayEndpointSSLEnable On
 EnableGatewayAuthentication On

 and probably also SSLServerCertFile or SSLServerCertDir (if server authentication is required)

 SSLServerCertFile "path to cacert file containing trusted certificates (needed to verify server)"
 SSLServerCertDir "capath to directory with trusted certificates"

3) Maybe you could also try the latest josso apache agent from git, I think it contains some small changes regarding
SSL.
Comment by Eric Blix [ 10/Feb/11 10:12 AM ]
I configured the server using the following command.

export APACHE_VERSION=2.2.17
export APACHE_HOME=/usr/share/apache-httpd-$APACHE_VERSION
./configure --prefix=$APACHE_HOME --enable-deflate --enable-ssl --disable-auth-digest --enable-mods-shared=most
--with-included-apr

I added the additional josso apache module config parameters. My altered config files now looks like:

 <LocationMatch "/manager">
  AuthType JOSSO
  AuthName "Manager"
  Require role "JossoUser"
  GatewayEndpoint "localhost" 443

    GatewayEndpointSSLEnable On
    EnableGatewayAuthentication On
    SSLServerCertFile "/usr/share/apache-httpd-2.2.17/conf/server.crt"
# or
# SSLServerCertDir "/usr/share/apache-httpd-2.2.17/conf"

   GatewayLoginUrl "https://localhost/josso/signon/login.do"
   GatewayLogoutUrl "https://localhost/josso/signon/logout.do"
 </LocationMatch>

The additional parameters did not make a difference. I am still getting the permissions error.

I am willing to try other suggestions. Otherwise I will continue to use the unsecured port 80 until the next release of
JOSSO.

Thanks,
Eric
Comment by Eric Blix [ 10/Feb/11 10:26 AM ]
Just a note. I know this is a misconfigured config but I thought I would pass this on.

Switching back to port 80 I made the following change. "GatewayEndpoint localhost 443" to "GatewayEndpoint
localhost 80" which looked like the following:

 <LocationMatch "/manager">
   AuthType JOSSO
   AuthName "Manager"
   Require role "JossoUser"
   GatewayEndpoint "localhost" 80

    GatewayEndpointSSLEnable On
    EnableGatewayAuthentication On
    SSLServerCertFile "/usr/share/apache-httpd-2.2.17/conf/server.crt"
# or
# SSLServerCertDir "/usr/share/apache-httpd-2.2.17/conf"

   GatewayLoginUrl "https://localhost/josso/signon/login.do"
   GatewayLogoutUrl "https://localhost/josso/signon/logout.do"
 </LocationMatch>

I got the same permission error until I commented out the GatewayEndpointSSLEnable parameter. Which looked like
the following:

 <LocationMatch "/manager">
  AuthType JOSSO
  AuthName "Manager"
  Require role "JossoUser"
  GatewayEndpoint "localhost" 80

   # GatewayEndpointSSLEnable On
    EnableGatewayAuthentication On
    SSLServerCertFile "/usr/share/apache-httpd-2.2.17/conf/server.crt"
# or
# SSLServerCertDir "/usr/share/apache-httpd-2.2.17/conf"

   GatewayLoginUrl "https://localhost/josso/signon/login.do"
   GatewayLogoutUrl "https://localhost/josso/signon/logout.do"
 </LocationMatch>


For what is worth.

Eric
Comment by Goran Nastov [ 10/Feb/11 4:17 PM ]
You had to comment out GatewayEndpointSSLEnable (when switching back to port 80) because web service
endpoint URLs are created using https (not http) when that's enabled.

I managed to reproduce the error (but with different soap error code) e.g. when I used invalid certificate file, but when
I used the right one the error was gone (in josso 1.8.3).

Your configuration now looks good. Make sure that server.crt is in PEM format.

Also, I'm not sure that you build the josso apache agent correctly. Can you rebuild it and reinstall it? Here's the
example:

1) cd /path/to/josso-apache22-agent

2) ./makemake

3) ./configure --with-apache-include=/usr/include/httpd --with-apr-include=/usr/include/apr-1 --enable-openssl

If it fails to automatically discover openssl then you can use the following optional arguments:

--with-openssl-includes=/path/to/ssl/includes
--with-openssl-libs=/path/to/ssl/libs
--with-openssl=/path/to/ssl/base
--with-pkg-config=/path/to/pkg-config

Note: use --enable-openssl, not --enable-ssl or similar.

4) make

5) apxs -i -a -n auth_josso mod_auth_josso/.libs/libmod_auth_josso.so

Hope this helps,

Goran
Comment by Eric Blix [ 11/Feb/11 6:30 AM ]
That appears to fix it. I did have the --enable-openssl argument set but it appears I also needed the additional four
arguments.


Original command:

./configure --enable-openssl --with-apache-include=/usr/share/apache-httpd-2.2.17/include --with-
apr=/usr/share/apache-httpd-2.2.17/bin/apr-1-config --with-apr-include=/usr/share/apache-httpd-2.2.17/include


The command that worked after I added the four arguments:

./configure --enable-openssl --with-apache-include=/usr/share/apache-httpd-2.2.17/include --with-
apr=/usr/share/apache-httpd-2.2.17/bin/apr-1-config --with-apr-include=/usr/share/apache-httpd-2.2.17/include --with-
openssl-includes=/usr/include/openssl --with-openssl-libs=/usr/lib64 --with-openssl=/usr/bin --with-pkg-
config=/etc/pki/tls


Thanks for your assistance.
Eric
[JOSSO-255] java.lang.RuntimeException: Outbound relaying failed. No
Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:532)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.ja
va:286) Created: 20/Jan/11 Updated: 23/Aug/11 Resolved: 26/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          None

Type:                   Bug                                Priority:               Major
Reporter:               bb narasimhulu                     Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Work as Designed                   Votes:                  0


Description
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:532)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
java.lang.Thread.run(Thread.java:619)




Comments
Comment by Sebastian Gonzalez Oyuela [ 26/Jan/11 11:37 AM ]
Make sure that the agent configuration is correct for the environment
Comment by Jeff Jensen [ 23/Aug/11 4:21 PM ]
I don't think this is WAD... See "Known issues" on this page: http://russdavidson.blogspot.com/2010/09/installing-
josso-on-tomcat-6-and-centos.html
In summary, JOSSO activation does not update tomcat6.conf to include jaas.conf.

I had to to this step today for a new install of JASSO2.
[JOSSO-254] NPE caused by jboss 5.1 agent when josso after login
redirects back to partnerapp Created: 16/Jan/11 Updated: 18/Jan/12 Resolved: 26/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 5.0 Agent
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          None

Type:                   Bug                                 Priority:             Major
Reporter:               Giovanni Marigi                     Assignee:             Sebastian Gonzalez Oyuela
Resolution:             Duplicate                           Votes:                0
Environment:            JBoss 5.0 - Josso 1.8.3 - Ubuntu 10.10


Description
I'm facing a serious bug with josso configured for JBoss 5.0.

My configuration
Josso 1.8.3
JBoss AS 5.0
Josso gateway installed on jboss
Josso agent for partener apps deployed on JBoss AS 5.0
Josso identity store: mysql 5.1

It seems to be the same issue already opened and closed: JOSSO-218

When Josso after a successfully login redirects back to a partner app, a NPE occurs with a blank jsp page and this
url:
http://&lt;domain_name&gt;/partnerapp/josso_security_check?josso_assertion_id=5F92A6D9A466EFC2

Stack Trace:

12:43:55,658 ERROR [JaasHttpSSOAgent] java.lang.NullPointerException
at org.josso.agent.http.SSOGatewayHandler.handle(SSOGatewayHandler.java:57)
at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:955)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:951)
at org.josso.jaspi.agent.SSOGatewayLoginModule.login(SSOGatewayLoginModule.java:118)
at org.josso.jb5.agent.JBossSSOGatewayLoginModule.login(JBossSSOGatewayLoginModule.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.josso.agent.http.JaasHttpSSOAgent.authenticate(JaasHttpSSOAgent.java:68)
at org.josso.agent.AbstractSSOAgent.execute(AbstractSSOAgent.java:378)
at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:291)
at org.josso.jaspi.agent.JASPISSOAuthModule.validateRequest(JASPISSOAuthModule.java:350)
at
org.jboss.security.auth.message.config.JBossServerAuthContext.invokeModules(JBossServerAuthContext.java:172)
at
org.jboss.security.auth.message.config.JBossServerAuthContext.validateRequest(JBossServerAuthContext.java:142
)
at
org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isValid(JASPIServerAuthenticationManager.java:
79)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.authenticate(JOSSOJASPIAuthenticator.java:195)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.invoke(JOSSOJASPIAuthenticator.java:111)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:
126)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:7
0)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)

Comments
Comment by Giovanni Marigi [ 17/Jan/11 1:12 AM ]
the same happens even with a gateway installed on apache tomcat
Comment by Sebastian Gonzalez Oyuela [ 26/Jan/11 11:40 AM ]
See JOSSO-218
Comment by senthil [ 18/Jan/12 10:59 AM ]
Hello,

I have the same issue with Josso 1.8.5. We would like to communicate the web services call through load balancer.
So we made a changes in josso-agent-config.xml

<protocol:ws-service-locator endpoint="domainName:8443" servicesWebContext ="WebContextsso" />.

In case if i provide IP address of the Josso gateway its working perfect. But i want to work this with trusted load
balancer.

Please help me to resolve this.

Thanks in advance.
[JOSSO-253] Test JOSSO Isapi Agent event logs in W2008 (32 / 64) Created:
09/Jan/11 Updated: 12/Aug/11 Resolved: 12/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.4

Type:                   Task                                Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Dejan Maric
Resolution:             Work as Designed                    Votes:                  0


Description
Looks like messages are not reported (My guess is that this is only a configuration issue)
[JOSSO-252] Store PCRE project changes Created: 09/Jan/11        Updated: 12/Aug/11 Resolved:
14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.4

Type:                Task                        Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-251] HttpExtensionProc::JOSSOIsapiPlugin.cpp (424): No
original resource Created: 05/Jan/11 Updated: 12/Aug/11 Resolved: 12/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.4

Type:                   Bug                             Priority:       Major
Reporter:               Sebastian Gonzalez Oyuela       Assignee:       Dejan Maric
Resolution:             Cannot Reproduce                Votes:          0

Attachments:               josso_isapi.zip

Description
From isapi agent log:

> [Tue Dec 14 19:54:12.086 2010] [6160:4156] [error]
> HttpExtensionProc::JOSSOIsapiPlugin.cpp (424): No original resource
> received!
[JOSSO-250] can not redirect to JOSSO Gateway Created: 24/Dec/10                                     Updated: 24/Dec/10
Status:                 Open
Project:                JOSSO
Component/s:            JBoss 5.0 Agent
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          None

Type:                   Bug                                  Priority:               Major
Reporter:               Micheal Nghe                         Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                           Votes:                  0


Description
I have
- JOSSO Gateway install in Tomcat6
- JOSSO Agent install in Jboss 5

- I downloaded josso_console application (Seam Application) and deloy in Jboss 5 (the same web container with
josso agent)

When I login http://localhost:8080/josso_console -> It will redirect to http://localhost:8080/josso_console/josso_login
and nothing show up

I run sample http://localhost:8080/partnerapp -> It's ok
[JOSSO-249] PHP Agent does not support latest WS protocol that
requires 'requestor' paramenter in operations Created: 19/Nov/10 Updated: 12/Aug/11
Resolved: 26/Nov/10
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       None
Fix Version/s:           JOSSO 1.8.4

Type:                    Bug                               Priority:               Major
Reporter:                Sebastian Gonzalez Oyuela         Assignee:               Dusan Fisic
Resolution:              Fixed                             Votes:                  0


Description
The value of the 'requestor' parameter must be configured by the user in PHP Agent config file.

Comments
Comment by Dusan Fisic [ 19/Nov/10 1:00 PM ]
Checked in Josso version 1.8.4 and 'requester' parameter is passed to gateway successfully from php agent.
(checked with debugger also).
This is probably already covered with JOSSO-196.
Comment by Dusan Fisic [ 22/Nov/10 1:43 PM ]
Not working with josso 2.0.1.
Comment by Dusan Fisic [ 26/Nov/10 12:44 PM ]
fixed, it is now working in josso 2.0.1.
[JOSSO-248] JOSSO + PHP: SoapFault exception Created: 15/Nov/10                                      Updated: 12/Aug/11
Resolved: 12/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            PHP Agent
Affects Version/s:      JOSSO 1.8.3
Fix Version/s:          JOSSO 1.8.4

Type:                   Bug                                 Priority:                  Critical
Reporter:               Marco Nobler                        Assignee:                  Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                     0
Environment:            Windows XP, Tomcat 6 with JOSSO 1.8.3 GW deployed, XAMPP with PHP agent and
                        sample app, Apache Directory Server on localhost


Description
Hi Support Team,
i tried to install JOSSO Agent for PHP and excute the sample application. It seems that Agent crash on Soap
feedback from JOSSO GW:

I have a single Windows Host with a Tomcat instance (listening on 8080) for the JOSSO GW and an Apache/PHP
(XAMPP) where i installed the PHP Agent and the sample app.
any help would be appreciated.

When i recall the sample app, i'm prompted for credentials and then it crash:
1. in the gw log i see:

INFO: Fri Nov 12 12:36:05 CET 2010 - sso-user - info - user1 - authenticationSuc cess=success -
authScheme=basic-authentication,ssoSessionId=5F62295BBD63E7BCA40A
1EA9EFBD6407

2. in browser i see: (this is the URL dislpayed: http://localhost/josso-php-partnerapp/josso-security-
check.php?josso_assertion_id=A688F83D1C355CBA)
Fatal error: Uncaught SoapFault exception: [Client] SoapClient::SoapClient() [<a
href='soapclient.soapclient'>soapclient.soapclient</a>]: Invalid parameters in C:\xampp\php\PEAR\josso-php-
inc\class.jossoagent.php:703 Stack trace: #0 C:\xampp\php\PEAR\josso-php-inc\class.jossoagent.php(703):
SoapClient->SoapClient('http://localhos...&#39;, false, '', '', '', '') #1 C:\xampp\php\PEAR\josso-php-
inc\class.jossoagent.php(521): jossoagent->getIdentityProvdierSoapClient() #2 C:\xampp\htdocs\josso-php-
partnerapp\josso-security-check.php(37): jossoagent->resolveAuthenticationAssertion('A688F83D1C355CB...') #3
{main} thrown in C:\xampp\php\PEAR\josso-php-inc\class.jossoagent.php on line 703

Is there something i can do?
Many thanks.
Marco



Comments
Comment by Sebastian Gonzalez Oyuela [ 12/Jan/11 9:28 AM ]
It's solved in latest JOSSO 1.8.4 SNAPSHOT version.
Comment by Stanislaw [ 21/May/11 4:28 AM ]
In 1.8.4 version I've just downloaded it still exists!
It's about calling php soapclient instead of nusoap nusoap_client - that's my guess.
Please reopen and fix it.

Take care!
szegad
[JOSSO-247] Client-side agent for applets Created: 12/Nov/10     Updated: 12/Aug/11 Resolved:
14/Jul/11
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.4

Type:                New Feature                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:          Fixed                       Votes:      0
[JOSSO-246] Provide ISAPI Agent support for 64bit platforms Created: 05/Nov/10
Updated: 12/Aug/11 Resolved: 12/Jan/11
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     JOSSO 1.8.3
Fix Version/s:         JOSSO 1.8.4

Type:                  Improvement                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Dejan Maric
Resolution:            Fixed                              Votes:                 0


Description
The current JOSSO Visual Studio solution has a x86_64 profile that needs to be tested
[JOSSO-245] Implement SSL support for SOAP messages exchange
(ISAPI Agent) Created: 05/Nov/10 Updated: 12/Aug/11 Resolved: 09/Dec/10
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     JOSSO 1.8.3
Fix Version/s:         JOSSO 1.8.4

Type:                  Improvement                      Priority:     Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:     Dejan Maric
Resolution:            Fixed                            Votes:        0


Description
This will probably require building GSOAP w/Open SSL in ISAPI Agent

Comments
Comment by Dejan Maric [ 09/Dec/10 8:16 AM ]
Added SSL support for SOAP messages exchange in ISAPI agent.
[JOSSO-244] Null Pointer Exception Created: 26/Oct/10                           Updated: 12/Aug/11 Resolved: 27/Oct/10
Status:                   Closed
Project:                  JOSSO
Component/s:              None
Affects Version/s:        JOSSO 2.0.0
Fix Version/s:            JOSSO 2.0.1

Type:                     Bug                                  Priority:              Minor
Reporter:                 HeeChul Choi                         Assignee:              Sebastian Gonzalez Oyuela
Resolution:               Duplicate                            Votes:                 0
Environment:              Ubuntu 10.10 ( and also Mac OS X Snow Leopard (10.6.4) )

Attachments:                 atricore.log

Description
When I tried to run ./bin/atricore , some of atricore service is not started.

Plz check the log file.

Thanks.

Comments
Comment by Sebastian Gonzalez Oyuela [ 27/Oct/10 6:01 PM ]
Looks like JOSSO-242 , resolved in 2.0.1
[JOSSO-243] Cannot update user password using console 'Modify User'
option Created: 26/Oct/10 Updated: 12/Aug/11 Resolved: 26/Oct/10
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 2.0.1

Type:                Bug                         Priority:   Critical
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-242] Datanucleus CLASSPATH Exception thrown when
accessing accounts and entitlements for the first time. Created: 22/Oct/10           Updated:
12/Aug/11 Resolved: 26/Oct/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 2.0.1

Type:                   Bug                         Priority:   Critical
Reporter:               Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                       Votes:      0
JOSSO Agent Session Cookies are not marked as 'secure' when using secure server connections (JOSSO-239)


  [JOSSO-241] Create secure SSO Session cookies for secure requests
in non-java agents Created: 23/Sep/10 Updated: 12/Aug/11 Resolved: 29/Dec/10
Status:                    Closed
Project:                   JOSSO
Component/s:               Apache HTTP 2.2 Agent, ISAPI Agent, PHP Agent
Affects Version/s:         None
Fix Version/s:             JOSSO 1.8.4

Type:                      Sub-task                                  Priority:   Critical
Reporter:                  Sebastian Gonzalez Oyuela                 Assignee:   Dusan Fisic
Resolution:                Fixed                                     Votes:      0


 Comments
Comment by Dusan Fisic [ 27/Dec/10 1:27 PM ]
Already implemented for apache22 and php agent.

Possible solution for ISAPI Agent could be changing

SSOAgentResponse::setCookie(string name, string value, string path) {

...

      string https = req->getServerVariable("HTTPS", MAX_HEADER_SIZE);

      if(name=="JOSSO_SESSIONID" &&
        https == "on" || https == "ON" ? "https://" : "http://") {
           cookie.append(";Secure;");
      }

...
}

Comment by Dejan Maric [ 29/Dec/10 9:08 AM ]
Secure cookies implemented for ISAPI agent.
[JOSSO-240] Fall back to JOSSO Basic authentication when NTLM authn
fails Created: 23/Sep/10 Updated: 12/Aug/11 Resolved: 23/Sep/10
Status:              Closed
Project:             JOSSO
Component/s:         NTLM Auth Scheme, SSO Gateway
Affects Version/s:   JOSSO 1.8.2
Fix Version/s:       JOSSO 1.8.3

Type:                Improvement                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-239] JOSSO Agent Session Cookies are not marked as 'secure'
when using secure server connections Created: 10/Sep/10 Updated: 12/Aug/11 Resolved:
23/Sep/10
Status:                   Closed
Project:                  JOSSO
Component/s:              Alfresco Agent, JBoss 3.2 Agent, JBoss 4.0 Agent, JBoss 4.2 Agent, JBoss 5.0 Agent, JBoss
                          6.0 Agent, JBoss Portal Agent, Liferay Portal Agent, Tomcat 5.0 Agent, Tomcat 5.5 Agent,
                          Tomcat 6.0 Agent, Weblogic 10 Agent, Weblogic 9.2 Agent, Websphere CE 2.1 Agent
Affects Version/s:        JOSSO 1.8, JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:            JOSSO 1.8.3

Type:                     Bug                                Priority:               Critical
Reporter:                 Jon French                         Assignee:               Sebastian Gonzalez Oyuela
Resolution:               Fixed                              Votes:                  0

Sub-Tasks:                Key                 Summary                    Type         Status       Assignee
                          JOSSO-241           Create secure SSO      Sub-task         Closed       Dusan Fisic
                                              Session cookies for...

Description
I'm putting this issue in as a critical bug because I feel that it is relatively serious. The JOSSO SSO cookies created
by HttpSSOAgent#newJossoCookie are not set to "secure" by default. This means that the cookie will be transported
over ssl and non-ssl connections. The non-ssl transport is usually undesirable because it can be snooped. I've
patched my JOSSO 1.7 org.josso.tc55.agent.SSOAgentValve like so:

457 cookie = _agent.newJossoCookie(request.getContextPath(), entry.ssoId);
458 if (request.isSecure()) cookie.setSecure(true);
459 hres.addCookie(cookie);

.. but I feel that the secure conditional check should probably be ported to the HttpSSOAgent#newJossoCookie
method so it can apply to all Valves:

   public Cookie newJossoCookie(String path, String value, boolean secure) {

     // Some browsers don't like cookies without paths. This is useful for partner applications configured in the root
context
     if (path == null || "".equals(path))
         path = "/";

      ssoCookie.setSecure(secure);

      Cookie ssoCookie = new Cookie(org.josso.gateway.Constants.JOSSO_SINGLE_SIGN_ON_COOKIE, value);
      ssoCookie.setMaxAge(-1);
      ssoCookie.setPath(path);

      // TODO : Check domain
      //ssoCookie.setDomain(cfg.getSessionTokenScope());

      return ssoCookie;
  }




Comments
Comment by Jon French [ 10/Sep/10 1:42 PM ]
I forgot to thank odds'n'sods for their helpful post related to this issue:
http://edeustace.wordpress.com/2010/07/09/adding-the-httponly-cookie-to-a-java-webapp-and-josso/
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/10 10:18 AM ]
JOSSO SSO Agent created cookies will honor the request secure state. You need to make sure to access the
application using a secure connection.
[JOSSO-238] Invalid message while authenticate via ldap Created: 23/Aug/10
Updated: 22/Oct/10
Status:                  Open
Project:                 JOSSO
Component/s:             LDAP Identity Store
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           None

Type:                    Bug                              Priority:             Major
Reporter:                dakishin                         Assignee:             Sebastian Gonzalez Oyuela
Resolution:              Unresolved                       Votes:                1


Description
I use the schema bind-authscheme to connect to LDAP. If the user enters the is not correct login JOSSO shows an
error "No DN found for user% username%".
This is a security hole.
How to make JOSSO showed "Invalid Authentication Information"?



Comments
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/10 10:26 AM ]
We need to test this in 1.8.2 version, there were changes to LDAP support.
Comment by dakishin [ 23/Sep/10 1:02 PM ]
Thank you, I look forward to it.
[JOSSO-237] ISAPI Agent on 64bit IIS7 Created: 01/Aug/10                            Updated: 12/Aug/11 Resolved:
12/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.4

Type:                   New Feature                          Priority:               Major
Reporter:               torsten blumreiter                   Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:                  0
Environment:            IIS 7, 64bit


Description
The ISAPI Agent does not run in an IIS7 64bit Environment. I already tried to build the project with the x64 target, but
the linking process fails with some linkage errors regarding the regex library.

Comments
Comment by Vladimir Safin [ 30/Dec/10 8:29 AM ]
When is 1.8.4 planned to be released.
Comment by Pankaj Kumar [ 22/Jun/11 6:20 AM ]
Hi,
I tried to run the ISAPI Agent on IIS7 64bit(intel machine) using the instructions given at
http://www.josso.org/confluence/display/JOSSO1/Setup+JOSSO+Agent+-+ISAPI. When I tried to run the application,
I got the following error message:

HTTP Error 500.0 - Internal Server Error
Calling LoadLibraryEx on ISAPI filter "C:\inetpub\josso\bin\JOSSOIsapiAgent.dll" failed

Investigating further, I found the following message in the windows application event log data:

ISAPI Filter 'C:\inetpub\josso\bin\JOSSOIsapiAgent.dll' could not be loaded due to a configuration problem. The
current configuration only supports loading images built for a AMD64 processor architecture. The data field contains
the error number. To learn more about this issue, including how to troubleshooting this kind of processor architecture
mismatch error, see http://go.microsoft.com/fwlink/?LinkId=29349.

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-IIS-W3SVC-WP" Guid="{670080D9-742A-4187-8D16-41143D1290BD}"
EventSourceName="W3SVC-WP" />
  <EventID Qualifiers="49152">2274</EventID>
  <Version>0</Version>
  <Level>2</Level>
  <Task>0</Task>
  <Opcode>0</Opcode>
  <Keywords>0x80000000000000</Keywords>
  <TimeCreated SystemTime="2011-06-22T11:05:53.000Z" />
  <EventRecordID>355059</EventRecordID>
  <Correlation />
  <Execution ProcessID="0" ThreadID="0" />
  <Channel>Application</Channel>
  <Computer>API-QA</Computer>
  <Security />
  </System>
- <EventData>
  <Data Name="IsapiFilter">C:\acroot\josso\bin\JOSSOIsapiAgent.dll</Data>
  <Data Name="ProcessorArchitecture">AMD64</Data>
  <Binary>C1000000</Binary>
  </EventData>
  </Event>

It would be very kind, if you could help me with the issue.

Thanks

Pankaj
[JOSSO-236] Agent LocalSession instances are never purged Created: 27/Jul/10
Updated: 12/Aug/11
Status:                Open
Project:               JOSSO
Component/s:           Generic Servlet Agent, Weblogic 10 Agent, Weblogic 8.1 Agent, Weblogic 9.2 Agent
Affects Version/s:     JOSSO 1.8.2
Fix Version/s:         JOSSO 1.8.6

Type:                  Bug                                 Priority:               Minor
Reporter:              Sebastian Gonzalez Oyuela           Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Unresolved                          Votes:                  0


Description
The agent filter creates a new Local Session instance per SSO request. This instance is then stored by the agent
until a session destroy event is received. Because this local sessions are never related to the HTTP session, the are
never destroyed.
[JOSSO-235] Support running roles and user properties DIT lookups
using the bind credentials Created: 19/Jul/10 Updated: 12/Aug/11 Resolved: 21/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           LDAP Identity Store
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Improvement                        Priority:               Critical
Reporter:              Gianluca Brigandi                  Assignee:               Goran Nastov
Resolution:            Fixed                              Votes:                  0


Description
When an ldap identity store is configured with no associated credentials, DIT lookups should be performed using the
bind credentials passed on upon authentication is attempted.




Comments
Comment by Goran Nastov [ 21/Jul/10 5:02 PM ]
Set JOSSO LDAP configuration property alwaysUseBindCredentials="true" to perform DIT lookups without
configured LDAP secutiry credentials. This works only with memory session store.
Comment by Goran Nastov [ 23/Jul/10 10:41 PM ]
Refactored ... Roles and User Properties DIT lookups are performed using the bind credentials passed on upon
authentication is attempted and the rest of the lookups are performed using the configured credentials.
[JOSSO-234] Axis wsdl2java problem Created: 13/Jul/10                 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         None

Type:                  Bug                                Priority:       Major
Reporter:              Renat N                            Assignee:       Sebastian Gonzalez Oyuela
Resolution:            Cannot Reproduce                   Votes:          0


Description
{code}
java.net.ProtocolException: Server redirected too many times (20)
...
{code}
[JOSSO-233] Static Logger Initialization of class
org.josso.tc55.agent.jaas.CatalinaSSOUser Created: 08/Jul/10                              Updated: 12/Aug/11 Resolved:
23/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 4.2 Agent
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                  Priority:               Critical
Reporter:               Darcio Lopes Pacifico                Assignee:               Goran Nastov
Resolution:             Cannot Reproduce                     Votes:                  0
Environment:            Ubuntu 9.10, JDK1.6, JBoss 4.2.3, WAR RichFaces application, JOSSO 1.8.1


Description
The "LogFactory.getLog" crashes the static initialization of class CatalinaSSOUser, hiding the real cause of error
without show any trace of real error.

As an workaround, remove commons-logging-1.0.4.jar and commons-logging-api-1.0.4.jar from jboss-
4.2.3.GA/server/<instance>/lib, recover the full SSO availability, without any side-effect at this moment.

I believe that remove the commons-loggin from JBoss 4.2.3 JOSSO instalation or update the commons-logging
version solve the problem.


.....
15:23:00,590 INFO [MemoryIdentityStore] Storing credentials for key : user2
15:23:00,590 INFO [MemoryIdentityStore] Storing credentials for key : tomcat
15:23:00,590 INFO [MemoryIdentityStore] Storing credentials for key : user3
15:23:00,590 INFO [MemoryIdentityStore] Loaded 5 credential sets from : josso-credentials.xml
15:23:00,609 INFO [AUDIT] Thu Jul 08 15:23:00 BRT 2010 - sso-session - info - user1 - createSession=success -
ssoSessionId=9107E1B22C5B6AE9685F0B7E4AEE65AF
15:23:00,609 INFO [AUDIT] Thu Jul 08 15:23:00 BRT 2010 - sso-user - info - user1 - authenticationSuccess=success
- authScheme=basic-authentication,ssoSessionId=9107E1B22C5B6AE9685F0B7E4AEE65AF
15:23:01,173 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
java.lang.NoClassDefFoundError: Could not initialize class org.josso.tc55.agent.jaas.CatalinaSSOUser
at org.josso.jb42.agent.JBossCatalinaRealm.hasRole(JBossCatalinaRealm.java:243)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.hasResourcePermission(JBossSecurityMgrRealm.java:243)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.josso.tc55.agent.SSOAgentValve.invoke(SSOAgentValve.java:688)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:619)



Comments
Comment by Darcio Lopes Pacifico [ 08/Jul/10 8:56 PM ]
In my case, the problem occurs with JOSSO 1.8.2 too, although i haven't find any similar problem on the internet. I
have a VirtualBox VM with the full environment. I can upload an appliance in some place, if you wish.
Comment by Sebastian Gonzalez Oyuela [ 20/Jul/10 8:11 AM ]
Make sure that commons logging is not needed in JBoss 4.2 and update the installer
Comment by Goran Nastov [ 20/Jul/10 10:28 AM ]
When I remove commons-logging (v.1.1.1) there are ClassNotFoundException(s) and JBoss is not starting. I could
remove commons-logging-api jar but commons-logging jar is required.
Also, I am not seeing any error in initializing CatalinaSSOUser (certainly not NoClassDefFoundError) when testing
with the sample partner application (I installed everything using JOSSO installer / latest 1.8.2 snapshot (I also tried
1.8.1)).
[JOSSO-232] Josso 1.8.2 instance setup in Jboss 5.1.X Created: 07/Jul/10                                      Updated:
20/Jul/10 Resolved: 09/Jul/10
Status:                  Closed
Project:                 JOSSO
Component/s:             JBoss 5.0 Agent
Affects Version/s:       JOSSO 1.8.2
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                   Priority:              Major
Reporter:                srinivasan C R                        Assignee:              Gianluca Brigandi
Resolution:              Fixed                                 Votes:                 0
Environment:             OS : Windows XP
                         Server : JBoss 5.1.x
                         JOSSO : Josso1 .8.2

Attachments:                    josso-gateway-db-stores.xml

Description
I am trying to setup a Josso instance(1.8.2) in Jboss 5.1.x. My JBoss 1.5.x will be acting both as gateway and agent
to my initial applications. Using normal hsql Db it worked properly, but when i try to configure a Oracle DB for
authentication , i am getting the following error.
INFO AUDIT Tue Jul 06 10:08:07 IST 2010 - sso-user - info - user - authenticationSuccess=success -
authScheme=basic-authentication,ssoSessionId=3A8ECB3DD0D99339C989BB08A214BF87
ERROR JaasHttpSSOAgent Login Failure: all modules ignored.

I configured the Josso-gateway-db-store.xml to point my Database. Also included imported the data store in Josso-
gateway-config.xml.

Comments
Comment by srinivasan C R [ 07/Jul/10 7:56 AM ]
Does it required to download Josso 1.8.2 [10100] to resolve the issue. If so where can i locate that fix version. could
you please share the link.
Comment by Dusan Fisic [ 09/Jul/10 11:07 AM ]
Checked revision 1629 of branch
https://josso.svn.sourceforge.net/svnroot/josso/josso1/branches/JOSSO_1_8_2_B/
and it's working fine.

I suggest checking-out fresh sources from mentioned link and clean maven build.
Use newly built distribution as installation console, install fresh josso gateway and agent,
try using local-identity-store (from xml) for testing purposes.
Use $JOSSO_SRC/resources/database/oracle scripts for creating josso identity tables.
Keep in mind that no user/roles are defined by executing those scripts,
so this need to be done manually :

insert into JOSSO_ROLE values ('role1','Role 1');
insert into JOSSO_USER values ('user1','7ea2bd72bfc7dabdfecc0b5760ebcf52','User 1','User 1 Description');
insert into JOSSO_USER_PROPERTY values ('user1','Last name','Lastname');
insert into JOSSO_USER_ROLE values ('user1','role1');

Install oracle jdbc driver (ojdbc14.jar) under /jboss-5.0.1/server/default/lib/.
I will attach josso-gateway-db-stores.xml.

Environment:
OS : Linux 2.6.33-ARCH
Server : JBoss 5.1.0 GA
Josso : Josso 1.8.2
OracleDB: oracle-xe-10.2.01-1
Comment by Dusan Fisic [ 09/Jul/10 11:09 AM ]
Provided info for solving in comment.
Comment by srinivasan C R [ 14/Jul/10 8:14 AM ]
Thanks for your help. I am able to resolve the problem.
[JOSSO-229] Certify JOSSO compatibility with JBoss 5.0.1 and 5.1.0
Created: 06/Jul/10 Updated: 20/Jul/10 Due: 14/Jul/10 Resolved: 09/Jul/10
Status:                        Closed
Project:                       JOSSO
Component/s:                   None
Affects Version/s:             JOSSO 1.8.1
Fix Version/s:                 JOSSO 1.8.2

Type:                          Task                                           Priority:                      Critical
Reporter:                      Gianluca Brigandi                              Assignee:                      Gianluca Brigandi
Resolution:                    Fixed                                          Votes:                         0


Comments
Comment by Dusan Fisic [ 09/Jul/10 10:32 AM ]
Tested josso distribution, revision 1629 from
https://josso.svn.sourceforge.net/svnroot/josso/josso1/branches/JOSSO_1_8_2_B/josso
all tests passed on both JBoss 5.0.1 and JBoss 5.1.0.
--------------------------------------------------------------------------------------------------------------------------------
                                 | JBoss 5.0.1 | JBoss 5.1.0
--------------------------------------------------------------------------------------------------------------------------------
Josso Agent install only | passed | passed
(external gataway) | |
--------------------------------------------------------------------------------------------------------------------------------
Josso Agent + Gateway | passed | passed
(local-identity-store) | |
--------------------------------------------------------------------------------------------------------------------------------
Josso Agent + Gateway | passed | passed
(mysql-identity-store) | |
--------------------------------------------------------------------------------------------------------------------------------
Josso Agent + Gateway | passed | passed
(oracle-identity-store) | |
--------------------------------------------------------------------------------------------------------------------------------
[JOSSO-228] Add support for phpBB bulletin board system Created: 06/Jul/10
Updated: 20/Jul/10 Resolved: 06/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature         Priority:   Minor
Reporter:               Gianluca Brigandi   Assignee:   Dusan Fisic
Resolution:             Fixed               Votes:      0
[JOSSO-227] Add STARTTLS support for Ldap connections Created: 18/Jun/10
Updated: 12/Aug/11 Resolved: 22/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            LDAP Identity Store
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature                      Priority:              Minor
Reporter:               Gianluca Brigandi                Assignee:              Goran Nastov
Resolution:             Fixed                            Votes:                 0


Comments
Comment by Goran Nastov [ 22/Jul/10 11:25 PM ]
StartTLS can be enabled using following JOSSO LDAP configuration properties: enableStartTls (true/false),
trustStore (path to trustStore file), trustStorePassword (trustStore password).
Comment by Gianluca Brigandi [ 23/Jul/10 7:36 AM ]
has been tested with OpenLDAP ?
Comment by Goran Nastov [ 23/Jul/10 7:57 AM ]
Yes, I tested it with OpenLDAP.
[JOSSO-226] migrate spring integration to spring 3.0 Created: 14/Jun/10                 Updated:
14/Jun/10
Status:                Open
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         None

Type:                  Improvement                        Priority:   Major
Reporter:              Raymond Domingo                    Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Unresolved                         Votes:      0
Environment:           tomcat, spring3

Attachments:              mySpringWebApp.tgz

Description
Pease add documentation about integrating josso into spring 3.
My example spring 3.0 app is attached.

Seems some package names and properties are changed.

Notice the property:
<property name="checkForPrincipalChanges" value="true"/>
This is needed to reinitialize on a new login after logout.
[JOSSO-225] Support CDSSO with Alfresco 3.3 Created: 01/Jun/10   Updated: 20/Jul/10
Resolved: 30/Jun/10
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 New Feature         Priority:   Major
Reporter:             Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:           Fixed               Votes:      0
[JOSSO-224] josso-default-assertionmgr can prevent JEE server from
shutting down. Created: 01/Jun/10 Updated: 12/Aug/11 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                  Priority:           Major
Reporter:               Josh Stortz                          Assignee:           Goran Nastov
Resolution:             Fixed                                Votes:              0
Environment:            CentOS5, JDK 1.6.0_13, Tomcat 6.0.18


Description
The initialize() method for AssertionManagerImpl creates a non-daemon thread. This will prevent a clean shutdown of
Tomcat or other JEE servers.

Fix should be to call setDaemon(true) on the thread prior to start.

Comments
Comment by Goran Nastov [ 01/Jun/10 2:56 PM ]
This is already fixed in JOSSO 1.8.2 (issue JOSSO-169 - thread is created as a daemon thread).
Comment by Josh Stortz [ 01/Jun/10 2:59 PM ]
Apologies, did not do enough searching before filing.

Thank you!
Support building an authorative source for user information from multiple sources   (JOSSO-219)



   [JOSSO-223] Support expression-based mapping rules Created: 14/May/10
Updated: 20/Jul/10 Resolved: 14/May/10
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Sub-task                       Priority:            Major
Reporter:              Gianluca Brigandi              Assignee:            Gianluca Brigandi
Resolution:            Fixed                          Votes:               0
Support building an authorative source for user information from multiple sources   (JOSSO-219)



   [JOSSO-222] Support script-based mapping rules Created: 13/May/10                              Updated:
20/Jul/10 Resolved: 14/May/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Sub-task                      Priority:            Minor
Reporter:               Gianluca Brigandi             Assignee:            Gianluca Brigandi
Resolution:             Fixed                         Votes:               0
[JOSSO-221] BaseRoleImpl objects increase in memory Created: 11/May/10
Updated: 27/Jul/10 Resolved: 27/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8, JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                Priority:               Major
Reporter:               Andrew Crowe                       Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                              Votes:                  0
Environment:            RHEL 4, Sun Java 1.5, Jboss 4.2.2, also tried on Mac OSX, Apple Java 1.5, Jboss 4.2.2


Description
This was originally posted on the forum the text is,

We are running JBOSS 4.2.2 with JOSSO 1.8, and are having memory issues with JBOSS (Arent we all!)

So to look at what is going on we have a profiling tool (jprofiler) to see where memory and resources are being used
on the server. One candidate that seems to be holding memory is JOSSO.

The "org.josso.gateway.identity.service.BaseRoleImpl" class seems to increase in instances in memory (by 19 each
login/out) every time someone logs in, even if they log out again the memory is not cleared.

The "org.josso.gateway._1.1.protocol.SSORoleType" class also seems to grow in instances in memory (by 17 each
login/out) after each log in/out. Again, these are never cleared.

I have been testing things out, and have changed the session and assertion stores to be be database stores in place
of the memory stores I had, but that doesn't seem to make any difference.

The original post can be seen at : https://sourceforge.net/projects/josso/forums/forum/399715/topic/3700885

This memory leeks needs to be looked at and the leak identified and rectified

Comments
Comment by Andrew Crowe [ 11/May/10 10:39 AM ]
Since raising this issue in the forum I have also tested with JOSSO 1.8.2, and that also has the same issue.
Comment by Sebastian Gonzalez Oyuela [ 27/Jul/10 7:59 AM ]
Keep in mind that JBoss keeps a cache of JAAS Login module instances, where each instance once used, keeps a
reference to the last authenticated subject including all roles
[JOSSO-220] Support CDSSO with Liferay Portal 5.2 Created: 11/May/10                          Updated:
20/Jul/10 Resolved: 31/May/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature                  Priority:            Major
Reporter:               Gianluca Brigandi            Assignee:            Gianluca Brigandi
Resolution:             Fixed                        Votes:               0


Comments
Comment by Dusan Fisic [ 31/May/10 9:12 AM ]
Implemented agent with full install command for tomcat and jboss.
(Other platforms can use partial install command)
See http://www.josso.org/confluence/display/JOSSO1/Setup+JOSSO+Agent+-+Liferay+5.2.x
[JOSSO-219] Support building an authorative source for user
information from multiple sources Created: 10/May/10 Updated: 20/Jul/10 Resolved: 14/May/10
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8.1
Fix Version/s:       JOSSO 1.8.2

Type:                New Feature                         Priority:            Major
Reporter:            Gianluca Brigandi                   Assignee:            Gianluca Brigandi
Resolution:          Fixed                               Votes:               0

Sub-Tasks:           Key                 Summary                Type       Status     Assignee
                     JOSSO-222           Support script-based   Sub-task   Closed     Gianluca Brigandi
                                         mapping rules
                     JOSSO-223           Support expression-    Sub-task   Closed     Gianluca Brigandi
                                         based mapping rules
[JOSSO-218] NPE is thrown when trying to use JBoss 5.1 as Agent Created:
30/Apr/10 Updated: 12/Aug/11 Resolved: 14/Jul/11
Status:                  Closed
Project:                 JOSSO
Component/s:             JBoss 5.0 Agent
Affects Version/s:       JOSSO 1.8.2
Fix Version/s:           JOSSO 1.8.4

Type:                    Bug                                   Priority:                Major
Reporter:                Zaid Fattuhi                          Assignee:                Goran Nastov
Resolution:              Cannot Reproduce                      Votes:                   0
Environment:             Windows, JBoss 5.1 AS as agent, Tomcat 6.0.26 as Gateway josso-1.8.2-r1573, both
                         installed in the same physical machine


Description

When trying to set JBoss 5.1 with josso agent (josso-1.8.2-r1573), I am getting NullPointerException at line 46 in
SSOGatewayHandler.java , as ssoSessionId is null:

class SSOGatewayHandler {
line: 46 pc.setPassword(ssoSessionId.toCharArray());
}

More details are here:
https://sourceforge.net/projects/josso/forums/forum/399715/topic/3677327

I think This happens when the Gateway redirects back to the Agent to JBoss 5.1. After the redirecting, a blank page
is displayed with this url :

http://127.0.0.1/partnerapp/josso_security_check?josso_assertion_id=A5741D6DAC3A80A7

It would be a really big help if you can sort this out asap :). I am sure a lot of developers are having this type of
problem.

Finally, thanks a million guys for the great effort, you've really simplified the installations with those command lines.



Comments
Comment by Zaid Fattuhi [ 30/Apr/10 5:50 PM ]
Stack trace:

23:47:05,984 ERROR [JaasHttpSSOAgent] java.lang.NullPointerException
      at org.josso.agent.http.SSOGatewayHandler.handle(SSOGatewayHandler.java:
46)
      at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(Lo
ginContext.java:955)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(L
oginContext.java:951)
      at org.josso.jaspi.agent.SSOGatewayLoginModule.login(SSOGatewayLoginModu
le.java:116)
      at org.josso.jb5.agent.JBossSSOGatewayLoginModule.login(JBossSSOGatewayL
oginModule.java:84)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
86)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6
80)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at org.josso.agent.http.JaasHttpSSOAgent.authenticate(JaasHttpSSOAgent.j
ava:65)
      at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java
:347)
      at org.josso.jaspi.agent.JASPISSOAuthModule.validateRequest(JASPISSOAuth
Module.java:352)
      at org.jboss.security.auth.message.config.JBossServerAuthContext.invokeM
odules(JBossServerAuthContext.java:172)
      at org.jboss.security.auth.message.config.JBossServerAuthContext.validat
eRequest(JBossServerAuthContext.java:142)
      at org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isVa
lid(JASPIServerAuthenticationManager.java:79)
      at org.josso.jb5.agent.JOSSOJASPIAuthenticator.authenticate(JOSSOJASPIAu
thenticator.java:193)
      at org.josso.jb5.agent.JOSSOJASPIAuthenticator.invoke(JOSSOJASPIAuthenti
cator.java:109)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:92)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
ss(SecurityContextEstablishmentValve.java:126)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
e(SecurityContextEstablishmentValve.java:70)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:158)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:330)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:829)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:598)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
      at java.lang.Thread.run(Thread.java:619)

23:48:53,468 ERROR [JaasHttpSSOAgent] java.lang.NullPointerException
      at org.josso.agent.http.SSOGatewayHandler.handle(SSOGatewayHandler.java:
46)
      at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(Lo
ginContext.java:955)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(L
oginContext.java:951)
      at org.josso.jaspi.agent.SSOGatewayLoginModule.login(SSOGatewayLoginModu
le.java:116)
      at org.josso.jb5.agent.JBossSSOGatewayLoginModule.login(JBossSSOGatewayL
oginModule.java:84)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
86)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6
80)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at org.josso.agent.http.JaasHttpSSOAgent.authenticate(JaasHttpSSOAgent.j
ava:65)
      at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java
:347)
      at org.josso.jaspi.agent.JASPISSOAuthModule.validateRequest(JASPISSOAuth
Module.java:352)
      at org.jboss.security.auth.message.config.JBossServerAuthContext.invokeM
odules(JBossServerAuthContext.java:172)
      at org.jboss.security.auth.message.config.JBossServerAuthContext.validat
eRequest(JBossServerAuthContext.java:142)
      at org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isVa
lid(JASPIServerAuthenticationManager.java:79)
      at org.josso.jb5.agent.JOSSOJASPIAuthenticator.authenticate(JOSSOJASPIAu
thenticator.java:193)
      at org.josso.jb5.agent.JOSSOJASPIAuthenticator.invoke(JOSSOJASPIAuthenti
cator.java:109)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:92)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
ss(SecurityContextEstablishmentValve.java:126)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
e(SecurityContextEstablishmentValve.java:70)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:158)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:330)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:829)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:598)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
      at java.lang.Thread.run(Thread.java:619)

Comment by Goran Nastov [ 20/Jul/10 8:31 AM ]
I tested it with the latest 1.8.2 shapshot (jboss 5.1 as agent, tomcat 6.0.26 as gateway, using memory store) and I
can't reproduce it. It looks like it's fixed (look at issues JOSSO-229 and JOSSO-232), but it might be related to NTLM
authentication configuration (it wasn't tested with NTML).
Comment by Giovanni Marigi [ 16/Jan/11 5:48 AM ]
I'm facing the same problem described by Goran; my configuration is the following:
jboss as 5.1 - josso 1.8.3
josso gateway and installed on jboss - db identity store on mysql

Login goes successfully but when josso tries to redirect back to my partnerapp the stack trace is the following:

2011-01-16 12:43:55,579 INFO [org.josso.AUDIT] (http-127.0.0.1-8080-2) Sun Jan 16 12:43:55 CET 2011 - sso-user
- info - user1 - authenticationSuccess=success - authScheme=basic-
authentication,ssoSessionId=DFD017FA55CEEBF044EB742EA29A67CD
2011-01-16 12:43:55,658 ERROR [org.josso.agent.http.JaasHttpSSOAgent] (http-127.0.0.1-8080-3)
java.lang.NullPointerException
at org.josso.agent.http.SSOGatewayHandler.handle(SSOGatewayHandler.java:57)
at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:955)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:951)
at org.josso.jaspi.agent.SSOGatewayLoginModule.login(SSOGatewayLoginModule.java:118)
at org.josso.jb5.agent.JBossSSOGatewayLoginModule.login(JBossSSOGatewayLoginModule.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.josso.agent.http.JaasHttpSSOAgent.authenticate(JaasHttpSSOAgent.java:68)
at org.josso.agent.AbstractSSOAgent.execute(AbstractSSOAgent.java:378)
at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:291)
at org.josso.jaspi.agent.JASPISSOAuthModule.validateRequest(JASPISSOAuthModule.java:350)
at
org.jboss.security.auth.message.config.JBossServerAuthContext.invokeModules(JBossServerAuthContext.java:172)
at
org.jboss.security.auth.message.config.JBossServerAuthContext.validateRequest(JBossServerAuthContext.java:142
)
at
org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isValid(JASPIServerAuthenticationManager.java:
79)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.authenticate(JOSSOJASPIAuthenticator.java:195)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.invoke(JOSSOJASPIAuthenticator.java:111)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:
126)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:7
0)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)

Comment by Goran Nastov [ 09/Feb/11 11:24 AM ]
I tested again and I still can't reproduce it (I used jboss 5.1.0 GA, josso 1.8.3, mysql).
What Java version are you using? Windows or Linux? Are you using sample partnerapp for jboss 5 distributed with
josso 1.8.3 or your custom application?
Can you try adding wsdl4j.jar as suggested in
http://sourceforge.net/projects/josso/forums/forum/399715/topic/3677327?message=9094295 ?
[JOSSO-217] JDBC-DBI-Store throws Transaction-related error when
using DB2 Created: 30/Apr/10 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           DB Identity Store
Affects Version/s:     JOSSO 1.8.2
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                 Priority:               Minor
Reporter:              Thomas Jaspers                      Assignee:               Goran Nastov
Resolution:            Fixed                               Votes:                  0
Environment:           Tomcat 6.0 + IBM DB2


Description
When configuring JOSSO together with an IBM DB2 database for a JDBC identy store the following error message
shows up
when trying to login:

Error : Error while clossing connection [jcc][10251][10308][4.0.100] java.sql.Connection.close() wurde angefordert,
während eine Transaktion über die Verbindung ausgeführt wird. Die Transaktion bleibt aktiv. Die Verbindung kann
nicht geschlossen werden. ERRORCODE=-4471, SQLSTATE=null

The problem could be tracked down to an issue in closing the connection, which is happening because the
connection is closed without doing a commit beforehand. This might be either related to a special handling of
transactions in DB2 or a different implementation in the JDBC-driver, because a test with MySQL was working
without problems.

We have temporarily fixed this problem in our project by wrapping the DB2 JDBC-driver and calling a con.commit()
first in the close()-method, but it would be of course great to have a permanent fix for this in JOSSO itsself.

Comments
Comment by Sebastian Gonzalez Oyuela [ 20/Jul/10 7:32 AM ]
We need to add a con.commit() before closing the connection, the close should be executed even if the commit fails
[JOSSO-216] In a multiple security domain setup, with different Event
Managers for each domain, Josso does not honour the different event
managers Created: 16/Apr/10 Updated: 22/Oct/10
Status:                 Open
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          None

Type:                   Bug                                  Priority:               Major
Reporter:               Tom Taylor                           Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Unresolved                           Votes:                  0
Environment:            Tomcat 6.0.20, both on Windows XP (dev) and Ubuntu kernel 2.6.26 (test)


Description
In an environment with multiple security domains set up, we want different event handling in each domain. For
example;

"portal" domain - NTLM authentication, no event handling required.
"application" domain - Bind authentication to AD. Event handling should log access attempts to separate system.
Ideally we might want to retrieve additional role information for logins to this system from a non-AD source.

Both domains have been configured with a different SpringJMXSSOEventManager instance and on the "application"
domain we've added an event handler to do our custom processing. However that event handler is never being
called, despite being correctly registered on the Event Manager instance for the domain.

A little bit of additional debugging within the core classes has revealed that the "NotificationPublisher publisher"
member variable on the "application" event manager instance appears to be getting set to the event manager from
the "portal" domain. As a result when the app event manager fireSSOEvent method is called, it then calls the
sendNotification method on the "portal" event manager, and never calls its own handleNotification method.

The implication seems to be that there should only be one event manager per Josso Gateway - is this correct? We
definitely want to have our domains cleanly separated with different handling within each one, so I am curious if this is
actually intended behaviour or not.

Comments
Comment by Tom Taylor [ 12/May/10 2:39 AM ]
Figured out that this can be resolved by configuring specific event managers as notification listeners in the JMX
config for the exporter (MBeanExporter) bean. With a bit of fiddling, this has resolved the issue from our side.
[JOSSO-215] Josso session is not getting timed out Created: 06/Apr/10                                    Updated:
20/Jul/10 Resolved: 20/Jul/10
Status:                      Closed
Project:                     JOSSO
Component/s:                 PHP Agent
Affects Version/s:           JOSSO 1.8.1
Fix Version/s:               JOSSO 1.8.2

Type:                        Bug                             Priority:               Critical
Reporter:                    kamlesh Bhure                   Assignee:               Goran Nastov
Resolution:                  Cannot Reproduce                Votes:                  0
Environment:                 ubuntu, PHP5.2.6, Apache 2.0, Mysql5


Description
I have integrated josso single sign with 4 different services out of which 2 are PHP services and other 2 are JAVA
application.
I am using php-josso-agent to integrate with all PHP services. Also josso.php file I am including wherever loggedin
user session need to check.

Problem I am facing is I have set maxinactivetime to 2hr i.e. 120mins. in josso-agent-config.xml file in tomcat lib
directory. but even after this session is not getting destroyed if users maxinactivetime is more than 120mins.
I am checking it using $userInSession = $josso_agent->getUserInSession(); method call. even after elapsed time
session in user is same.

Comments
Comment by Goran Nastov [ 20/Jul/10 11:43 AM ]
I tried it by setting maxInactiveInterval to 1 minute (in josso-gateway-config.xml, not josso-agent-config.xml) and
session is invalidated for both java and php partner applications.

Is this issue still valid?
[JOSSO-214] Query string causing Segmentation fault and core dump.
Created: 29/Mar/10 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          None

Type:                   Bug                                 Priority:             Critical
Reporter:               Eric Blix                           Assignee:             Goran Nastov
Resolution:             Cannot Reproduce                    Votes:                0
Environment:            The Agent is located on: Apache Httpd-2.2.14
                        The Gateway is located on: Apache Tomcat-5.5.28
                        Using mod_jk-1.2.28-httpd-2.2.X in order to mount the gateway
                         E.G. JkMount /josso/* localTC


Description
This environment works very well with exception of the following error.

Problem:
1) Open a new browser. Both Firefox and IE display the same issue. (Very important that this is a new browser
session.)
2) Browse directly to a URL with a query string
  E.G. http://localhost/myApp/myPath/myServlet?String1=Value1
3) Firefox will display a blank screen while IE will display a error.

The following message appears in the error_log file:
[Mon Mar 29 09:29:07 2010] [notice] child pid 11764 exit signal Segmentation fault (11), possible coredump in /tmp/

The core dump states:
Core was generated by `/usr/share/apache-httpd-2.2.14/bin/httpd -k start'.
Program terminated with signal 11, Segmentation fault.
#0 0x005d569e in apr_array_pstrcat (p=0x9409158, arr=0x0, sep=44 ',') at tables/apr_tables.c:237
237 tables/apr_tables.c: No such file or directory.
in tables/apr_tables.c


The follow scenarios work correctly.
1) Open a new browser.
2) Browse directly to a URL without a query string
  E.G. http://localhost/myApp/myPath/myServlet
3) No issue, works as expected.


1) Open a new browser. Both Firefox and IE display the same issue. (Very important that this is a new browser
session.)
2) Browse directly to a URL with a query string
  E.G. http://localhost/myApp/myPath/myServlet?String1=Value1
3) Firefox will display a blank screen while IE will display a error.
  Note: The URL is rewritten as http://localhost/myApp/myPath/myServlet?String1=Value1/josso_security_check
4) Delete the "/josso_security_check" off the end of the URL and resubmit the request. We are basically going back
to the URL using a existing session instead of a new session.
5) No issue, works as expected.



Comments
Comment by Goran Nastov [ 12/Apr/10 6:52 PM ]
This issue is related to issue JOSSO-202 and it's probably fixed. Please see my comment on JOSSO-202 and, if you
can, give me some feedback regarding this before I resolve it.
Comment by Eric Blix [ 14/Apr/10 12:13 PM ]
We identified the issue to be in (josso-apache22-agent-1.8.1/mod_auth_josso/mod_auth_josso.c) the function
form_value(), apr_hash_get() is returning null and assigning it to v_arr. The core-dump occurs when the null v_arr
argument is passed to apr_array_pstrcat(). One of our developers added some debug code to form_value() to
analyse the contents of the variable 'form' (type: apr_hash_t *). The 'form' hash only contains a single entry with key
value of 'String1', where 'String1' is the field name in the query string. According to him it appears to detect that it
needs to login, but appears to fail when redirected to the login servlet.

In our environment I physically tested both josso-1.8.1 and josso-1.8.2-r1573. Both versions had the same issue. I
visually compared four different versions, josso-1.8.1, josso-1.8.2-r1573, branches/JOSSO_1_8_2_B, and
branches/JOSSO_1_9_0_B.

For the focus of this conversation I will be referring to josso-1.8.1.tar.gz://dist/agents/src/josso-apache22-agent-
1.8.1/mod_auth_josso/mod_auth_josso.c as mod_1.8.1 and I will be referring to
https://josso.svn.sourceforge.net/svnroot/josso/josso1/branches/JOSSO_1_8_2_B/josso/agents/josso-apache22-
agent/mod_auth_josso/mod_auth_josso.c as mod_1.8.2b.

We patched "mod_1.8.1" line#915 "r->unparsed_uri" in a way that appears to be very similar to "mod_1.8.2b"
line#1251. The fact that changes were made in the same area and close to the same way give me confidence that
this might be fixed in version control.

Due to the number of changes in version control I will not be able to determine if this issue has been resolved until
this change in version control is released.

I look forward to the next release of JOSSO.

Thanks,
Eric
Comment by Gianluca Brigandi [ 14/Apr/10 6:57 PM ]
Please try building from the JOSSO 1.8.2 branch and followup on if you were able to reproduce it using this build.
[JOSSO-213] update documentation: Jossify your Application for
Tomcat - Quick Start Created: 27/Mar/10 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            Documentation
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:               Minor
Reporter:               opensas                             Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                  0

Attachments:                 manager.xml       server.xml        tomcat-users.xml

Description
the corresponding text should be modified like this:

2. For each non-jossified application add a <Context> with <Realm> configuration in
$CATALINA_BASE/conf/<enginename>/<hostname>/<webapp_name>.xml

(i.e. In Catalina/localhost/manager.xml set the Tomcat Manager web application as non-jossified)

$CATALINA_BASE/conf/Catalina/localhost/$webapp_name.xml

<Context privileged="true" antiResourceLocking="true" antiJARLocking="true">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Context>

because in the documentation it's not clear the name of the file to modify

more info

see: https://sourceforge.net/projects/josso/forums/forum/399715/topic/3626392/index/page/1

Comments
Comment by opensas [ 28/Mar/10 11:39 AM ]
documentation should be updated according to the following files

c:\tomcat6\conf\server.xml

c:\tomcat6\conf\tomcat-users.xml

C:\tomcat6\conf\Catalina\localhost\manager.xml
[JOSSO-212] svn properties are not configured correctly Created: 26/Mar/10
Updated: 22/Oct/10
Status:                Open
Project:               JOSSO
Component/s:           Apache HTTP 2.2 Agent
Affects Version/s:     JOSSO 1.8
Fix Version/s:         None

Type:                  Task                                Priority:              Minor
Reporter:              Manuel Jesús Recena Soto            Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Unresolved                          Votes:                 0


Description
The binary dist (josso-1.8.1.zip) contains files (makemake, configure) with windows style EOL.
It would be advisable to review the property svn:eol-style.

Regards,

Comments
Comment by Sebastian Gonzalez Oyuela [ 20/Jul/10 7:44 AM ]
Make sure that maven assembly plugin uses correct configuration when packaging .zip files
[JOSSO-211] update josso setup documentation to reflect that josso
now supports java 1.6 Created: 26/Mar/10 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            Documentation
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.3

Type:                   Bug                                  Priority:           Trivial
Reporter:               opensas                              Assignee:           Sebastian Gonzalez Oyuela
Resolution:             Fixed                                Votes:              0
Environment:            all


Description
the installation
http://www.josso.org/confluence/display/JOSSO1/Setup+JOSSO+Gateway+(IdP)

says that we need jdk 1.5 to setup the gateway or the agent.

since last november java 1.5 has reached end of service life, according to sun

can josso 1.8.1 work with java 1.6 ? (I'm using build 1.6.0_18-b07)

and if not, are there any plans to upgrade it to java 1.6?

see: http://sourceforge.net/projects/josso/forums/forum/399715/topic/3626215

Comments
Comment by Sebastian Gonzalez Oyuela [ 20/Jul/10 7:56 AM ]
Keep in mind that although JOSSO 1.8 supports JDK 6, some of the supported containers do not.
[JOSSO-210] NtlmProtocolHandler assumes NTLMv2 won't work with
CIFS Created: 18/Mar/10 Updated: 12/Aug/11 Resolved: 22/Oct/10
Status:                 Closed
Project:                JOSSO
Component/s:            NTLM Auth Scheme
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.3

Type:                   Bug                                   Priority:             Major
Reporter:               Brian Kalbfus                         Assignee:             Sebastian Gonzalez Oyuela
Resolution:             Fixed                                 Votes:                1
Environment:            Microsoft Windows Server 2003 R2
                        Tomcat 6.0
                        Internet Explorer 7.0 / Firefox 3.6


Description
Receiving error:
NTLMv2 requires extended security (jcifs.smb.client.useExtendedSecurity must be true if jcifs.smb.lmCompatibility >=
3):org.josso.auth.exceptions.AuthenticationFailureException

Would you please revisit the following code assumption in NtlmProtocolHandler:
    /* The protocol handler can only work with NTLMv1 as it uses a man-in-the-middle
     * techinque that NTLMv2 specifically thwarts. A real NTLM Filter would
     * need to do a NETLOGON RPC that JCIFS will likely never implement
     * because it requires a lot of extra crypto not used by CIFS.
     */
    Config.setProperty( "jcifs.smb.client.useExtendedSecurity", "false" );

From what I glean on CIFS, they use some mapping to an RPC$ share or something like this to implement NTLMv2,
but that jcifs.smb.client.useExtendedSecurity must be set to true. I have not successfully built josso, so I can't test
whether setting this property to true would have any affect. Could you please make it configurable in the josso-
gateway-config.xml file?

I have this listed as Major priority because the only workaround is to not use NTLM authentication. Setting
jcifs.smb.lmCompatibility to 2 or lower on the Tomcat JVM results in this error: Logon failure: unknown user name or
bad password.:org.josso.auth.exceptions.AuthenticationFailureException



Comments
Comment by Juan Luis [ 03/Sep/10 5:24 AM ]
In JOSSO 1.8.2 still receiving same error: NTLMv2 requires extended security (jcifs.smb.client.useExtendedSecurity
must be true if jcifs.smb.lmCompatibility >= 3):org.josso.auth.exceptions.AuthenticationFailureException
I test in environment in jboss 5.1.0.GA
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/10 10:24 AM ]
As a workaround for 1.8.2 and earlier set the following JAVA system property in your VM:

jcifs.smb.lmCompatibility=0
[JOSSO-209] Selfservice LostPasswordAction fails in clustered
environments, "setAttribute: Non-serializable attribute" Created: 18/Mar/10                             Updated:
20/Jul/10 Resolved: 20/Jul/10
Status:                  Closed
Project:                 JOSSO
Component/s:             SSO Gateway
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                             Priority:             Major
Reporter:                Josh Stortz                     Assignee:             Sebastian Gonzalez Oyuela
Resolution:              Fixed                           Votes:                0
Environment:             CentOS5, JDK 1.6.0_13, Tomcat 6.0.18


Description
The (josso-core) BaseProcessResponse class does not implement Serializable, preventing a clustered gateway from
servicing lost password requests.

- Error recovering password : setAttribute: Non-serializable attribute
java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute
      at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1295)
      at org.apache.catalina.ha.session.DeltaSession.setAttribute(DeltaSession.java:567)
      at org.apache.catalina.ha.session.DeltaSession.setAttribute(DeltaSession.java:551)
      at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130)
      at org.josso.selfservices.password.LostPasswordAction.execute(LostPasswordAction.java:104)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
      at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.josso.gateway.filter.ProtocolHandlerFilter.doFilter(ProtocolHandlerFilter.java:103)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:275)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:209)
      at org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
      at java.lang.Thread.run(Thread.java:619)

Comments
Comment by Josh Stortz [ 01/Jun/10 2:36 PM ]
Any updates regarding this being fixed in an upcoming release?
[JOSSO-208] Error initializing agent java.lang.IllegalArgumentException:
Config locations must not be null Created: 17/Mar/10 Updated: 20/Jul/10 Resolved: 18/Mar/10
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 5.0 Agent
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0
Environment:            JBoss 5.0.1.GA, JBoss 5.1.0.GA (same behavior in both environments)


Description
The agent was installed using josso installer for jboss 5 platform. Only agent and samples were installed.

17:32:14,042 INFO [ServerImpl] JBoss (Microcontainer) [5.0.1.GA (build: SVNTag=JBoss_5_0_1_GA
date=200902231221)] Started in 29s:482ms
17:33:34,650 WARN [JOSSOJASPIAuthenticator] Unexpected error forwarding to login page
java.lang.IllegalArgumentException: Config locations must not be null
at org.springframework.util.Assert.noNullElements(Assert.java:241)
at
org.springframework.context.support.AbstractRefreshableConfigApplicationContext.setConfigLocations(AbstractRefr
eshableConfigApplicationContext.java:78)
at
org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:1
37)
at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:158)
at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
at org.josso.agent.config.SpringComponentKeeperImpl.<init>(SpringComponentKeeperImpl.java:51)
at
org.josso.agent.config.SpringComponentKeeperFactoryImpl.newComponentKeeper(SpringComponentKeeperFactor
yImpl.java:33)
at org.josso.agent.Lookup.getComponentKeeper(Lookup.java:125)
at org.josso.agent.Lookup.lookupSSOAgent(Lookup.java:102)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.forwardToLoginPage(JOSSOJASPIAuthenticator.java:267)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.authenticate(JOSSOJASPIAuthenticator.java:178)
at org.josso.jb5.agent.JOSSOJASPIAuthenticator.invoke(JOSSOJASPIAuthenticator.java:111)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:
126)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:7
0)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:595)
[JOSSO-207] Can not logout after Tomcat session expires. Created: 12/Mar/10
Updated: 12/Aug/11 Resolved: 18/Jan/11
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          None

Type:                   Bug                                 Priority:                  Major
Reporter:               Eric Blix                           Assignee:                  Goran Nastov
Resolution:             Work as Designed                    Votes:                     0
Environment:            Apache HTTP (Agent) Tomcat 6.0 (Gateway)


Description
I assume this effects other environments but Tomcat 6.0 is the easiest to test with.

1) Log into the JOSSO protected application on a Apache HTTP server with the JOSSO gateway located on a
Tomcat 6.0 server.
2) Using the Tomcat 6.0 Web Application Manager expire all the JOSSO gateway sessions, or wait 5 minutes (your
call).
3) Back in the JOSSO protected application the user can no longer logout.

Thanks.



Comments
Comment by Goran Nastov [ 12/Jan/11 11:09 AM ]
I tried it with JOSSO 1.8.1 but I can't reproduce it.
What exactly happens when you click on Logout link? Are there any exceptions in the log files?
Have you tried using the latest JOSSO version?
Comment by Eric Blix [ 18/Jan/11 8:52 AM ]
We have upgraded to 1.8.3 and keep all the time outs in sync between Tomcat and JOSSO. This issue can be
closed.
Enhance default josso agent config      (JOSSO-204)



   [JOSSO-206] Enhance default josso agent config for non Java Agents
Created: 11/Mar/10 Updated: 22/Oct/10
Status:                 Open
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent, ISAPI Agent, PHP Agent
Affects Version/s:      None
Fix Version/s:          None

Type:                   Sub-task                       Priority:        Major
Reporter:               Sebastian Gonzalez Oyuela      Assignee:        Goran Nastov
Resolution:             Unresolved                     Votes:           0
Enhance default josso agent config     (JOSSO-204)



   [JOSSO-205] Enhance default josso agent config for Java Agents Created:
11/Mar/10 Updated: 20/Jul/10 Resolved: 15/Mar/10
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 3.2 Agent, JBoss 4.0 Agent, JBoss 4.2 Agent, JBoss 5.0 Agent, Tomcat 5.0 Agent,
                        Tomcat 5.5 Agent, Tomcat 6.0 Agent, Weblogic 10 Agent, Weblogic 8.1 Agent, Weblogic 9.2
                        Agent, Websphere CE 2.1 Agent
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Sub-task                         Priority:             Critical
Reporter:               Sebastian Gonzalez Oyuela        Assignee:             Goran Nastov
Resolution:             Fixed                            Votes:                0
[JOSSO-204] Enhance default josso agent config Created: 11/Mar/10                              Updated: 06/Sep/12
Resolved: 12/Aug/11
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.6

Type:                  New Feature                        Priority:              Critical
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0

Sub-Tasks:             Key                 Summary                 Type         Status      Assignee
                       JOSSO-205           Enhance default josso Sub-task       Closed      Goran Nastov
                                           agent config fo...
                       JOSSO-206           Enhance default josso Sub-task       Open        Goran Nastov
                                           agent config fo...

Description
The default josso agent configuration should add include the following components:

(Note that the host name can be modified as requested in JOSSO-203 )

    <parametersBuilders>
      <agent:appid-parameters-builder/>
    </parametersBuilders>

    <automaticLoginStrategies>
      <agent:default-automaticlogin-strategy mode="REQUIRED">
         <property name="ignoredReferrers">
           <list>
             <value>http://localhost:8080/IDBUS&lt;/value>
           </list>
         </property>
      </agent:default-automaticlogin-strategy>
    </automaticLoginStrategies>
[JOSSO-203] Agent installer should be able to support host-name and
idbus-idp options Created: 11/Mar/10 Updated: 20/Jul/10 Resolved: 17/Mar/10
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       None
Fix Version/s:           JOSSO 1.8.2

Type:                    New Feature                           Priority:                   Critical
Reporter:                Sebastian Gonzalez Oyuela             Assignee:                   Goran Nastov
Resolution:              Fixed                                 Votes:                      0


Description
The JOSSO installer should support two new options:

idp-host-name : allows the user to specify the gateway host, used in soap endpoint and login URLs
host-name : allows the user to specify the name of the host where the agent is being deployed.
idp-type : (values : josso, atricore-idbus).

The changes that should be done to josso-agent-config.xml for idp-type: atricore-idbus can be found at
http://www.atricore.org/confluence/display/IDBUS/Quick+Start

We can use the same mechanism used to update catalina server.xml file, but we must update the josso-agent-
config.xml file file after installing it.

Comments
Comment by Sebastian Gonzalez Oyuela [ 17/Mar/10 10:06 AM ]
idp-type option should be constraint to a set of valid values : josso, atricore-idbus . The following command installs a
josso idp:

agent install -t /tmp/apache-tomcat-6.0.26 -p tc60 --idp-type xxxx

The -p --platform option has a similar behaviour , restraining the list of valid values.
[JOSSO-202] josso-session-manager creating a invalid URL upon
timeout Created: 11/Mar/10 Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent, Tomcat 5.5 Agent
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:               Major
Reporter:               Eric Blix                           Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0
Environment:            Fedora Linux, apache-httpd-2.2.14, apache-tomcat-5.5.28, mod_jk-1.2.28-httpd-2.2.X.so


Description
If a protected website, that uses query strings, and the session times out JOSSO creates a invalid URL. This is best
explained with a example.

I set my maxInactiveInterval = 1 minute (60 seconds)

1) Browse to a JOSSO protected URL that contains a query string.
  E.G. https://www.mysite.com/myApp/myServlet?parameter1=value&parameter2=value2
2) Wait a minute (60 seconds)
3) When you navigate to another link within the site the "/josso_security_check" is appended to the end of the existing
URL. Creating a URL like the following.
  https://www.mysite.com/myApp/myServlet?parameter1=value&parameter2=value2/josso_security_check&josso_as
sertion_id=CF1EBF3D5945B632

The "/josso_security_check" part of the URL should be inserted before the "?" creating a URL like the following.
  https://www.mysite.com/myApp/myServlet/josso_security_check?parameter1=value&parameter2=value2&josso_as
sertion_id=CF1EBF3D5945B632

Thanks,
Eric



Comments
Comment by Goran Nastov [ 12/Apr/10 6:50 PM ]
I couldn't reproduce the exact issue with 1.8.2 agent. I reproduced something similar when using query string and I
committed a fix for that (you can see what is changed here:
http://josso.svn.sourceforge.net/viewvc/josso/josso1/branches/JOSSO_1_8_2_B/josso/agents/josso-apache22-
agent/mod_auth_josso/mod_auth_josso.c?r1=1596&r2=1604&pathrev=1604 ).

I think that fix also resolves this issue. Can you maybe try it and give me some feedback before I resolve the issue?
(you could apply the changes to 1.8.1 agent or use 1.8.2 agent with the available 1.8.2-r1573 gateway ... this 1.8.2-
r1573 release should be compatible with the latest apache 1.8.2 agent from the development branch but I am not
100% sure, maybe you need the latest 1.8.2 gateway build ... I could also attach the changed 1.8.1 agent or the latest
gateway build).
[JOSSO-201] Agent - Apache - installation error Created: 04/Mar/10                             Updated: 12/Aug/11
Resolved: 20/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                Priority:               Major
Reporter:              Stefan FIlatov                     Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                  0
Environment:           Ubuntu, Josso-1.8.1

Attachments:               config.log

Description
Hello,

I'm trying to build Apache agent.
During executing "sudo ./configure --with-apache-include=/usr/include/apache2 --with-apr-include=/usr/include/apr-
1.0", i'm getting error: "config.status: error: cannot find input file: `Makefile.in'".

Config.log in the attachment.

How can it be resolved?

With regards, Stefan
[JOSSO-200] Missing archetype dependency Created: 27/Feb/10                          Updated: 12/Aug/11
Resolved: 23/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           Build System
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                 Priority:         Major
Reporter:              Gianluca Brigandi                   Assignee:         Goran Nastov
Resolution:            Fixed                               Votes:            0


Description
https://sourceforge.net/projects/josso/forums/forum/399715/topic/3543655

Comments
Comment by Sebastian Gonzalez Oyuela [ 20/Jul/10 8:06 AM ]
Make sure that archetype artifacts contain latest 1.8.2 enhancements
Comment by Goran Nastov [ 20/Jul/10 7:37 PM ]
I successfully created and tested under jetty (mvn jetty:run-war) JOSSO gateway using JOSSO gateway archetype
for version 1.8.0, 1.8.1 and 1.8.2-SNAPSHOT.
josso-common jar wasn't missing in the created war files. Gateway archetype for 1.8.2-SNAPSHOT was already 99%
updated with the latest changes, I committed the rest of the changes now so everything should be up to date.

I tested it in Fedora 12. Maybe I should try it under Windows?
Comment by Goran Nastov [ 23/Jul/10 12:14 PM ]
Gateway archetype (1.8.0, 1.8.1 and 1.8.2-SNAPSHOT) successfully tested on Windows XP.
[JOSSO-199] Password reset fails when autocommit is set Created: 27/Feb/10
Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                 Closed
Project:                JOSSO
Component/s:            DB Identity Store
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                Priority:              Major
Reporter:               Gianluca Brigandi                  Assignee:              Goran Nastov
Resolution:             Fixed                              Votes:                 0


Description
For more information see : https://sourceforge.net/projects/josso/forums/forum/399715/topic/3557300



Comments
Comment by Gianluca Brigandi [ 27/Feb/10 2:46 PM ]
the org.josso.gateway.identity.service.store.db.IdentityDAO bean attempts to commit always, which triggers the
"java.sql.SQLException: You cannot commit with autocommit set!" exception for JDBC connections with the
autocommit flag set to 'true'.

The autocommit property for jdbc connections used for write operations should be set to false.
[JOSSO-198] Isapi agent is case sensitive with base-uri Created: 18/Feb/10                                            Updated:
20/Jul/10 Resolved: 25/Feb/10
Status:                  Closed
Project:                 JOSSO
Component/s:             ISAPI Agent
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                    Priority:                 Critical
Reporter:                torsten blumreiter                     Assignee:                 Goran Nastov
Resolution:              Fixed                                  Votes:                    0
Environment:             Windows XP SP2, IIS 6, Tomcat 6.0


Description
I configured a web application in IIS named 'nv'. I defined this as a partner application in josso-agent-config.ini
[partnerapp.1]
base-uri=/nv

If I enter in the browser http://testapp/nv/test.aspx, the page is correctly redirected to the josso gateway for
authentication. If I enter http://testapp/NV/test.aspx (NV with capital letters), the isapi agent just let's it get through.
The logfile says:
[Thu Feb 18 22:52:13.453 2010] [1324:868] [debug] OnPreprocHeaders::JOSSOIsapiPlugin.cpp (122):
[/NV/test.aspx] is not associated to a partner application, ignoring

Then I can access this page, which was meant to be protected.
Identify partner application in back channel requests   (JOSSO-194)



  [JOSSO-197] Implement change in Java native agents and JBoss
portal agents Created: 18/Feb/10 Updated: 20/Jul/10 Resolved: 01/Mar/10
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task                           Priority:    Major
Reporter:             Sebastian Gonzalez Oyuela          Assignee:    Goran Nastov
Resolution:           Fixed                              Votes:       0


Description
Change might be partially implemented.
Identify partner application in back channel requests    (JOSSO-194)



   [JOSSO-196] Implement change in non-java agents Created: 18/Feb/10                                     Updated:
20/Jul/10 Resolved: 25/Feb/10
Status:                 Closed
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent, ISAPI Agent, PHP Agent
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.2

Type:                   Sub-task                           Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela          Assignee:               Goran Nastov
Resolution:             Fixed                              Votes:                  0


Description
A new attribute is sent on SOAP messages identifying the partner application that submits the request. The filed is
called 'requester'.
[JOSSO-195] TooManyOpenSessions Exception Created: 15/Feb/10                                           Updated: 20/Jul/10
Resolved: 20/Jul/10
Status:                  Closed
Project:                 JOSSO
Component/s:             Tomcat 6.0 Agent
Affects Version/s:       JOSSO 1.8.2
Fix Version/s:           JOSSO 1.8.2

Type:                    Task                                  Priority:                Blocker
Reporter:                Venkata Ramana                        Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Fixed                                 Votes:                   0
Environment:             Josso 1.8.2, Tomca 6.0, HP-UX

Attachments:                tomcat.log

Description
Tomcat server is getting down automatically when trying to access any partner application. Is there any configuration
step, to delete all the open sessions or to set the number of sessions that can access the aprtner application ?

Quick response is appreciable.
Attached is the tomcat log.

Comments
Comment by Venkata Ramana [ 15/Feb/10 6:34 AM ]
After going thru the log, it appears that it is not related to the number sessions issue. It was working fine till we got
this. Not able to identify the problem.
[JOSSO-194] Identify partner application in back channel requests Created:
05/Feb/10 Updated: 20/Jul/10 Resolved: 05/Feb/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                       Priority:           Major
Reporter:               Sebastian Gonzalez Oyuela         Assignee:           Sebastian Gonzalez Oyuela
Resolution:             Fixed                             Votes:              0

Sub-Tasks:              Key                 Summary                Type       Status   Assignee
                        JOSSO-196           Implement change in    Sub-task   Closed   Goran Nastov
                                            non-java agents
                        JOSSO-197           Implement change in    Sub-task   Closed   Goran Nastov
                                            Java native agent...

Comments
Comment by Sebastian Gonzalez Oyuela [ 05/Feb/10 2:02 PM ]
Only implemented for JAVA Agents
[JOSSO-193] Partner applications should be able to send additional
information to gateway when requesting login/logout operations Created:
03/Feb/10 Updated: 20/Jul/10 Resolved: 03/Feb/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature                       Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela         Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                             Votes:                  0


Description
Partner applications should be able to send request parameters and session attributes (only string values) to the
gateway when requesting login/logout operations. The list of included/excluded parameters or attributes should be
configured per agent.

Comments
Comment by Sebastian Gonzalez Oyuela [ 03/Feb/10 2:49 PM ]
Java agents support only
[JOSSO-192] Trying to connect to a JOSSO protected Apache webserver
with multiple GET argument fails -> loop Created: 15/Jan/10 Updated: 12/Aug/11 Resolved:
17/Jan/11
Status:                Closed
Project:               JOSSO
Component/s:           Apache HTTP 2.2 Agent, NTLM Auth Scheme
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                 Priority:               Major
Reporter:              Filip Nollet                        Assignee:               Goran Nastov
Resolution:            Fixed                               Votes:                  0
Environment:           RHEL 5.4


Description
When I try to redirect a user from one webserver to another (all using JOSSO) and the URL has multiple GET options
in it, Josso fails to authenticate and the browser throws an error. In the webserver logs I get into a loop:


10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&ref_map_accs=MBAN02039&highlight=21009&data_source=
MARKER_CMAP HTTP/1.1" 302 772 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR
1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR
3.5.30729)"
10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=DDC4A327FD8BD6B1 HTTP/1.1" 302
673 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727;
.NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=5C269014BC31415B HTTP/1.1" 302 673
"-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET
CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=17B39A00E18DF760 HTTP/1.1" 302 673
"-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET
CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=89830286F5F66D17 HTTP/1.1" 302 673
"-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET
CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.3.154.20 - - [15/Jan/2010:14:14:31 +0100] "GET /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=97D57B01484C14FC HTTP/1.1" 302
673 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727;
.NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

As you can see the URL contains some GET arguments:
ref_map_set_acc=MBAN02039&ref_map_accs=MBAN02039&highlight=21009&data_source=MARKER_CMAP
These arguments are cut off and replace by:
map_details?ref_map_set_acc=MBAN02039&josso_assertion_id=DDC4A327FD8BD6B1
This fails as it should be: /cgi-
bin/cmap/map_details?ref_map_set_acc=MBAN02039&ref_map_accs=MBAN02039&highlight=21009&data_source=
MARKER_CMAP&josso_assertion_id=DDC4A327FD8BD6B1

When I replace the & signs in the URL with ; signs, the redirection works (JOSSO auth is ok then), but of course the
application does not receive the correct parameters and fails, so it has definetly something to with the
encoding/decoding/handling of the GET parameters by JOSSO
Can this be fixed?




Comments
Comment by Goran Nastov [ 12/Jan/11 1:12 PM ]
This should be fixed in JOSSO 1.8.2+ (I managed to reproduce something similar in JOSSO 1.8.1).
Can you please verify that it's fixed?
Comment by Josh Stortz [ 13/Jan/11 1:40 PM ]
We had a hard time finding a repeatable use case. But, I was able to craft a URL that caused the loop behavior on
1.8.1. After upgrading to 1.8.3 that URL no longer loops.
[JOSSO-191] Agents should be able to selectively trigger automatic
login process based on configured policies Created: 07/Jan/10 Updated: 20/Jul/10 Resolved:
27/Jan/10
Status:                 Closed
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent, ISAPI Agent, JBoss 3.2 Agent, JBoss 4.0 Agent, JBoss 4.2 Agent,
                        PHP Agent, Tomcat 5.0 Agent, Tomcat 5.5 Agent, Tomcat 6.0 Agent, Weblogic 10 Agent,
                        Weblogic 8.1 Agent, Weblogic 9.2 Agent, Websphere CE 2.1 Agent
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature                          Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela            Assignee:               Goran Nastov
Resolution:             Fixed                                Votes:                  0

Attachments:                all.txt     schema.txt

Comments
Comment by Sebastian Gonzalez Oyuela [ 12/Jan/10 8:55 AM ]
Bots list, all.txt contains the bots db using RFC 822 Record format. schema.txt describes record format.

The component that verifies if automatic login is required based on user agent must read this list. The list location
must be a property of this component, if no location is specified, the default embedded list will be used.


A record class must contain all robot properties and a map should be used to verify if a given user agent, received as
part of a HTTP request, belongs to the set of records.
Comment by Goran Nastov [ 27/Jan/10 6:44 PM ]
Strategies: DEFAULT, URLBASED, BOT.
Modes: REQUIRED, SUFFICIENT, OPTIONAL.

One strategy type can be declared more than once. Order of strategies is important.
If none of automatic strategies is defined then DEFAULT strategy is used (with SUFFICIENT mode).

Configuration examples:

=====================================
Java agents (josso-agent-config.xml):
=====================================

<automaticLoginStrategies>
<agent:bot-automaticlogin-strategy mode="REQUIRED" />
<agent:urlbased-automaticlogin-strategy mode="REQUIRED">
<ignoredUrlPatterns>
<value>regex1</value>
<value>regex2</value>
</ignoredUrlPatterns>
</agent:urlbased-automaticlogin-strategy>
<agent:default-automaticlogin-strategy mode="REQUIRED" />
</automaticLoginStrategies>

Default bots file for bot-automaticlogin-strategy is bots.properties packaged inside josso-agents-bin jar. If you want to
use different bots file put it in the same directory where josso-agent-config.xml is located and reference it from bot-
automaticlogin-strategy bean, e.g.:
<agent:bot-automaticlogin-strategy mode="REQUIRED" file="/myfile.txt" />
==========================
PHP agent (josso-cfg.inc):
==========================

$josso_automaticLoginStrategies = array(
   array('strategy' => 'URLBASED', 'mode' => 'REQUIRED', 'urlPatterns' => array('pattern1', 'pattern2')),
   array('strategy' => 'BOT', 'mode' => 'REQUIRED', 'botsFile' => '/path/to/bots.file'),
   array('strategy' => 'DEFAULT', 'mode' => 'REQUIRED')
);



==========================
Apache agent (httpd.conf):
==========================

UrlBasedAutoLoginStrategy "REQUIRED" "/pattern1,/pattern2"
BotAutoLoginStrategy "REQUIRED" "/path/to/bots.file"
DefaultAutoLoginStrategy "REQUIRED"



=====================================
ISAPI agent (josso-agent-config.ini):
=====================================

[automatic-login-strategy.1]
strategy=URLBASED
mode=REQUIRED
url-patterns=pattern1,pattern2

[automatic-login-strategy.2]
strategy=BOT
mode=REQUIRED
bots-file=C:\\bots.properties

[automatic-login-strategy.3]
strategy=DEFAULT
mode=REQUIRED
[JOSSO-189] XPP3 pull parser library not present. Specify another
driver. For example: new XStream(new DomDriver()) error Created: 29/Dec/09
Updated: 20/Jul/10 Resolved: 07/Jan/10
Status:                 Closed
Project:                JOSSO
Component/s:            Build System
Affects Version/s:      JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                              Priority:              Critical
Reporter:               Sebastian Gonzalez Oyuela        Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                            Votes:                 0


Description
XPP3 pull parser library not present. Specify another driver. For example: new XStream(new DomDriver())

Comments
Comment by Sebastian Gonzalez Oyuela [ 29/Dec/09 7:35 AM ]
Force maven war plugin version to 2.1-beta-1 . See http://jira.codehaus.org/browse/MWAR-184
[JOSSO-188] WASCE Agent build fails Created: 29/Dec/09                       Updated: 20/Jul/10 Resolved:
30/Dec/09
Status:               Closed
Project:              JOSSO
Component/s:          Build System
Affects Version/s:    JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:        JOSSO 1.8.2

Type:                 Bug                               Priority:             Major
Reporter:             Sebastian Gonzalez Oyuela         Assignee:             Goran Nastov
Resolution:           Fixed                             Votes:                0


Description
[ERROR] Could not load deployer configuration: org.apache.geronimo.framework/geronimo-gbean-deployer/2.1.4/car
org.apache.geronimo.framework/geronimo-gbean-deployer/2.1.4/car: ADD
org.apache.geronimo.framework/geronimo-gbean-deployer/2.1.4/car: READING
org.apache.geronimo.framework/geronimo-gbean-deployer/2.1.4/car: FAILED:
org.apache.geronimo.framework/geronimo-gbean-deployer/2.1.4/car
FINISHED

org.apache.geronimo.kernel.config.LifecycleException: load of org.apache.geronimo.framework/geronimo-gbean-
deployer/2.1.4/car failed
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.loadConfiguration(SimpleConfigurationManager.jav
a:267)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:816)
at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
at
org.apache.geronimo.kernel.config.ConfigurationManager$$EnhancerByCGLIB$$c67c8e12.loadConfiguration(<gene
rated>)
at org.apache.geronimo.mavenplugins.car.PackageMojo.buildPackage(PackageMojo.java:289)
at org.apache.geronimo.mavenplugins.car.PackageMojo.execute(PackageMojo.java:209)
at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:451)
at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:558)
at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:499)
at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:478)
at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.java:
330)
at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:291)
at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:142)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:336)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:129)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:287)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315)
at org.codehaus.classworlds.Launcher.launch(Launcher.java:255)
at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430)
at org.codehaus.classworlds.Launcher.main(Launcher.java:375)
Caused by: org.apache.geronimo.kernel.config.NoSuchConfigException: org.apache.geronimo.framework/geronimo-
gbean-deployer/2.1.4/car
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.loadConfigurationData(SimpleConfigurationManage
r.java:474)
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.loadConfiguration(SimpleConfigurationManager.jav
a:264)
[JOSSO-187] Improve Cluster support in Java Agents Created: 28/Dec/09                                    Updated:
20/Jul/10 Resolved: 11/Jan/10
Status:                 Closed
Project:                JOSSO
Component/s:            JBoss 3.2 Agent, JBoss 4.0 Agent, JBoss 4.2 Agent, Tomcat 5.0 Agent, Tomcat 5.5 Agent,
                        Tomcat 6.0 Agent, Weblogic 10 Agent, Weblogic 8.1 Agent, Weblogic 9.2 Agent, Websphere
                        CE 2.1 Agent
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                        Priority:               Critical
Reporter:               Sebastian Gonzalez Oyuela          Assignee:               Goran Nastov
Resolution:             Fixed                              Votes:                  0

Attachments:                josso-1.8.1-r1577-01.patch       josso-1.8.1-r1577-02.patch

Description
Since JOSSO 1.8.1, agents are using server side state to keep track of visited resources, automatic login attempts,
last referrer, etc. We need to improve agents in order to support clustered environments using load balancers without
sticky session support.
Agents should keep necessary state as client side variables (cookies).

Comments
Comment by Sebastian Gonzalez Oyuela [ 05/Jan/10 5:34 AM ]
JOSSO 1.8.1 r1577 patch with enhanced cluster support in gateway.
[JOSSO-185] Extra question mark added to URLs after using
/josso_user_login/ Created: 24/Dec/09 Updated: 20/Jul/10 Resolved: 28/Dec/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                Priority:               Minor
Reporter:              Sebastian Gonzalez Oyuela          Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                  0


Description
When a user access a ULR that contains rquest parameters and clicks the agent login url (/josso_user_login/), the
agent adds an extra question mark to the URL when the user is redirected back to the original resource.
[JOSSO-184] NTLM Test case fails Created: 23/Dec/09          Updated: 12/Aug/11 Resolved: 12/Aug/11
Status:              Closed
Project:             JOSSO
Component/s:         NTLM Auth Scheme
Affects Version/s:   JOSSO 1.8.2
Fix Version/s:       None

Type:                Bug                         Priority:           Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:           Goran Nastov
Resolution:          Won't Fix                   Votes:              0
[JOSSO-183] ISAPI agent doesn't properly handle invalid session ids
Created: 21/Dec/09 Updated: 12/Aug/11 Resolved: 20/Jul/10
Status:                  Closed
Project:                 JOSSO
Component/s:             ISAPI Agent
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                   Priority:                 Major
Reporter:                Bobby Lawrence                        Assignee:                 Goran Nastov
Resolution:              Fixed                                 Votes:                    0
Environment:             agent running on Windows 2003 Server w/ IIS v6


Description
Kept running into issues with old sessions. If I had a JOSSO_ SESSIONID cookie stored in my browser with a
session ID that was old or no longer valid, the agent would send a SOAP request to the gateway and receive a fault
in response and just die. The request never got forwarded to the login page. The filter would just stop processing.
From what I could tell on the gateway, a org.josso.gateway.ws._ 1_ 1.protocol.NoSuchSessionErrorType exception
was being thrown so it seems like the ISAPI filter doesn't properly handle this. This error became very apparent when
I was testing multiple agents. I would login using one of the agents, then use the sample app on the other agent to
logout. The minute I went back to the ISAPI agent, I would run into this problem because the cookie was still in the
browser. The ISAPI agent would see this cookie and try to assert the session on the gateway. It would then receive
the fault in response and fail instead of forwarding me to the gateway for authentication.

Comments
Comment by Goran Nastov [ 28/Dec/09 7:00 PM ]
I tried to reproduce it using JOSSO 1.8.1 and weblogic and tomcat gateway/agents but it was working as expected. If
I login using isapi agent and then logout using weblogic (or tomcat) agent and go back to isapi agent it will redirect
me to the login page. It also redirects me to the login page if I invalidate JOSSO session from JMX console.
For now I tested it with IIS 5.1 on Win XP, I will try it with Windows 2003 and IIS 6 when I install it.
You are using all agents and gateways from JOSSO 1.8.1, right? What browser are you using?
Comment by Bobby Lawrence [ 04/Jan/10 9:16 AM ]
All agents are 1.8.1 and I tried this mainly in Mozilla Firefox, but I just tested and it also doesn't work in IE 7.
Is the latest ISAPI agent the one that is downloadable from the Josso website?

FYI - I see this in the log file when this behavior happens:

[Mon Jan 04 10:12:55.908 2010] [1460:2968] [error] AbstractSSOAgent::accessSession::AbstractSSOAgent.cpp
(374): SOAP Error 12 at [http://misw2.jlab.org:80/josso/services/SSOSessionManager]

It seems that the agent sees the fact that a soap error has occurred (a fault), but it doesn't do anything about it.

This is what I see on the server side (weblogc):

####<Jan 4, 2010 10:47:00 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '2' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620020340> <BEA-000000> <DEBUG
auth.AuthenticatorImpl - getScheme() : checking strong-authentication>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
gateway.SSOContext - Created context in thread [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
gateway.SSOGatewayImpl - No security domain found for token :
[org.josso.gateway.session.service.SSOSessionManager/8E6651C2194D9DDF293104C928D575DD], using default
one : josso>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
gateway.SSOContext - Created context in thread [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
service.SSOSessionManagerImpl - [accessSession()] trying session : 8E6651C2194D9DDF293104C928D575DD>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
gateway.SSOGatewayImpl - SSOContext created from token
org.josso.gateway.session.service.SSOSessionManager/8E6651C2194D9DDF293104C928D575DD for
SecurityDomain josso>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
soapbinding.SSOSessionManagerBindingImpl - About to access session>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
store.MemorySessionStore - [load(8E6651C2194D9DDF293104C928D575DD)] Session not found>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
service.SSOSessionManagerImpl - [accessSession()] ended for session :
8E6651C2194D9DDF293104C928D575DD>
####<Jan 4, 2010 10:47:02 AM EST> <Notice> <Stdout> <misw2> <AuthServer> <[ACTIVE] ExecuteThread: '0' for
queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1262620022918> <BEA-000000> <DEBUG
soapbinding.SSOSessionManagerBindingImpl - JOSSO Session not found :
8E6651C2194D9DDF293104C928D575DD>

After this last log message, a fault is returned to the ISAPI agent and it just dies. Like I said - I don't get forwarded to
re-authenticate.

Also - I just noticed one more thing.
When I open IE for the first time and paste in the URL for a ISAPI agent protected resource, I get the resource
instead of being redirected. When I paste in the resource URL again, I get forwarded to the gateway to login. It seems
that it isn't consistent.

These issues might be related to IIS version 6. Let me know if you want me to try something or give you more info.
Comment by torsten blumreiter [ 18/Feb/10 3:41 PM ]
I ran into that problem, too. It occurs only, if the length of the name of the aspx-page is longer than 6 characters, e.g.
login1.aspx is correctly redirected, with login11.aspx, it crashes.
[JOSSO-182] ISAPI agent REMOTE_USER variable Created: 21/Dec/09                                            Updated:
12/Aug/11 Resolved: 12/Jan/11
Status:                  Closed
Project:                 JOSSO
Component/s:             ISAPI Agent
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.4

Type:                    Improvement                           Priority:                Minor
Reporter:                Bobby Lawrence                        Assignee:                Dusan Fisic
Resolution:              Won't Fix                             Votes:                   0
Environment:             agent running on Windows 2003 Server w/ IIS v6


Description
Secondly, the agent doesn't set the "REMOTE_ USER" environment variable.
We have thousands of lines of code that already check the REMOTE_USER variable to find the username of the
person authenticated. It would be nice if the agent/filter could set this properly.

Comments
Comment by Dusan Fisic [ 12/Jan/11 4:05 PM ]
Currently, josso isapi fileter is relaying on IIS anonymous authentication in a way that client is accessing protected
resource
as anonymous (looking from IIS perspective). Official documentation is pointing that, in order to set this variable,
Basic authentication
should be used for protected resource.

Solutions mentioned at http://www.derkeiler.com/Newsgroups/microsoft.public.inetserver.iis.security/2003-
07/1173.html don't work
because once you set username or password, anonymous access is omitted and windows (basic) authentication is
used (window pops up).
So this approach require existence of same accounts on local Windows installation (Windows is trying to impersonate
user).

REMOTE_USER is set only if Basic authentication is used.
Comment by Bobby Lawrence [ 12/Jan/11 5:36 PM ]
Why this is not being addressed?
After reading the information at the supplied link, it seems like all that is required is a bit of modification to the ISAPI
extension code of the agent....perhaps I'm missing something?
The author of the article you pasted in your comment stated a key point that "HSE_REQ_EXEC_URL (ISAPI
Extension functionality) is able to change the server variables...HSE_REQ_EXEC_URL on IIS6 makes this entire
process trivially easy as it can directly modify impersonation token (REMOTE_USER, and all *_USER variables)...it's
possible with one function call to just change REMOTE_USER server variable of a request".
The author also goes on to describe the issues faced when trying to set the REMOTE_USER variable from within an
ISAPI filter. It seems that these issues were the reasoning for closing this request and not wanting to provide a fix.
However, from what I can tell, the JOSSO agent is both an ISAPI filter AND an ISAPI extension so providing this
functionality should be "trivially easy" as David Wang at Microsoft states...
[JOSSO-181] Support SSL in agent back channel Created: 21/Dec/09                                 Updated: 12/Aug/11
Resolved: 08/Dec/10
Status:                Closed
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     JOSSO 1.8.5
Fix Version/s:         JOSSO 1.8.5

Type:                  Improvement                         Priority:              Major
Reporter:              Bobby Lawrence                      Assignee:              Goran Nastov
Resolution:            Duplicate                           Votes:                 0
Environment:           agent running on Windows 2003 Server, IIS 6, gateway running on Weblogic 10.2


Description
The ISAPI agent won't make web services calls to the gateway over SSL. The "gatewayEndpoint" variable in the .ini
file can only contain a server and port number combination. The "http" protocol is always prepended, along with the
web service context, therefore I cannot communicate with the gateway securely.
It would be nice if you could specify a scheme, host and port combination for the "gatewayEndpoint". SSL
communication can be done with free OpenSSL libraries.



Comments
Comment by Goran Nastov [ 08/Dec/10 7:39 AM ]
This issue is duplicate of JOSSO-245 which is currently in progress.
[JOSSO-180] Remember Me Created: 17/Dec/09                          Updated: 20/Jan/11 Resolved: 28/Dec/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                  Priority:                 Minor
Reporter:                Venkata Ramana                       Assignee:                 Goran Nastov
Resolution:              Work as Designed                     Votes:                    0
Environment:             HP-UX, Tomcat 6, Josso 1.8.0

Attachments:                josso config files.zip       new config files.zip       tomcat.log        tomcat.log

Description
Facing problem with 'Remember Me' configuration. First time when user try to access the partner application, Josso
server (which was deployed in tomcat) challenging the user with the logon page. Once the user enters the logon
credentials and checked the 'Remember Me' check box, it is authenticating user credentials and redirecting back to
the partner application. During this process, it is creating 2 cookies in the client browser. One is JOSSO_SESSIONID
and another is JOSSO_REMEMBERME_josso. Second time when user tries to access the application, again it is
popping up the logon page. Expecting that it should not bring the logon page from second time onwards. And
observed that maximum age set for the cookie JOSSO_REMEMBERME_josso is -1. That means it is going to be
killed once the user closes browser window.

Set rememberMeMaxAge="1800000" and rememberMeEnabled="true" in josso-gateway-web.xml.

Are there any extra setting that are required to make this cookie persitent?

Went through the source code and observed that, by default josso expected to set the max age of
rememberMeCookie to one year. Somehow it is failing to do so. Using one of the simple partner application, set the
max age of that cookie. By doing so it is working fine. Also observed that, when request sent to josso for the second
time with rememberMecookie, it appears that josso killing that cookie. Can you please explain how rememberMe
feature works in josso?

Please find the attached configuration files.

Comments
Comment by Goran Nastov [ 18/Dec/09 9:14 AM ]
I tried it but it works for me out of the box. I also tried you setup (to use https for gateway etc.) but it still works.
There is a one thing in your configuration that might cause the problem, you are importing two stores configuration
files in josso-gateway-config.xml:

<s:import resource="josso-gateway-db-stores.xml" />
<s:import resource="josso-gateway-stores.xml" />

You should use only one or make sure you are not defining the same beans (with same bean id) in both of them.
Try to "fix" this and let me know if remember me still doesn't work.

What browser are you using?
Comment by Venkata Ramana [ 18/Dec/09 12:49 PM ]
I will try tomorrow as per your suggestion. The browser i am using is IE6. One thing i aslo observed is it is working
fine in Google Chrome. Google Chrome has the option of saving the passwords. If i use that 'save passwords' featute
it is working fine with out any issues. Do you think there could be problem with IE settings ?
Comment by Venkata Ramana [ 19/Dec/09 11:31 PM ]
I commented out "<s:import resource="josso-gateway-db-stores.xml" />" in josso-gateway-config.xml. It didn't resolve
the problem.
Attached the tomcat debug log. See if you can make out any thing from this.
Comment by Goran Nastov [ 20/Dec/09 7:11 AM ]
Ok, I tried it with IE6 and remember me is not working. However, it looks like it's fixed in the latest JOSSO version.
Is it possible for you to switch to the newer version of JOSSO (it's working with JOSSO-1.8.2-r1573 but I think it might
also work with 1.8.1)?
Comment by Venkata Ramana [ 21/Dec/09 7:31 AM ]
It appears that Remember Me is working fine in Josso1.8.2. Remember Me cookie is getting created. But there was a
problem in opening the partner app. May be some mis-configuration. Attached is tomcat debug log. Can you please
look into that ?
Comment by Venkata Ramana [ 21/Dec/09 7:32 AM ]
New Config files attached
Comment by Goran Nastov [ 21/Dec/09 9:03 AM ]
What is the exact problem with the partner application? Can you open it? When you click on Login does it redirect
you to josso gateway? What happens when you try to login?

If you use JOSSO 1.8.2 you MUST use both agent and gateway from 1.8.2.
Comment by Venkata Ramana [ 21/Dec/09 10:20 AM ]
Redirecting to this URL with the below error on the page:
https://md1npddev10:7443/partnerapp/josso_security_check?josso_assertion_id=3D2FB97D5BDACDD0

Error:
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:532)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
java.lang.Thread.run(Thread.java:619)

Comment by Venkata Ramana [ 21/Dec/09 10:39 AM ]
I have observed one thing in josso-gateway-db-stores.xml i.e JOSSO_USER_CERTIFICATE table. We don't have
that table in josso schema. I don't see any script to create that table.

And one more thing is, do we need have both josso-gateway-db-stores.xml, josso-gateway-stores.xml ? I am
configuring the data source in josso-gateway-stores.xml. What is the difference between these two ? Which one is
appropriate to you ?
Comment by Goran Nastov [ 21/Dec/09 12:40 PM ]
You don't need both of them, you can use only one as long as you define all three stores there (identity, session and
assertion store).
Can you try it with memory store (just import josso-gateway-memory-stores.xml instead of josso-gateway-stores.xml
and try to login with user1/user1pwd).

You are using the gateway from 1.8.2, right (I see some soap errors ... josso 1.8.2 web services are not compatible
with previous josso versions)?
Comment by Venkata Ramana [ 22/Dec/09 7:43 AM ]
I am doubting on this below log statement. I don't understand why it is returning 'null' during 'findUserInSession'

21 Dec 2009 08:26:03,720 DEBUG [createPreparedStatement()] : (SELECT NAME, VALUE FROM
JOSSO_USER_PROPERTY WHERE LOGIN = ?)
21 Dec 2009 08:26:03,722 DEBUG [findUserInSession(420FD2804C77B8870DFFFA3FB3459D86)] Found : null

It appears that above error eventually causing the below i/o exception.

21 Dec 2009 08:26:03,727 ERROR Exception:
java.io.IOException: Non nillable element 'name' is null.
Comment by Goran Nastov [ 23/Dec/09 11:31 AM ]
Change:
userQueryString="SELECT NAME FROM JOSSO_USER WHERE LOGIN = ?"

to:
userQueryString="SELECT LOGIN AS NAME FROM JOSSO_USER WHERE LOGIN = ?"

in josso-gateway-stores.xml
Comment by Venkata Ramana [ 28/Dec/09 5:42 AM ]
Its working fine after changing the userQueryString in josso-gateway-stores.xml. But there is no problem with the
same query in 1.8.0.
Anyways, rememberMe is working fine in Josso v1.8.2. Thanks very much for your support.
Comment by bb narasimhulu [ 20/Jan/11 6:25 AM ]
I am facing the same problem.
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:532)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
java.lang.Thread.run(Thread.java:619)

Can any one please guide me how to come out of this error. I m using JOSSO-1.8.2-r1573.jar
I modified josso-gateway-db-stores.xml for userQueryString="SELECT LOGIN AS NAME FROM JOSSO_USER
WHERE LOGIN = ?" from userQueryString="SELECT NAME FROM JOSSO_USER WHERE LOGIN = ?"

Regards,
Narasimhulu BB
[JOSSO-179] NTLM authentication fails with the Apache 2.2 agent Created:
18/Nov/09 Updated: 20/Jul/10 Resolved: 23/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            Apache HTTP 2.2 Agent, NTLM Auth Scheme
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                  Priority:              Major
Reporter:               Filip Nollet                         Assignee:              Goran Nastov
Resolution:             Fixed                                Votes:                 0
Environment:            RHEL 5.4 x86_64, Apache 2.2.13 as agent, Tomcat 6.0.20 as gateway

Attachments:                tomcat_error_ntlm_authentication.log

Description
After successful authentication with the NTLM backend, the forwarding to the website fails with this error on the agent
side:

[Wed Nov 18 15:40:09 2009] [debug] mod_auth_josso.c(324): [client 10.3.154.20] resolving assertion
[CA2000EF79636ADB]
[Wed Nov 18 15:40:09 2009] [debug] mod_auth_josso.c(328): [client 10.3.154.20] assertion resolved to session
identifier [32AE7B24C49B583BC70D724FE4F7DB30]
[Wed Nov 18 15:40:09 2009] [debug] mod_auth_josso.c(333): [client 10.3.154.20] redirecting to original url
[http://vmbiotest2.be.bayercropscience:80/test]
[Wed Nov 18 15:40:09 2009] [debug] mod_auth_josso.c(356): [client 10.3.154.20] obtaining user for SSO session
[32AE7B24C49B583BC70D724FE4F7DB30]
[Wed Nov 18 15:40:10 2009] [debug] mod_auth_josso.c(550): [client 10.3.154.20] Soap error... error code: [14], error
message: [(null)]
[Wed Nov 18 15:40:10 2009] [debug] mod_auth_josso.c(363): [client 10.3.154.20] there is no user for session [(null)]
[Wed Nov 18 15:40:10 2009] [debug] mod_auth_josso.c(438): [client 10.3.154.20] Redirecting user for authentication
to
[http://vmbiotest.be.bayercropscience:8080/josso/signon/login.do?josso_cmd=login_optional&josso_partnerapp_host
=vmbiotest2.be.bayercropscience&josso_partnerapp_ctx=/test&josso_back_to=http://vmbiotest2.be.bayercropscienc
e:80/test/josso_security_check]


The errors on the gateway side: see attached file for full log
These are the first lines:

Nov 18, 2009 3:31:48 PM org.apache.axis.encoding.ser.BeanSerializer serialize
SEVERE: Exception:
java.io.IOException: Non nillable element 'name' is null.
     at org.apache.axis.encoding.ser.BeanSerializer.serialize(BeanSerializer.java:215)
     at org.apache.axis.encoding.SerializationContext.serializeActual(SerializationContext.java:1504)
     at org.apache.axis.encoding.SerializationContext.serialize(SerializationContext.java:980)
     at org.apache.axis.encoding.SerializationContext.outputMultiRefs(SerializationContext.java:1055)
     at org.apache.axis.message.SOAPBody.outputImpl(SOAPBody.java:145)
     at org.apache.axis.message.SOAPEnvelope.outputImpl(SOAPEnvelope.java:478)
     at org.apache.axis.message.MessageElement.output(MessageElement.java:1208)
     at org.apache.axis.SOAPPart.writeTo(SOAPPart.java:315)
     at org.apache.axis.SOAPPart.writeTo(SOAPPart.java:269)
     at org.apache.axis.SOAPPart.saveChanges(SOAPPart.java:530)
     at org.apache.axis.attachments.AttachmentsImpl.getAttachmentCount(AttachmentsImpl.java:554)
     at org.apache.axis.Message.getContentType(Message.java:486)
     at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:775)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
      at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:290)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
      at java.lang.Thread.run(Thread.java:619)
Nov 18, 2009 3:31:48 PM org.apache.axis.attachments.AttachmentsImpl getAttachmentCount
WARNING: Exception:
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode:
 faultString: java.io.IOException: java.io.IOException: Non nillable element 'name' is null.
 faultActor:
 faultNode:
 faultDetail:
      {http://xml.apache.org/axis/}stackTrace:java.io.IOException: java.io.IOException: Non nillable element 'name' is
null.
      at org.apache.axis.encoding.ser.BeanSerializer.serialize(BeanSerializer.java:275)
      at org.apache.axis.encoding.SerializationContext.serializeActual(SerializationContext.java:1504)
      at org.apache.axis.encoding.SerializationContext.serialize(SerializationContext.java:980)
      at org.apache.axis.encoding.SerializationContext.outputMultiRefs(SerializationContext.java:1055)
      at org.apache.axis.message.SOAPBody.outputImpl(SOAPBody.java:145)
      at org.apache.axis.message.SOAPEnvelope.outputImpl(SOAPEnvelope.java:478)
      at org.apache.axis.message.MessageElement.output(MessageElement.java:1208)
      at org.apache.axis.SOAPPart.writeTo(SOAPPart.java:315)
      at org.apache.axis.SOAPPart.writeTo(SOAPPart.java:269)
      at org.apache.axis.SOAPPart.saveChanges(SOAPPart.java:530)
      at org.apache.axis.attachments.AttachmentsImpl.getAttachmentCount(AttachmentsImpl.java:554)
      at org.apache.axis.Message.getContentType(Message.java:486)
      at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:775)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
      at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:290)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
      at java.lang.Thread.run(Thread.java:619)

     {http://xml.apache.org/axis/}hostname:vmbiotest.be.bayercropscience

java.io.IOException: java.io.IOException: Non nillable element 'name' is null.
Comments
Comment by Goran Nastov [ 19/Nov/09 6:15 PM ]
I can reproduce the error using tomcat agent and LDAP (without NTLM). The problem occurs after the authentication
when the gateway is trying to load user (based on the username) from the identity store. When I change the
username (using remote debugging) to null or to some non-existing user, I get the exact same error: "Non nillable
element 'name' is null". This is because the current LDAP identity store implementation is always returning the User
instance even if it can not find the user (it will set the "name" in User instance to null and that's why you get that
error). This will be fixed in version 1.8.2 (NoSuchUserException will be thrown instead of returning User instance with
null name) but it will not resolve your problem (even if you can use 1.8.2) because your problem is that identity store
implementation can not find your user based on the username.

I think that there might be something wrong with your LDAP identity store configuration (in josso-gateway-ldap-
stores.xml ... you are using the LDAP store (Active Directory), right?). You can check the following:
- check if usersCtxDN is correctly set, it should be the context in which LDAP identity store implementation can find
your users
- check if principalUidAttributeID is set to the attribute name that contains the username (in your user entries)

Default settings in the josso-gateway-ldap-stores.xml from JOSSO distribution (1.8.2-SNAPSHOT) are:
usersCtxDN="CN=Users,dc=NT-DOMAIN"
principalUidAttributeID="sAMAccountName"
Comment by Filip Nollet [ 20/Nov/09 2:32 AM ]
Indeed, apparently a misconfiguration issue then. I fixed this in 5 seconds changing the "usersCtxDN" to a working
value, so very good advice indeed :-)

It would be great to have a more readable error in this case (as you suggest). Thanks very much for the help.


Filip
[JOSSO-178] JOSSO Tomcat incompatibility with Apache OpenEJB /
CXF 2.x Created: 16/Nov/09 Updated: 21/Dec/09
Status:                 Open
Project:                JOSSO
Component/s:            Tomcat 6.0 Agent
Affects Version/s:      JOSSO 1.8, JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:          None

Type:                   Bug                                  Priority:             Critical
Reporter:               Martin Buch                          Assignee:             Sebastian Gonzalez Oyuela
Resolution:             Unresolved                           Votes:                0
Environment:            Java 6 (Update 16) on Tomcat 6.0.20 with OpenEJB 3.1.2


Description
Hello,

we are using Tomcat (6.0.20) with Apache OpenEJB Container (3.1.2) and facing problems deploying webservice
applications using Apache CXF 2.x (2.0.9 or 2.2.2).
Actual OpenEJB itself comes with Apache CXF 2.0.9.
Deploying the webapp under Tomcat+JOSSO or Tomcat+OpenEJB is no problem, but Tomcat+JOSSO+OpenEJB
does not work.
The webapps are deployed under control of OpenEJB and the problem seem to be common Axis 1.4 libraries JOSSO
is installing in Tomcat's lib folder:
axis-jaxrpc-1.4.jar
axis-wsdl4j-1.5.1.jar
I think the critical fact is the JAX-RPC 1.1 Axis 1.4 and JOSSO needs while CXF uses JAX-WS 2.0. Both in
coexistance bringing up deployment errors.
What I saw is that axis-wsdl4j-1.5.1.jar does not match wsdl4j-1.6.1.jar coming with OpenEJB, and axis-jaxrpc-1.4.jar
does not match javaee-api-5.0-2.jar of OpenEJB.

Related to to this problems I have some other questions:
Can JOSSO be run with CXF instead of Axis 1.4?
Axis 1.4 is rather old and I don't like to see it in Tomcats common libs. IMHO Axis 1.4 is contemporary and hinders
future development of JOSSO.
Do you have any known issues on the compatibility of JOSSO with Apache OpenEJB?

thanks for any help,
Martin

Comments
Comment by Martin Buch [ 16/Nov/09 7:16 AM ]
Hello,

I can provide some additional information.

Now I've found that when replacing axis-wsdl4j-1.5.1.jar by wsdl4j-1.6.1.jar and removing axis-ant-1.4.jar from
Tomcat's lib dir, then
the deployment works without error.

With axis-ant-1.4.jar I get following errors during deployment:

- Error deploying CXF webservice for servlet ...
java.lang.NullPointerException
at java.io.FilterInputStream.close(FilterInputStream.java:155)
at sun.net.www.protocol.jar.JarURLConnection$JarURLInputStream.close(JarURLConnection.java:90)
at org.apache.cxf.resource.ExtendedURIResolver.close(ExtendedURIResolver.java:75)
at org.apache.cxf.catalog.CatalogWSDLLocator.close(CatalogWSDLLocator.java:122)
at org.apache.cxf.wsdl11.ResourceManagerWSDLLocator.close(ResourceManagerWSDLLocator.java:68)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:211)
at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:176)
at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:81)
at
org.apache.cxf.service.factory.ReflectionServiceFactoryBean.buildServiceFromWSDL(ReflectionServiceFactoryBean
.java:285)
at
org.apache.cxf.service.factory.ReflectionServiceFactoryBean.initializeServiceModel(ReflectionServiceFactoryBean.ja
va:381)
at org.apache.cxf.service.factory.ReflectionServiceFactoryBean.create(ReflectionServiceFactoryBean.java:169)
at org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean.create(JaxWsServiceFactoryBean.java:98)
at org.apache.openejb.server.cxf.pojo.PojoEndpoint.<init>(PojoEndpoint.java:53)
at org.apache.openejb.server.cxf.pojo.PojoWsContainer.createEndpoint(PojoWsContainer.java:38)
at org.apache.openejb.server.cxf.pojo.PojoWsContainer.createEndpoint(PojoWsContainer.java:26)
at org.apache.openejb.server.cxf.CxfWsContainer.start(CxfWsContainer.java:70)
at org.apache.openejb.server.cxf.pojo.PojoWsContainer.start(PojoWsContainer.java:43)
at org.apache.openejb.server.cxf.CxfService.createPojoWsContainer(CxfService.java:69)
at org.apache.openejb.server.webservices.WsService.afterApplicationCreated(WsService.java:310)
at org.apache.openejb.tomcat.catalina.TomcatWebAppBuilder.afterStart(TomcatWebAppBuilder.java:303)
at org.apache.openejb.tomcat.catalina.GlobalListenerSupport.lifecycleEvent(GlobalListenerSupport.java:60)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4424)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:526)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:850)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:724)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:493)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1206)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:314)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:722)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:516)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)

Hence there must be something that axis-ant-1.4.jar is doing during deployment here which I think is rather crazy
because
what should Axis Ant tasks do at runtime? I thought they are made for build management.
The question is, why axis-ant-1.4.jar is needed for JOSSO?

From my point of view the bug can be reduced to prio "major" then.

Martin
Comment by Sebastian Gonzalez Oyuela [ 21/Dec/09 6:45 AM ]
Once you removed this files, were you able to make JOSSO and OpenEJB work after deployment ?
[JOSSO-177] SSOSession returned by the
WebserviceSSOSessionManager always returns isValid() == false Created:
13/Nov/09 Updated: 20/Jul/10 Resolved: 23/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            Back Channel Protocol
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                               Priority:               Major
Reporter:               Richard Vermillion                Assignee:               Goran Nastov
Resolution:             Fixed                             Votes:                  0


Description
If you use the SSOSessionManagerService to get an SSOSession object with the getSession method, it will delegate
to the WebserviceSSOSessionManager which will then do the appropriate SOAP call to the gateway.

Unfortunately the SSOSessionType object returned by the SOAP call does not pass the value of the _valid member
variable. In the adaptSSOSession method, the SSOSessionType object is converted to a MutableBaseSession object
and the values of the member variables are copied. However, the _valid member variable defaults to false. Therefore,
if you call isValid() of the returned session, you will always get false.

The proper fix is to expand the SSOSessionType object to pass back whether the SSOSession on the gateway is
valid.

But in the mean time, if the assumption is that only valid sessions will be returned, the adaptSSOSession method
should be changed to:

 protected SSOSession adaptSSOSession(SSOSessionType srcSSOSession) {

      MutableBaseSession targetSSOSession = new MutableBaseSession();

      targetSSOSession.setId(srcSSOSession.getId());
      targetSSOSession.setCreationTime(srcSSOSession.getCreationTime());
      targetSSOSession.setLastAccessedTime(srcSSOSession.getLastAccessTime());
      targetSSOSession.setMaxInactiveInterval(srcSSOSession.getMaxInactiveInterval());
      targetSSOSession.setUsername(srcSSOSession.getUsername());
      targetSSOSession.setAccessCount(srcSSOSession.getAccessCount());
      // Explicitly make the session valid....
      targetSSOSession.setValid(true);

      return targetSSOSession;

  }
[JOSSO-176] Automatic login shouldn't be attempted when executing
JOSSifyed PHP scripts in batch mode Created: 11/Nov/09 Updated: 22/Oct/10
Status:              Open
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8.1
Fix Version/s:       None

Type:                Improvement         Priority:    Minor
Reporter:            Gianluca Brigandi   Assignee:    Sebastian Gonzalez Oyuela
Resolution:          Unresolved          Votes:       0
[JOSSO-175] Ntlm descriptors are not installed Created: 09/Nov/09   Updated: 20/Jul/10
Resolved: 17/Mar/10
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Bug                 Priority:      Minor
Reporter:             Gianluca Brigandi   Assignee:      Sebastian Gonzalez Oyuela
Resolution:           Fixed               Votes:         0
[JOSSO-174] Update Windows Authentication Setup Documentation
Created: 09/Nov/09 Updated: 22/Oct/10
Status:                 Open
Project:                JOSSO
Component/s:            Documentation
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          None

Type:                   Improvement                          Priority:                Major
Reporter:               Gianluca Brigandi                    Assignee:                Gianluca Brigandi
Resolution:             Unresolved                           Votes:                   0


Description
Documentation improvements to be performed :

1. setting up ntlm pre-authentication (e.g. creating account & setting properties)

2. Forcing lmCompatibility value to '0' upon web container startup (e.g. setenv.sh)

3. Firefox settings for disabling credential window popup
[JOSSO-173] JCIFS properties values set programmatically not
accessible by JCIFS Created: 07/Nov/09 Updated: 20/Jul/10 Resolved: 09/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            NTLM Auth Scheme
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                Priority:               Major
Reporter:               Gianluca Brigandi                  Assignee:               Gianluca Brigandi
Resolution:             Fixed                              Votes:                  0


Description
only JVM system properties seem to work correctly.



Comments
Comment by Gianluca Brigandi [ 09/Nov/09 4:40 PM ]
Some jcifs properties are loaded upon class load and never refreshed such as this way :

  private static final int LM_COMPATIBILITY =
       Config.getInt("jcifs.smb.lmCompatibility", 3);

This doesn't give JOSSO the chance to map its metadata to this type of jcifs properties.

The only way to workaround this issue it to set these type of JCIFS properties directly using JVM system properties
upon web container startup such as :

-Djcifs.smb.lmCompatibility=0
[JOSSO-172] Ntlm authentication fails after first attempt Created: 07/Nov/09                                    Updated:
20/Jul/10 Resolved: 09/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            NTLM Auth Scheme
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:                Major
Reporter:               Gianluca Brigandi                   Assignee:                Gianluca Brigandi
Resolution:             Fixed                               Votes:                   0


Description
The second time an Ntlm authentication for a user is attempted it fails returning an "Access Denied" error.



Comments
Comment by Gianluca Brigandi [ 07/Nov/09 4:51 PM ]
the workaround is to create a dummy account for Ntlm pre-authentication and set these credentials using the
following system properties upon web container startup :

-Djcifs.smb.client.username=dummyAccountName

-Djcifs.smb.client.password=dummyAccountPassword




Comment by Gianluca Brigandi [ 09/Nov/09 5:23 PM ]
added properties to ntlm protocol handler for setting pre-authentication account credentials onto the underlying jcifs
stack
[JOSSO-171] Credentials are dumped upon failed console authentication
attempt Created: 02/Nov/09 Updated: 20/Jul/10 Resolved: 12/Jan/10
Status:                 Closed
Project:                JOSSO
Component/s:            Weblogic 10 Agent, Weblogic 8.1 Agent, Weblogic 9.2 Agent
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:                Major
Reporter:               Raghu Gandluri                      Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                   0


Description
When Weblogic starts up, it is logging the admin user id and password to the console log at INFO level. It is
specifically coming from org.josso.wls92.agent.jaas.SSOGatewayLoginModuleImpl.

Comments
Comment by Goran Nastov [ 28/Dec/09 11:08 AM ]
I tried it but I cannot reproduce it (I don't think JOSSO is logging password anywhere).
It is not very clear to me when this issue occurs. Are you saying that when weblogic starts it tries to login the admin
user (weblogic console user?)? Or is it happening when you try to login to weblogic console with invalid credentials?
Comment by Raghu Gandluri [ 04/Jan/10 9:28 AM ]
Goran,
Admin user id and password are logged during weblogic startup. The actual logged message is below (from log4j):

2009-11-01 13:58:02,458 155430627 INFO
[org.josso.wls92.agent.jaas.SSOGatewayLoginModuleImpl] ([ACTIVE] ExecuteThread: '6' for queue:
'weblogic.kernel.Default (self-tuning)':) Session requested authentication to gateway :
weblogic/weblogic

weblogic.log:2009-10-30 19:47:41,022 9191 INFO
[org.josso.wls92.agent.jaas.SSOGatewayLoginModuleImpl] ([ACTIVE] ExecuteThread: '0'
for queue: 'weblogic.kernel.Default (self-tuning)':) Session requested authentication to gateway :
weblogic/weblogic
[JOSSO-170] Support Non-JAAS Agents Created: 29/Oct/09                                 Updated: 20/Jul/10 Resolved:
02/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            Generic Servlet Agent, JBoss 3.2 Agent, JBoss 4.0 Agent, JBoss 4.2 Agent, Tomcat 5.0
                        Agent, Tomcat 5.5 Agent, Tomcat 6.0 Agent
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                          Priority:                Major
Reporter:               Gianluca Brigandi                    Assignee:                Goran Nastov
Resolution:             Fixed                                Votes:                   0

Attachments:                agent_sdk_impr.jpg

Description
There is no OOTB support for deploying current JEE SSO agents without depending on Jaas .

In order to do this with 1.8.1, custom extensions are required. The following blog post shows one approach for
achieving this :

http://decaffeination.eu/2009/10/18/mission-possible-generic-jee-inegration-between-josso-1-8-1-agent-seam-2-2-0-
and-jboss-5-1-0-ga/

A new breed of JEE-based SSO agents - not depending on JAAS for authenticating remote assertions - must be
introduced.
The rationale behind this it to mainly ease the integration by avoiding conflicts with underlying application platforms
(e.g. JBoss Seam) which already leverage JAAS for their own specific identity layer. Furthermore, this would allow
Agent deployment in non-JEE environments.

This new breed of agents is called "native agents".
[JOSSO-169] Tomcat shutdown inhibited by AssertionMonitor thread
Created: 29/Oct/09 Updated: 20/Jul/10 Resolved: 02/Nov/09
Status:                  Closed
Project:                 JOSSO
Component/s:             SSO Gateway, Tomcat 6.0 Agent
Affects Version/s:       JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                 Priority:          Major
Reporter:                Martin Buch                         Assignee:          Goran Nastov
Resolution:              Fixed                               Votes:             0
Environment:             Windows XP SP3, Java 6


Description
It seems that a regular shutdown of Tomcat is inhibited by the JOSSOAssertionManager thread.

Looking at the code in AssertionManagerImpl offers why.
The thread loops forever and no InterruptedException can stop it:

public void run() {
             do {
                try {
                    .......
                    synchronized (this ) {
                        try {
                            .......
                            wait(_interval);
                            .......
                        } catch (InterruptedException e) {
                            logger.warn(e, e);
                        }
                   }
               }
                .......
             } while (true);
           }
        }

Regards
Martin

Comments
Comment by Gianluca Brigandi [ 29/Oct/09 6:07 PM ]
SSO Session Monitoring functionality should also be examined since the implementation is based on the Assertion
Monitoring one.
[JOSSO-168] Protocol handler descriptor is not installed Created: 29/Oct/09
Updated: 20/Jul/10 Resolved: 17/Mar/10
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.2
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:               Minor
Reporter:               Gianluca Brigandi                   Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0


Description
the sample descriptor - defining the ntlm protocol handler - is not installed although there is a commented declaration
within the main gateway descriptor which references it

Comments
Comment by Sebastian Gonzalez Oyuela [ 17/Mar/10 3:46 PM ]
Let's define protocol manager in josso-gateway-config and avoid the new file
[JOSSO-167] Support CRL-based X.509 certificate validation Created: 23/Oct/09
Updated: 20/Jul/10 Resolved: 24/Nov/09
Status:                Closed
Project:               JOSSO
Component/s:           Strong Auth Scheme
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Improvement          Priority:   Major
Reporter:              Gianluca Brigandi    Assignee:   Goran Nastov
Resolution:            Fixed                Votes:      0
[JOSSO-166] Support OCSP-based X.509 certificate validation Created:
22/Oct/09 Updated: 20/Jul/10 Resolved: 10/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            Strong Auth Scheme
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                Priority:   Critical
Reporter:               Gianluca Brigandi          Assignee:   Goran Nastov
Resolution:             Fixed                      Votes:      0
Support JASPI (JSR 196) (JOSSO-161)


   [JOSSO-165] Write JSR196 deployment how-to Created: 22/Oct/09     Updated: 20/Jul/10
Resolved: 17/Nov/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task            Priority:   Major
Reporter:             Gianluca Brigandi   Assignee:   Goran Nastov
Resolution:           Fixed               Votes:      0
Support JASPI (JSR 196) (JOSSO-161)


  [JOSSO-164] Add support for deploying JSR196 agents from the
console Created: 22/Oct/09 Updated: 20/Jul/10 Resolved: 02/Nov/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.2

Type:                Sub-task            Priority:   Critical
Reporter:            Gianluca Brigandi   Assignee:   Goran Nastov
Resolution:          Fixed               Votes:      0
[JOSSO-163] SSO does not work for applications running as different
user (RunAs) Created: 22/Oct/09 Updated: 22/Dec/09 Resolved: 24/Oct/09
Status:                 Closed
Project:                JOSSO
Component/s:            NTLM Auth Scheme, SSO Gateway
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          None

Type:                   Bug                                 Priority:             Major
Reporter:               Martin Buch                         Assignee:             Sebastian Gonzalez Oyuela
Resolution:             Work as Designed                    Votes:                0
Environment:            Windows XP SP3


Description
JOSSO's Single Sign On functions do not work when running applications under differens user, i.e. using the "RunAs"
command.

I've tested partnerapp sample with NTLM calling from a Browser (IE6 or Firefox) started by "RunAs", e.g.
   runas.exe /user:<domain>\<user> /netonly iexplore.exe \"http://localhost:8080/partnerapp\""

After providing the credentials the browser starts and opens the partnerapp.
SSO works when using RunAs with the current logged on user.
It does not using a different user.

I didn't find any hints whether RunAs is configurable or supported.



Comments
Comment by Gianluca Brigandi [ 22/Oct/09 4:43 PM ]
NTLM support hasn't been tested in this specific setting.

does a non-JOSSO backed NTLM authentication work ?

please attach gateway and jcifs logs in debug mode corresponding to a failed NTLM session (e.g. runas user different
from the currently logged user).

The jcifs (ntlm stack) log level can be increased by including within the $CATALINA_HOME/setenv.sh script the
following :
"-Djcifs.util.loglevel=10". The output should be emitted onto the catalina.out file.




Comment by Martin Buch [ 23/Oct/09 3:38 PM ]
I think I've found the problem. I configured a wrong domain controller with NTLM.
It must be the domain controller that is responsible for the domain used with the RunAs command.

Sorry for the false alarm, you can close the issue.
[JOSSO-162] fresh build fails Created: 22/Oct/09                 Updated: 22/Oct/09 Resolved: 22/Oct/09
Status:                Closed
Project:               JOSSO
Component/s:           Build System
Affects Version/s:     JOSSO 1.8.2
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                Priority:               Blocker
Reporter:              Gianluca Brigandi                  Assignee:               Goran Nastov
Resolution:            Cannot Reproduce                   Votes:                  0


Description
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] The plugin 'org.apache.geronimo.buildsupport:car-maven-plugin' does not exist or no valid version could be
found
[INFO] ------------------------------------------------------------------------
[INFO] For more information, run Maven with the -e switch
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 10 seconds
[INFO] Finished at: Thu Oct 22 11:09:12 ARST 2009
[INFO] Final Memory: 17M/152M
[INFO] ------------------------------------------------------------------------

Comments
Comment by Gianluca Brigandi [ 22/Oct/09 1:01 PM ]
it's working now. Geronimo m2 repositories were probably not accessible when build was attempted.
[JOSSO-161] Support JASPI (JSR 196) Created: 20/Oct/09                      Updated: 20/Jul/10 Resolved: 02/Nov/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 New Feature                      Priority:              Critical
Reporter:             Sebastian Gonzalez Oyuela        Assignee:              Goran Nastov
Resolution:           Fixed                            Votes:                 0

Sub-Tasks:            Key                Summary                Type         Status      Assignee
                      JOSSO-164          Add support for        Sub-task     Closed      Goran Nastov
                                         deploying JSR196
                                         agen...
                      JOSSO-165          Write JSR196           Sub-task     Closed      Goran Nastov
                                         deployment how-to

Description
Implement JOSSO Agent based on the JASPI standard, in order for JASPI-enabled web containers to provide Single
Sign-On to JEE applications.
[JOSSO-160] maven build fails with "XPP3 pull parser library not
present. Specify another driver. For example: new XStream(new
DomDriver())" Created: 09/Oct/09 Updated: 20/Jul/10 Resolved: 21/Oct/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                 Priority:                   Major
Reporter:               Sandeep                             Assignee:                   Goran Nastov
Resolution:             Fixed                               Votes:                      0
Environment:            Maven 2.2.1, JDK1.6

Attachments:               MavenErrorStackTrace.txt

Description
The following error stops the build process: "XPP3 pull parser library not present. Specify another driver. For
example: new XStream(new DomDriver())".

This was tested with JDK1.5.x as well as Maven 2.0.10, 2.1. This appears to be a Maven issue with XTream plugin
which is used to build the .war file.
Any help would be appreciated.

Thanks

Sandeep

Comments
Comment by Sebastian Gonzalez Oyuela [ 11/Oct/09 8:01 PM ]
This is the bug reported in Maven War plugin issue tracker: http://jira.codehaus.org/browse/MWAR-184
Unfortunately the fix hasn't been released yet.

I tried several pugin lversions with maven 2.0.9 and 2.0.10 and all are working fine.
You should try to do the following things:

1. Edit JOSSO root pom and specify the version for maven war plugin, you can try version 2.1-beta-1 or 2.0.2, and
rebuild JOSSO.

2. Remove all the plugin version stored in your maven local repository and rebuild JOSSO

rm -rf $HOME.m2/repository/org/apache/maven/plugins/maven-war-plugin/

This should download the latest plugin.

Let me know how it goes.
Comment by Gianluca Brigandi [ 21/Oct/09 2:20 PM ]
did you manage to make this work based on our previous feedback ?
[JOSSO-159] Support enabling NTLM logging Created: 08/Oct/09   Updated: 20/Jul/10
Resolved: 08/Oct/09
Status:               Closed
Project:              JOSSO
Component/s:          NTLM Auth Scheme
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Improvement         Priority:   Minor
Reporter:             Gianluca Brigandi   Assignee:   Gianluca Brigandi
Resolution:           Fixed               Votes:      0
[JOSSO-158] Support WINS resolution for Ntlm based authentication
Created: 07/Oct/09 Updated: 20/Jul/10 Resolved: 08/Oct/09
Status:                 Closed
Project:                JOSSO
Component/s:            NTLM Auth Scheme
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   New Feature                         Priority:            Major
Reporter:               Gianluca Brigandi                   Assignee:            Gianluca Brigandi
Resolution:             Fixed                               Votes:               0


Description
WINS server IP address must be configurable and used if no domain controller IP address is specified.
[JOSSO-157] Retrofit the NTLM stack Created: 07/Oct/09           Updated: 20/Jul/10 Resolved: 08/Oct/09
Status:                Closed
Project:               JOSSO
Component/s:           NTLM Auth Scheme
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Improvement                   Priority:       Minor
Reporter:              Gianluca Brigandi             Assignee:       Gianluca Brigandi
Resolution:            Fixed                         Votes:          0


Description
Upgrade JCIFS from the 1.2.6 to the 1.3.12 release
[JOSSO-156] JOSSO 1.8.1 packaging includes Spring-2.0.6.jar Created:
30/Sep/09 Updated: 20/Jul/10 Resolved: 06/Oct/09
Status:                  Closed
Project:                 JOSSO
Component/s:             Build System
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                    Priority:              Major
Reporter:                Vargo                                  Assignee:              Goran Nastov
Resolution:              Fixed                                  Votes:                 0


Description
I think josso-1.8.1 is incorrectly including a (very) old version of Spring (2.0.6):

$ find josso-1.8.1/ -iname spring*jar
josso-1.8.1/dist/agents/lib/spring-support-1.2.9.jar
josso-1.8.1/dist/agents/lib/spring-beans-2.5.5.jar
josso-1.8.1/dist/agents/lib/spring-2.0.6.jar <---- HERE
josso-1.8.1/dist/agents/lib/spring-context-2.5.5.jar
josso-1.8.1/dist/agents/lib/spring-jdbc-1.2.9.jar
josso-1.8.1/dist/agents/lib/spring-aop-2.5.5.jar
josso-1.8.1/dist/agents/lib/spring-core-2.5.5.jar
josso-1.8.1/dist/agents/lib/spring-dao-1.2.9.jar
josso-1.8.1/dist/agents/lib/spring-remoting-1.2.9.jar

but correctly was not included in 1.8.0:
$ find ../josso-1.8.0/josso-1.8.0/ -iname spring*jar
../josso-1.8.0/josso-1.8.0/dist/agents/bin/3rdparty/spring-beans-2.5.5.jar
../josso-1.8.0/josso-1.8.0/dist/agents/bin/3rdparty/spring-context-2.5.5.jar
../josso-1.8.0/josso-1.8.0/dist/agents/bin/3rdparty/spring-aop-2.5.5.jar
../josso-1.8.0/josso-1.8.0/dist/agents/bin/3rdparty/spring-core-2.5.5.jar



Comments
Comment by Vargo [ 30/Sep/09 9:38 AM ]
Also:
./josso-1.8.1/dist/agents/bin/3rdparty/spring-2.0.6.jar
Comment by Sebastian Gonzalez Oyuela [ 06/Oct/09 6:21 AM ]
This is only required by Weblogic 8.1 agents or any other agent that runs in an environment where old spring
versions are used. The solution would be to make sure that this files are not installed by the console, users can
manually replace them after deployment.
Comment by Goran Nastov [ 06/Oct/09 9:17 AM ]
Skipping spring-2.0.6.jar when installing agents with console.
(jars from /dist/agents/lib/ are not used by the console)
[JOSSO-155] Update PHP Agent documentation to reflect DOC/LIT
changes Created: 23/Sep/09 Updated: 20/Jul/10 Resolved: 23/Nov/09
Status:                   Closed
Project:                  JOSSO
Component/s:              None
Affects Version/s:        JOSSO 1.8.1
Fix Version/s:            JOSSO 1.8.2

Type:                     Task                                  Priority:                 Trivial
Reporter:                 Sebastian Gonzalez Oyuela             Assignee:                 Goran Nastov
Resolution:               Fixed                                 Votes:                    0


Description
One of the changes include using e.g. $property['!name'] (notice !) when retrieving user properties and roles, so we
should remember to update "sample page" on
http://www.josso.org/confluence/display/JOSSO1/Jossify+your+PHP+Application:

echo $property['!name'] . '=' . $property['!value'] . '<br>'; instead of: echo $property['name'] . '=' . $property['value'] .
'<br>';

See issue JOSSO-149
[JOSSO-154] X509CertificateAuthScheme does not properly heed
escape char Created: 23/Sep/09 Updated: 20/Jul/10 Resolved: 29/Sep/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8, JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.2

Type:                    Bug                                  Priority:                Minor
Reporter:                Vargo                                Assignee:                Goran Nastov
Resolution:              Fixed                                Votes:                   0


Description
[X509CertificateAuthScheme:301]
StringTokenizer st = new StringTokenizer(s, ",");

Isn't sufficient, because DNs may contain "-escaped strings. Such as:
OU="VeriSign, Inc.", OU=ECA, O=U.S. Government, C=US
So, the split /,/ actually breaks the first OU.

Comments
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/09 7:27 AM ]
Take a look at user provided patches
https://sourceforge.net/tracker/?func=detail&aid=2786673&group_id=116854&atid=676234
Comment by Goran Nastov [ 28/Sep/09 8:57 AM ]
User provided patch is ok but it doesn't include escaped chars in the parsed value, e.g. parsing something like
CN="VeriSign "something", Inc. " (maybe this isn't a realistic situation but it can be generated), it will be parsed in :
VeriSign something, Inc. and not VeriSign "something", Inc. ... so, different approach has been taken.
However, parsing will still break in both user supplied patch and implemented fix if there is a char "=" inside some
value.
Comment by Goran Nastov [ 29/Sep/09 12:31 PM ]
Using getSubjectX500Principal() instead of getSubjectDN() (which is denigrated).
Applied user provided patch (returned subject distinguished name is differently escaped and user provided patch
handles it ok). Parsing shouldn't break in any cases.
[JOSSO-153] LDAPIdentityStore doesn't support different cn/uid Created:
23/Sep/09 Updated: 19/Mar/11 Resolved: 23/Nov/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8, JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                           Priority:                Major
Reporter:               Vargo                                 Assignee:                Goran Nastov
Resolution:             Fixed                                 Votes:                   0


Description


It is likely the case the the UID in LDAP is not the same as the CN in the
certificate (esp. considering multi-CA authentication). Thus, there needs
to be an additional mapping beyond principalUIDAttr and credentialQuery
string that allows the translation something along the lines of this:
1. CN in certificate looks up in LDAP for matching entries (with
certificates; may have entries without certificates)
2. Comparison of Certificate provided against those in LDAP for
verification of same (i.e., instead of two certificates with the same CN
crossing users)
3. Conversion of the *real* UID attribute into the username; dropping CN
as the username
currently, if you use the credentialQueryString of
'credentialQueryString="cn=username,userCertificate;binary=userCertificate"
', but have 'principalUidAttributeID="uid"', resolution will fail (unless,
in the outside case, UID == CN).

Comments
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/09 7:25 AM ]
See user provided patches
https://sourceforge.net/tracker/?func=detail&aid=2817582&group_id=116854&atid=676234
Comment by Sebastian Gonzalez Oyuela [ 28/Sep/09 9:25 PM ]
More commetns provided by the user:

Basically -- as I'll explain in more detail below -- we use the CN field to lookup a list of *possible* matches, and drill-
down into the userCertificate to match against what's provided from there. In the end, though, if we find a valid user
with a registered certificate, we don't use 'CN' as the user/unique id. We have a different attribute -- uid -- that's used
for this purpose. The reason is that we cannot guarantee that 'CN' will be unique; in fact, since it stands for "Common
Name," it's almost guaranteed to not be unique.
  The culture is different, but the case we use in the U.S. is "John Smith" -- it's a fairly common name, and you may
have more than one at a given organization. Since I'm also concerned (again, more below) with multiple-
organizations, it's even more likely to have duplicate names, but different people.
Comment by Goran Nastov [ 15/Oct/09 11:21 PM ]
Changed strong authentication and identity stores (LDAP, DB, Memory store) to support authentication using
certificates that have CN (or OID value) different from user id (username). Also, if user has more than one certificate,
all of them will be returned from identity stores.
One part of the code was taken from the user provided patch.

Some new configuration properties have been added to support this:
- LDAP: principalLookupAttributeID and userCertificateAtrributeID (defaults to "userCertificate")
- DB: certificateCredentialsQueryString and uidQueryString
- Memory store: <principalLookupKey> in josso-credentials.xml
Comment by Deoggon Kim [ 19/Mar/11 7:06 AM ]
It seems doesn't working with OpenLDAP( userCertificate;binary attribute ). following is my configuration for ldap
store.

   ldap-istore:ldap-bind-store
        id="josso-identity-store"
        initialContextFactory="com.sun.jndi.ldap.LdapCtxFactory"
        providerUrl="ldaps://10.8.0.1:636"
        securityPrincipal=""
        securityCredential=""
        securityAuthentication="simple"
        ldapSearchScope="SUBTREE"
        usersCtxDN="ou=Users,dc=domain,dc=com"
        principalUidAttributeID="uid"
        uidAttributeID="uniquemember"
        rolesCtxDN="ou=Groups,dc=domain,dc=com"
        roleAttributeID="cn"
        updateableCredentialAttribute="userPassword"
principalLookupAttributeID="cn"
userCertificateAtrributeID="userCertificate;binary"
        credentialQueryString="uid=username,userCertificate;binary=userCertificate"
        userPropertiesQueryString="mail=mail,cn=cn"
        /

I guess ldap search filter '(&(cn=[certificates cn])(?userCertificate;binary=[byrearray]))' doesn't working.
[JOSSO-152] LoginSelectorAction doesn't heed properties Created: 23/Sep/09
Updated: 20/Jul/10 Resolved: 28/Sep/09
Status:                     Closed
Project:                    JOSSO
Component/s:                None
Affects Version/s:          JOSSO 1.8, JOSSO 1.8.1
Fix Version/s:              JOSSO 1.8.2

Type:                       Bug                               Priority:          Minor
Reporter:                   Vargo                             Assignee:          Goran Nastov
Resolution:                 Fixed                             Votes:             0


Description
LoginSelectorAction doesn't properly listen to SSOWebConfiguration, and is
missing other obvious configurability. For example,
SSOWebConfiguration#isRememeberMeEnabled() is not verified before checking
for RememberMe token. Likewise, StrongAuth is disabled if the user doesn't
provide a certificate -- in cases where strongAuth is the only
authentication scheme, the login should immediately terminate at this point
and redirect to error page, not go on to force-try BasicAuth anyway.

Something like:

[LoginSelectorAction ~line 99]
+ if (ssoWebConfiguration.isRememberMeEnabled()) {
String remembermeCookieName = JOSSO_REMEMBERME_TOKEN + "_" +
SSOContext.getCurrent().getSecurityDomain().getName();


and something like:
[LoginSelectorAction ~line 69]
SSOWebConfiguration ssoWebConfiguration =
SSOContext.getCurrent().getSecurityDomain().getSSOWebConfiguration();

// Strong Authentication
/*
boolean clientAuth =

(request.getAttribute("javax.servlet.request.X509Certificate") != null);
*/
ActionForward af = mapping.findForward("strong-authentication");

if (af != null) { //clientAuth) {

would be a crude work-around.

Comments
Comment by Sebastian Gonzalez Oyuela [ 23/Sep/09 7:23 AM ]
We should take a look at provided user patch:
https://sourceforge.net/tracker/?func=detail&aid=2819120&group_id=116854&atid=676234
Comment by Goran Nastov [ 28/Sep/09 10:58 AM ]
Applied rememberMe fix from provided user patch. Added configuration property for each authentication
(basicAuthenticationEnabled, strongAuthenticationEnabled, ntlmAuthenticationEnabled), all of them are true by
default.
Fixed strong authentication login url (added context path).
[JOSSO-151] 'Remember Me' function not working in PHP Agent Created:
22/Sep/09 Updated: 20/Jul/10 Resolved: 23/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Bug                                  Priority:       Minor
Reporter:               Sebastian Gonzalez Oyuela            Assignee:       Goran Nastov
Resolution:             Cannot Reproduce                     Votes:          0
Environment:            PHP 5


Description
Remember Me function not working with PHP Agent. Customer provided possible solution

[before]
function jossoRequestLoginForUrl($currentUrl, $optional) {

[after]
function jossoRequestLoginForUrl($currentUrl, $optional = null) {



Comments
Comment by Goran Nastov [ 23/Sep/09 5:56 PM ]
Could not reproduce it but applied the following fix:

[before]
function jossoRequestLoginForUrl($currentUrl, $optional) {

[after]
function jossoRequestLoginForUrl($currentUrl, $optional = FALSE) {
[JOSSO-150] Wrong Realm and Valve definition generated by JOSSO
Installer Created: 22/Sep/09 Updated: 22/Oct/10
Status:                 Open
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8, JOSSO 1.8.1, JOSSO 1.8.2
Fix Version/s:          None

Type:                   Bug                                 Priority:                Trivial
Reporter:               Dimitri Alexeev                     Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Unresolved                          Votes:                   0
Environment:            JBoss 4.2


Description
The following is a part of server.xml, generated by JOSSO Installer (agent install --platform jb42)

<!-- JOSSO JAAS Realm, configuration automatially generated by JOSSO Installer-->
<Realm
        appName="josso"
        className="org.josso.jb42.agent.JBossCatalinaRealm"
        debug="1"
        roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
        userClassNames="org.josso.gateway.identity.service.BaseUserImpl">
</Realm>

This configuration is wrong. Neither JBossCatalinaRealm nor superclass JBossSecurityMgrRealm contain
setters/getters for properties like "roleClassNames", "userClassNames", "appName" or "debug".


This configuration of Valve SSOAgentValve is also wrong: there is no setter for "appName" property.

<!-- JOSSO Agent Valve, configuration automatially generated by JOSSO Installer-->
<Valve appName="josso" className="org.josso.tc55.agent.SSOAgentValve" debug="1">
</Valve>

----

in server log we can see:

WARN [commons.digester.Digester] [SetPropertiesRule]{Server/Service/Engine/Realm}
  Setting property 'appName' to 'josso' did not find a matching property.
WARN [commons.digester.Digester] [SetPropertiesRule]{Server/Service/Engine/Realm}
  Setting property 'debug' to '1' did not find a matching property.
WARN [commons.digester.Digester] [SetPropertiesRule]{Server/Service/Engine/Realm}
  Setting property 'roleClassNames' to 'org.josso.gateway.identity.service.BaseRoleImpl' did not find a matching
property.
WARN [commons.digester.Digester] [SetPropertiesRule]{Server/Service/Engine/Realm}
  Setting property 'userClassNames' to 'org.josso.gateway.identity.service.BaseUserImpl' did not find a matching
property.
WARN [commons.digester.Digester] [SetPropertiesRule]{Server/Service/Engine/Host/Valve}
  Setting property 'appName' to 'josso' did not find a matching property.



Comments
Comment by Patrick Pissang [ 20/Aug/10 7:32 AM ]
Hello,

I am looking for a solution for this issue. It also applies for the Tomcat 6 Josso Installer.

{code}
Aug 20, 2010 11:18:41 AM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
Aug 20, 2010 11:18:41 AM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Aug 20, 2010 11:18:41 AM org.apache.tomcat.util.digester.SetPropertiesRule begin
WARNING: [SetPropertiesRule]{Server/Service/Engine/Realm} Setting property 'debug' to '1' did not find a matching
property.
Aug 20, 2010 11:18:41 AM org.apache.tomcat.util.digester.SetPropertiesRule begin
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host/Valve} Setting property 'appName' to 'josso' did not find
a matching property.
Aug 20, 2010 11:18:41 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
{code}

The server.xml code automatically generated by the Installer:
{code}
    <!-- ================================================== -->
     <!-- JOSSO JAAS Realm, configuration automatially generated by JOSSO Installer -->
     <Realm appName="josso"
           className="org.josso.tc60.agent.jaas.CatalinaJAASRealm"
           debug="1"
           roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
           userClassNames="org.josso.gateway.identity.service.BaseUserImpl">
     </Realm>
     <!-- ================================================== -->

    <!-- ================================================== -->
     <!-- JOSSO Agent Valve, configuration automatially generated by JOSSO Installer -->
     <Valve appName="josso"
           className="org.josso.tc60.agent.SSOAgentValve"
           debug="1">
     </Valve>
     <!-- ================================================== -->
{code}

If the configuration is wrongly generated by the installer could you provide a corrected one here?

Thanks!
Use DOC/LIT SOAP dialetct in JOSSO Backchannel protocol   (JOSSO-139)



   [JOSSO-149] Migrate PHP Agent to DOC-LIT Created: 17/Sep/09                   Updated: 20/Jul/10
Resolved: 23/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task                    Priority:             Major
Reporter:             Sebastian Gonzalez Oyuela   Assignee:             Goran Nastov
Resolution:           Fixed                       Votes:                0
Use DOC/LIT SOAP dialetct in JOSSO Backchannel protocol   (JOSSO-139)



   [JOSSO-148] Migrate ISAPI Agent to DOC-LIT Created: 17/Sep/09                   Updated: 20/Jul/10
Resolved: 22/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task                    Priority:             Major
Reporter:             Sebastian Gonzalez Oyuela   Assignee:             Goran Nastov
Resolution:           Fixed                       Votes:                0
Use DOC/LIT SOAP dialetct in JOSSO Backchannel protocol   (JOSSO-139)



   [JOSSO-147] Migrate Apache Agent to DOC-LIT Created: 17/Sep/09                      Updated: 20/Jul/10
Resolved: 22/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task                    Priority:             Major
Reporter:             Sebastian Gonzalez Oyuela   Assignee:             Goran Nastov
Resolution:           Fixed                       Votes:                0
Use DOC/LIT SOAP dialetct in JOSSO Backchannel protocol   (JOSSO-139)



   [JOSSO-146] Migrate Java Agents to DOC-LIT Created: 17/Sep/09                   Updated: 20/Jul/10
Resolved: 22/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.2

Type:                 Sub-task                    Priority:             Major
Reporter:             Sebastian Gonzalez Oyuela   Assignee:             Goran Nastov
Resolution:           Fixed                       Votes:                0
Use DOC/LIT SOAP dialetct in JOSSO Backchannel protocol    (JOSSO-139)



   [JOSSO-145] Migrate Gateway services to DOC-LIT Created: 17/Sep/09                     Updated:
20/Jul/10 Resolved: 22/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Sub-task                     Priority:             Major
Reporter:               Sebastian Gonzalez Oyuela    Assignee:             Goran Nastov
Resolution:             Fixed                        Votes:                0


Description
Update josso-ws component and user Document/Literal encoding instead of SOAP/RPC
[JOSSO-144] NTLM authentication does not work ==> blank screen in
IE8 Created: 16/Sep/09 Updated: 20/Jul/10 Resolved: 26/Oct/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8, JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Bug                                Priority:               Major
Reporter:              Filip Nollet                       Assignee:               Gianluca Brigandi
Resolution:            Fixed                              Votes:                  0
Environment:           Server = 2 x Redhat 5.3 with Tomcat 6.0.20 on the gateway and Apache 2.2.13 on the agent
                       side. The Josso agent is downloaded from SVN
                       Client: Windows XP SP3, fully updates with IE8


Description
When authenticating to an Josso secured website using NTLM authentication a blank screen appears. On the
gateway the catalina.out logs state:

Sep 16, 2009 4:51:13 PM org.josso.gateway.protocol.handler.NtlmProtocolHandler doJob
SEVERE: null
java.net.UnknownHostException
     at jcifs.UniAddress.getAllByName(UniAddress.java:255)
     at jcifs.UniAddress.getByName(UniAddress.java:245)
     at org.josso.gateway.protocol.handler.NtlmProtocolHandler.negotiate(NtlmProtocolHandler.java:212)
     at org.josso.gateway.protocol.handler.NtlmProtocolHandler.doJob(NtlmProtocolHandler.java:162)
     at org.josso.gateway.protocol.SSOProtocolManagerImpl.dispatchRequest(SSOProtocolManagerImpl.java:74)
     at org.josso.gateway.filter.ProtocolHandlerFilter.doFilter(ProtocolHandlerFilter.java:95)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:290)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
     at java.lang.Thread.run(Thread.java:619)


The agent does the redirection:

[Wed Sep 16 16:51:13 2009] [debug] mod_auth_josso.c(837): [client 10.3.154.20] Automatic login was never
executed. Require Autologin!
[Wed Sep 16 16:51:13 2009] [debug] mod_auth_josso.c(438): [client 10.3.154.20] Redirecting user for authentication
to
[http://vmbiotest.be.bayercropscience:8080/josso/signon/login.do?josso_cmd=login_optional&josso_partnerapp_host
=vmbiotest2&josso_partnerapp_ctx=/josso/php&josso_back_to=http://vmbiotest2:80/josso/php/josso_security_check]


In wireshark (on the gateway) no packets leave the servers towards the cifs server. When I do the manual tests with
jcifs 1.2.25 it works:
[root@vmbiotest examples]# ./run1.sh ListACL

Allow Administrators 0x001F01FF Direct This folder, subfolders and files toString: S-1-5-32-544 toSidString:
Administrators getType: 4 getTypeText: Local group getDomainName: BUILTIN getAccountName: Administrators
Allow Everyone 0x001200A9 Direct This folder, subfolders and files toString: S-1-1-0 toSidString: Everyone getType:
5 getTypeText: Builtin group getDomainName: getAccountName: Everyone




Comments
Comment by Gianluca Brigandi [ 08/Oct/09 9:03 AM ]
NTLM authentication support for JOSSO has been recently enhanced.

We've retrofitted the NTLM authentication scheme by using the latest stable JCIFS version (1.3.12).

Additionally, we've added WINS support for enhancing name resolution and avoid issues like the one you've reported
(i.e. Unknown Host). In order to try this, there is a new ntlm protocol handled property named "wins" whose value
must be to the IP address of the WINS server.

You can now also increase the JCIFS log level by setting the "log" property value of the ntlm protocol handler value to
"true". This should provide additional information in order to diagnose NTLM-related issues.

See JOSSO-157, JOSSO-158 and JOSSO-159 issues for more information.

In order to test this on top of a JOSSO 1.8.1 instance, you need to :

a) checkout and build from the 1.8.2 branch (
https://josso.svn.sourceforge.net/svnroot/josso/josso1/branches/JOSSO182B/josso

b) copy the josso-ntlm-authscheme-1.8.2-SNAPSHOT.jar file to the $CATALINA_HOME/webapps/josso/WEB-INF/lib
folder

c) copy the jcifs-1.3.12.jar file to the $CATALINA_HOME/webapps/josso/WEB-INF/lib folder

d) Remove old versions of both files

e) Restart Tomcat

Comment by Filip Nollet [ 12/Oct/09 7:15 AM ]
Hello again


Took some time before I could test this, but I have again bad news.

I did all the tasks required:
- started from a fresh Josso 1.8.1 installation
- Build the snapshot and copied it (removed the original file)
- copied the latest jfcifs jar file (and removed the old one)
- changed my protocol xml to:

  <ntlm:ntlm-protocol-handler
       id="josso-ntlm-protocol"
       defaultDomain="EMEA"
       domainController="10.3.153.70"
       loadBalance="false"
       enableBasic="false"
       insecureBasic="false"
       realm="EMEA.AGROGROUP.NET"
       log="true"
       wins=""
        />

- Restarted Tomcat and tested it again (I did not change anything to the agents!!!)
- And this is the result:

Oct 12, 2009 2:11:20 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 22470 ms
Oct 12, 2009 2:12:46 PM org.josso.gateway.protocol.handler.NtlmProtocolHandler doJob
SEVERE: null
java.net.UnknownHostException
     at jcifs.UniAddress.getAllByName(UniAddress.java:255)
     at jcifs.UniAddress.getByName(UniAddress.java:245)
     at org.josso.gateway.protocol.handler.NtlmProtocolHandler.negotiate(NtlmProtocolHandler.java:254)
     at org.josso.gateway.protocol.handler.NtlmProtocolHandler.doJob(NtlmProtocolHandler.java:204)
     at org.josso.gateway.protocol.SSOProtocolManagerImpl.dispatchRequest(SSOProtocolManagerImpl.java:74)
     at org.josso.gateway.filter.ProtocolHandlerFilter.doFilter(ProtocolHandlerFilter.java:95)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:290)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
     at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:859)
     at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:574)
     at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1527)
     at java.lang.Thread.run(Thread.java:619)



- I got no extra logging information.
- I have no WINS server (and will not install one as I am not allowed to). Also that should not matter, I gave up the AD
controller.

Are these procedure complete? Will Josso see the new JAR files and accept them? Isn't there anything else I could
be doing wrong?
Comment by Gianluca Brigandi [ 20/Oct/09 11:28 AM ]
Considering that JCIFS uses the standard output for logging, check if corresponding entries exist within the
catalina.out file .
If they don't, include within the $CATALINA_HOME/setenv.sh script the following :
"-Djcifs.util.loglevel=10".
Comment by Gianluca Brigandi [ 24/Oct/09 3:27 PM ]
Make sure that the $CATALINA_HOME/lib folder doesn't contain the spring-2.0.6.jar file.

If yes, please remove it and attempt ntlm authentication again.




Comment by Filip Nollet [ 26/Oct/09 6:17 AM ]
Hi again,


I wanted to continue testing on this, but when I tried to repackage the svn checkout of 1.8.2 I got this fine error:

[root@vmbiotest josso-1.8.2]# mvn package
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[ERROR] FATAL ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Error building POM (may not be this project's POM).


Project ID: org.josso:josso-jboss5-agent
POM Location: /root/packages/josso/josso-1.8.2/agents/josso-jboss5-agent/pom.xml
Validation Messages:

   [0] 'dependencies.dependency.version' is missing for org.josso:josso-jaspi-agent:jar


Reason: Failed to validate POM for project org.josso:josso-jboss5-agent at /root/packages/josso/josso-
1.8.2/agents/josso-jboss5-agent/pom.xml


[INFO] ------------------------------------------------------------------------
[INFO] Trace
org.apache.maven.reactor.MavenExecutionException: Failed to validate POM for project org.josso:josso-jboss5-
agent at /root/packages/josso/josso-1.8.2/agents/josso-jboss5-agent/pom.xml
     at org.apache.maven.DefaultMaven.getProjects(DefaultMaven.java:404)
     at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:272)
     at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:138)
     at org.apache.maven.cli.MavenCli.main(MavenCli.java:362)
     at org.apache.maven.cli.compat.CompatibleMain.main(CompatibleMain.java:60)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:592)
     at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315)
     at org.codehaus.classworlds.Launcher.launch(Launcher.java:255)
     at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430)
     at org.codehaus.classworlds.Launcher.main(Launcher.java:375)
Caused by: org.apache.maven.project.InvalidProjectModelException: Failed to validate POM for project
org.josso:josso-jboss5-agent at /root/packages/josso/josso-1.8.2/agents/josso-jboss5-agent/pom.xml
     at
org.apache.maven.project.DefaultMavenProjectBuilder.processProjectLogic(DefaultMavenProjectBuilder.java:1077)
     at org.apache.maven.project.DefaultMavenProjectBuilder.buildInternal(DefaultMavenProjectBuilder.java:880)
     at
org.apache.maven.project.DefaultMavenProjectBuilder.buildFromSourceFileInternal(DefaultMavenProjectBuilder.java
:508)
     at org.apache.maven.project.DefaultMavenProjectBuilder.build(DefaultMavenProjectBuilder.java:200)
     at org.apache.maven.DefaultMaven.getProject(DefaultMaven.java:604)
     at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:487)
     at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:560)
     at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:560)
     at org.apache.maven.DefaultMaven.getProjects(DefaultMaven.java:391)
      ... 12 more
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1 second
[INFO] Finished at: Mon Oct 26 12:11:39 CET 2009
[INFO] Final Memory: 7M/13M
[INFO] ------------------------------------------------------------------------


I am not a Maven specialist here, can you help me out?

Testing with a previous compiled version of the 1.8.2 ntlm jar still gave the same sparse error message. Removing
the spring jar does not help, adding the loglevel option to JAVA_OPTS neither.

I installed Java 1.5.0_21 instead of 1.6 (latest version); no changes.
I reinstalled the Apache-Tomcat/Josso 1.8.1 (+ snapshot ntlm jar and jcifs jar) again and created all configuration files
once more, just to absolutely sure that I did not screw anything. But I just keep getting the "hostunknown" error.

Interactive login works (but it always did)....

Thanks for all the support until now btw, I did not reply sooner as I have some other big projects running, but JOSSO
is quite important to us, so solving this issue would mean a lot!

Best regards

Filip



Comment by Goran Nastov [ 26/Oct/09 6:40 AM ]
Update JOSSO project and rebuild it, it should work now.
Comment by Gianluca Brigandi [ 26/Oct/09 7:50 AM ]
In addition to the ntlm-auth-scheme jar you need to deploy josso-core 1.8.2 while removing the 1.8.1 one.
Comment by Filip Nollet [ 26/Oct/09 8:29 AM ]
Hi all


No good news. Installed the core (snapshot) jar (and as test the protocol snapshot jar too). Restarted Tomcat of
course. Did not help.

I don't get more logging with the jcifs.util.loglevel parameter provided (set the number to 0 and the logs kept coming
btw).

Added the -Djcifs.resolveOrder=DNS switch the same way as the loglevel switch, but It did not help either (which is
logical as the loglevel parameter didn't do anything either).

Any other recommendations?
Comment by Gianluca Brigandi [ 26/Oct/09 9:19 AM ]
It's very likely a spring configuration issue with the ntlm protocol handler.

You're probably declaring a ntlm protocol handler bean with no attributes which is then added to the protocol
manager's handlers such as :

   <default-protocol-manager id="josso-protocol-manager">
     <handlers>
        <ntlm-authscheme:ntlm-protocol-handler/>
     </handlers>
   </default-protocol-manager>

The fully configured ntlm protocol handler defined in the josso-gateway-protocol.xml descriptor is declared but never
bound to the protocol handler's list of protocol handlers .
Thus the correct ntlm protocol handler configuration should look like this :

   <default-protocol-manager id="josso-protocol-manager">
     <handlers>
        <s:ref bean="josso-ntlm-protocol"/>
     </handlers>
   </default-protocol-manager>

Make sure to import the josso-gateway-protocol.xml descriptor - within which the ntlm protocol handler is declared -
from the josso-gateway.xml using "<s:import resource="josso-gateway-protocol.xml"/>"

Comment by Gianluca Brigandi [ 26/Oct/09 10:45 AM ]
fixed ntlm declarations within default gateway descriptors . See : http://fisheye.josso.org/changelog/JOSSO?cs=1553

Comment by Filip Nollet [ 26/Oct/09 11:28 AM ]
Yes... partial succes!

I get an Error page with ERROR and my username... So jcifs is actually doing something now. Also a lot of logging,
saying he cannot find my user in AD.

I will look into this tomorrow; already happy that I am actually getting an error page :-)

Thanks for the assistance; I am not able to resolve this one, you will hear from me again, but I have good hopes!

Beste Regards, Filip
Comment by Gianluca Brigandi [ 26/Oct/09 11:43 AM ]
good, feel free to raise a new JIRA issue for any additional problem you might experience
[JOSSO-143] JOSSO Webservice clients should be able to consume
services deployed in any arbitary path Created: 15/Sep/09 Updated: 20/Jul/10 Resolved:
23/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.2

Type:                  Improvement                         Priority:               Major
Reporter:              Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:            Fixed                               Votes:                  0


Description
Right now, only the web context can be configured, for example /my-services instead of /josso. But there is a fixed
sufix for each service, for example "/services/SSOIdentityProvider" .

In case of Java agents, we need to extend the WebserviceGatewayServiceLocator component to support any path.
This change should also apply to C++ and PHP agents.
[JOSSO-142] Implement RBAC engine for Microsoft ASP applications
Created: 15/Sep/09 Updated: 22/Dec/09 Resolved: 15/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  New Feature                          Priority:   Major
Reporter:              Gianluca Brigandi                    Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                                Votes:      0
[JOSSO-141] Implement Windows ISAPI Agent for JOSSO Created: 15/Sep/09
Updated: 22/Dec/09 Resolved: 15/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  New Feature         Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
[JOSSO-140] mod_auth_josso: no support for HTTP Secure transport
(HTTPS) Created: 15/Sep/09 Updated: 18/Sep/09 Resolved: 18/Sep/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                  Priority:                 Major
Reporter:                Sebastian Gonzalez Oyuela            Assignee:                 Sebastian Gonzalez Oyuela
Resolution:              Duplicate                            Votes:                    0


Description
The apache httpd module, mod_auth_josso, hardcodes for 'http://&#39;. For the
pass-back URL (JOSSO_BACK_TO). It should check to see what the in-bound
scheme is and carry that over to the URL.

Comments
Comment by Vargo [ 18/Sep/09 6:41 AM ]
It's not clear which issue is a duplicate of this one. Could you please link it? If it's: JOSSO-99; then the fix version
would be v1.8.1, right? And the appropriate fix would be in the baseline v1.8.1 at this point?
Comment by Sebastian Gonzalez Oyuela [ 18/Sep/09 6:52 AM ]
Duplicate of JOSSO-99
Comment by Goran Nastov [ 18/Sep/09 6:53 AM ]
This issue is a duplicate of JOSSO-99 and the fix is included in the v1.8.1.
[JOSSO-139] Use DOC/LIT SOAP dialetct in JOSSO Backchannel
protocol Created: 14/Sep/09 Updated: 20/Jul/10 Resolved: 23/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                         Priority:              Critical
Reporter:               Sebastian Gonzalez Oyuela           Assignee:              Goran Nastov
Resolution:             Fixed                               Votes:                 0

Sub-Tasks:              Key                 Summary                  Type         Status      Assignee
                        JOSSO-145           Migrate Gateway          Sub-task     Closed      Goran Nastov
                                            services to DOC-LIT
                        JOSSO-146           Migrate Java Agents      Sub-task     Closed      Goran Nastov
                                            to DOC-LIT
                        JOSSO-147           Migrate Apache Agent Sub-task         Closed      Goran Nastov
                                            to DOC-LIT
                        JOSSO-148           Migrate ISAPI Agent      Sub-task     Closed      Goran Nastov
                                            to DOC-LIT
                        JOSSO-149           Migrate PHP Agent to Sub-task         Closed      Goran Nastov
                                            DOC-LIT

Description
New protocol will be versioned as josso-1.2 protocol. This affects josso web services and all agents.

This is the list of SOAP stacks in use and the related agents

PHP Nusoap : PHP Agent
GSoap : Apache , ISAPI
Axis : All java agents
[JOSSO-138] Error running josso console in Linux (latest 1.8.1
distribution) Created: 11/Sep/09 Updated: 22/Dec/09 Resolved: 11/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                Priority:              Major
Reporter:              Goran Nastov                       Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0
Environment:           Linux


Description
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'help' defined in URL
[jar:file:/home/kira/1.8.1/2/josso-1.8.1/lib/josso-gshell-core-1.8.1.jar!/META-INF/spring/josso-gshell.xml]: Cannot
resolve reference to bean 'commandRegistry' while setting constructor argument; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'commandRegistry'
defined in class path resource [META-INF/spring/josso-gshell-core.xml]: Cannot resolve reference to bean
'environment' while setting constructor argument; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'environment':
FactoryBean threw exception on object creation; nested exception is java.lang.NoSuchMethodError:
org.springframework.util.ClassUtils.getAllInterfacesForClass(Ljava/lang/Class;Ljava/lang/ClassLoader;)[Ljava/lang/Cl
ass;
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'commandRegistry' defined in class path resource [META-INF/spring/josso-gshell-core.xml]: Cannot resolve
reference to bean 'environment' while setting constructor argument; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'environment':
FactoryBean threw exception on object creation; nested exception is java.lang.NoSuchMethodError:
org.springframework.util.ClassUtils.getAllInterfacesForClass(Ljava/lang/Class;Ljava/lang/ClassLoader;)[Ljava/lang/Cl
ass;
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'environment':
FactoryBean threw exception on object creation; nested exception is java.lang.NoSuchMethodError:
org.springframework.util.ClassUtils.getAllInterfacesForClass(Ljava/lang/Class;Ljava/lang/ClassLoader;)[Ljava/lang/Cl
ass;
Caused by: java.lang.NoSuchMethodError:
org.springframework.util.ClassUtils.getAllInterfacesForClass(Ljava/lang/Class;Ljava/lang/ClassLoader;)[Ljava/lang/Cl
ass;
       at org.springframework.aop.framework.ProxyFactoryBean.getSingletonInstance(ProxyFactoryBean.java:313)
       at org.springframework.aop.framework.ProxyFactoryBean.getObject(ProxyFactoryBean.java:243)
       at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectFromFactoryBean(AbstractBeanFactory.ja
va:1236)
       at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.ja
va:1207)
       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:262)
       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:160)
       at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueRes
olver.java:261)
       at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionVal
ueResolver.java:109)
       at
org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.j
ava:389)
     at
org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:120)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAuto
wireCapableBeanFactory.java:799)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAuto
wireCapableBeanFactory.java:717)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapa
bleBeanFactory.java:384)
     at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251)
     at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistr
y.java:156)
     at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248)
     at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:160)
     at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueRes
olver.java:261)
     at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionVal
ueResolver.java:109)
     at
org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.j
ava:389)
     at
org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:120)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAuto
wireCapableBeanFactory.java:799)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAuto
wireCapableBeanFactory.java:717)
     at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapa
bleBeanFactory.java:384)
     at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251)
     at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistr
y.java:156)
     at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248)
     at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:160)
     at
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBean
Factory.java:287)
     at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:352)
     at org.josso.tooling.gshell.core.spring.GShellApplicationContext.<init>(GShellApplicationContext.java:81)
     at org.josso.tooling.gshell.core.spring.GShellApplicationContext.<init>(GShellApplicationContext.java:61)
     at org.josso.tooling.gshell.core.cli.Main.<init>(Main.java:70)
     at org.josso.tooling.gshell.core.cli.Main.main(Main.java:135)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:616)
     at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
     at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
     at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:408)
     at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:351)
     at org.josso.tooling.gshell.bootstrap.Launcher.main(Launcher.java:62)
Manually removing spring 1.2.9 and 2.06 jars from /josso-1.8.1/lib fixed it.



Comments
Comment by Sebastian Gonzalez Oyuela [ 11/Sep/09 12:29 PM ]
Unnecessary versions of spring removed from console libraries
Support controlling the interval for ISAPI agent heart beating events    (JOSSO-110)



  [JOSSO-137] We need to ensure that concurrent access to this map
does not produce errors. Created: 04/Sep/09 Updated: 22/Dec/09 Resolved: 08/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                           Priority:               Major
Reporter:              Atricore Atlassian internal user   Assignee:               Goran Nastov
Resolution:            Fixed                              Votes:                  0


Description
We need to ensure that concurrent access to this map does not produce errors. In java we can synchronize access,
we should find a way to do the same in C++. There is a sample in JOSSOIsapiPlugin.cpp file, when agent initializes.
Let me know if this is posible so we add a JIRA task for it.

Created from Crucible comment by Sebastian Gonzalez Oyuela: http://fisheye.josso.org/cru/JOSSO-REV-5#c7

Comments
Comment by Sebastian Gonzalez Oyuela [ 04/Sep/09 10:41 AM ]
This is just to test JIRA/CRUCIBLE Integration
[JOSSO-136] JOSSO ISAPI Agent must remove unused entries in 'cache'
map whe checking if session should be accessed Created: 04/Sep/09 Updated: 22/Dec/09
Resolved: 09/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8.1
Fix Version/s:        JOSSO 1.8.1

Type:                 Bug                             Priority:   Minor
Reporter:             Sebastian Gonzalez Oyuela       Assignee:   Goran Nastov
Resolution:           Fixed                           Votes:      0


Description
Take a look at cache map declared at AbastractSSOAgent.cpp
[JOSSO-135] Support logout and authentication local URLs in ISAPI
Agent Created: 04/Sep/09 Updated: 12/Aug/11
Status:                Open
Project:               JOSSO
Component/s:           ISAPI Agent
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.6

Type:                  New Feature                           Priority:    Minor
Reporter:              Sebastian Gonzalez Oyuela             Assignee:    Sebastian Gonzalez Oyuela
Resolution:            Unresolved                            Votes:       0


Description
ISAPI Agent should be able to handle the following events:

 ./josso/JOSSOIsapiAgent.dll?josso_logout&back_to=<my page>&....

 ./josso/JOSSOIsapiAgent.dll?josso_authentication&back_to=<my page>&...
[JOSSO-134] Apache Httpd Agent enters infinite loop under IE8 Created:
03/Sep/09 Updated: 22/Dec/09 Resolved: 08/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                  Priority:                Critical
Reporter:               Gianluca Brigandi                    Assignee:                Goran Nastov
Resolution:             Cannot Reproduce                     Votes:                   0


Description
For more information refer to : https://sourceforge.net/forum/message.php?msg_id=7607196

Verify that Java-based JOSSO agents support IE8 correctly as well.



Comments
Comment by Sebastian Gonzalez Oyuela [ 04/Sep/09 10:34 AM ]
IE8 works ok with java agents.

One Tip: make sure that cookie header has all necessary cookie attributes, for example, IE will not accept cookies
without a path or with a blank path. Check also expiration time (should be 0 for session cookies)
Comment by Goran Nastov [ 07/Sep/09 8:46 AM ]
I tried latest apache agent with IE8 and it looks like it's working ok. Then I noticed that a user who reported the issue
is using the latest svn from head instead of josso 1.8.1 branch where all the work is done.

https://sourceforge.net/forum/message.php?msg_id=7614198

Waiting from user feedback.
Comment by Goran Nastov [ 08/Sep/09 6:47 AM ]
It works ok with the latest apache agent.

http://sourceforge.net/forum/message.php?msg_id=7615890
[JOSSO-133] Removing SSO sessions for a specific user, invalidates all
his sessions Created: 02/Sep/09 Updated: 22/Dec/09 Resolved: 09/Sep/09
Status:                    Closed
Project:                   JOSSO
Component/s:               None
Affects Version/s:         JOSSO 1.8
Fix Version/s:             JOSSO 1.8.1

Type:                      Bug                                  Priority:   Critical
Reporter:                  Gianluca Brigandi                    Assignee:   Sebastian Gonzalez Oyuela
Resolution:                Fixed                                Votes:      0


Description
Memory session store component contains two fields for saving sessions:

  - private Map _sessions;

  - private Map _sessionsByUsername;

Both map contains full session list. But second one has all sessions
grouped by

username.

And "remove" method has following implementation:



public void remove(String id) throws SSOSessionException {

      BaseSession session = null;

      synchronized (_sessions) {

           session = (BaseSession) _sessions.remove(id);

           if (session != null && session.getUsername() != null) {

               _sessionsByUsername.remove(session.getUsername());

           }



      }



      if (logger.isDebugEnabled())

           logger.debug("[remove(" + id + ")] Session " + (session ==
null ? "

not" : "") + " found");

  }
So when one session is being canceled, in map, that has sessions grouped
by

username, all sessions for given user

are being canceled. And in result all following calls for given user

(invalidateUserSessions(userName) or

listUserSessions(userName) )end up with "NoSuchSessionException" in
class org.josso.gateway.SSOSecurityDomainInfo.class.
[JOSSO-132] Support ignored web resources in Weblogic Agents Created:
02/Sep/09 Updated: 22/Dec/09 Resolved: 07/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   New Feature                         Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0


Description
We need a way to define ignored web resources in WL partner appliactions. This will avoid providing identity
information to unnecessary resources as well as preventing starting automatic logins to special resources like login
forms.

In case of WL agents, we should find a way to know if the processed resource belong to a security constraint that
should be ignored, just like we do with Tomcat. If this is not possible, we could enumerate specific resources, like we
do with PHP agents, in the partner application configuration. We should support the same type of patterns used in
web.xml descriptors:



Comments
Comment by Goran Nastov [ 07/Sep/09 6:25 AM ]
Added <ignore-url-patterns> to partner application configuration.
[JOSSO-131] Josso original resource resetted when user starts login
process (IdP initiated login) Created: 31/Aug/09 Updated: 22/Dec/09 Resolved: 02/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Improvement                         Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0


Description
Scenario:

1. An anonymous user attempts to access a protected resource, JOSSO Redirects him to the login page.

2. User does not authenticate, but goes back to the partner application.

3. User navigates to a specific public page

4. User selects "login option", JOSSO Redirects him to the login page.

5. User authenticates, JOSSO redirects him to the protected resource the user first attempted to access.

We need a way to distinguish between authentications requested by the container (SP Initiated) and those requested
by the user (IdP) Initiated. In case of IdP initiated auth. the original resource SHOULD be updated based on the latest
referrer.

Notes:

A specific URI could be used for user authentication requests, for example instead of "/josso_login/",
"/josso_user_login/" can be used to signal user authentication requests.

A new argument can be added to the saveLoginBackToURL(HttpServletRequest request, Session session) method,
for example:
saveLoginBackToURL(HttpServletRequest request, Session session, boolean overrideSavedResource)

Implemnet in the following agents:

Tomcat 6.0 [ ]
Tomcat 5.5 [ ]
Tomcat 5.0 [ ]




Comments
Comment by Goran Nastov [ 02/Sep/09 2:35 PM ]
Custom login form must be configured as ignored resource.
[JOSSO-130] Windows W3P service memory consumption increases
when Isapi Agent is active Created: 30/Aug/09 Updated: 22/Dec/09 Resolved: 30/Aug/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8.1

Type:                Bug                     Priority:        Critical
Reporter:            Gianluca Brigandi       Assignee:        Gianluca Brigandi
Resolution:          Fixed                   Votes:           0
[JOSSO-129] Misspelled josso_ignoredResources variable name in PHP
Agent configuration file. Created: 20/Aug/09 Updated: 21/Aug/09 Resolved: 20/Aug/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8.1

Type:                Bug                         Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-128] Agents should not attempt autologin for ignored web
resources Created: 20/Aug/09 Updated: 21/Aug/09 Resolved: 21/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                      Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                            Votes:      0


Comments
Comment by Sebastian Gonzalez Oyuela [ 20/Aug/09 2:28 PM ]
Implemented for the follwoing agents:

Tomcat / JBoss
[JOSSO-127] JOSSO Agents should handle authentication when using
custom login forms inside partner applicatoins Created: 19/Aug/09 Updated: 22/Dec/09
Resolved: 11/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  New Feature                        Priority:               Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:               Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                  0


Description
When a custom login form is required and it's part of a JOSSO Partner application, submission of credentials should
be handled by the JOSSO Agent. A new special URI, like josso_authnetication should be used to receive this
requests and resend them to the GWY using automatically generated HTTP form that POSTS automatically.

Agents already supporting this feature:

[*] Tomcat 6.0
[*] Tomcat 5.5
[*] Tomcat 5.0
[ ] Weblogic 10.0
[*] Weblogic 9.2
[*] Weblogic 8.1
[ ] WASCE
[*] PHP
[JOSSO-126] Josso Command Line console must update any JOSSO 1.x
JAR files Created: 19/Aug/09 Updated: 22/Dec/09 Resolved: 31/Aug/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Improvement                         Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0


Description
This should work for all the agents supported by the console, including (WASCE). All jar files normally overwritten by
the console should also be replaced if versions differ. This must include any 1.x version, final or SNAPSHOT.
[JOSSO-125] Autologin process should not start if already processing
login Created: 19/Aug/09 Updated: 21/Aug/09 Resolved: 21/Aug/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8.1

Type:                Bug                         Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-124] Implement FIX In ISAPI Agent Created: 19/Aug/09                   Updated: 22/Dec/09
Resolved: 09/Sep/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.1

Type:                 Sub-task                      Priority:           Major
Reporter:             Sebastian Gonzalez Oyuela     Assignee:           Sebastian Gonzalez Oyuela
Resolution:           Fixed                         Votes:              0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-123] Implement FIX In Apache Agent Created: 19/Aug/09                     Updated: 22/Dec/09
Resolved: 31/Aug/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.1

Type:                 Sub-task                      Priority:           Major
Reporter:             Sebastian Gonzalez Oyuela     Assignee:           Goran Nastov
Resolution:           Fixed                         Votes:              0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-122] Implement FIX In Servlet Agent Created: 19/Aug/09                   Updated: 22/Dec/09
Resolved: 19/Aug/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.1

Type:                 Sub-task                      Priority:           Major
Reporter:             Sebastian Gonzalez Oyuela     Assignee:           Goran Nastov
Resolution:           Fixed                         Votes:              0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-121] Implement FIX In Tomcat 5.0 Agent Created: 19/Aug/09                     Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                     Priority:           Major
Reporter:              Sebastian Gonzalez Oyuela    Assignee:           Goran Nastov
Resolution:            Fixed                        Votes:              0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-120] Implement FIX in Tomcat 5.5 Agent Created: 19/Aug/09                     Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                     Priority:           Major
Reporter:              Sebastian Gonzalez Oyuela    Assignee:           Goran Nastov
Resolution:            Fixed                        Votes:              0
[JOSSO-119] Avoid cross-site redirection (XSR) vulnerability Created: 19/Aug/09
Updated: 20/Jul/10 Resolved: 05/Oct/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8, JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.2

Type:                   Improvement                           Priority:              Major
Reporter:               Sebastian Gonzalez Oyuela             Assignee:              Goran Nastov
Resolution:             Fixed                                 Votes:                 0


Description
It seems there's no possibility to allow/deny certain URLs in the
"josso_back_to" or "josso_current_url" parameters.

This leads to a vulnerability called cross-site redirection (XSR) which
allows an attacker to redirect a victim, who clicks on a specially
crafted link (e.g. from a phishing email), to arbitrary sites on the
internet. Those sites may be controlled by the attacker and host
browser exploits to take over the victim's computer or host phishing
sites to steal SSO accounts

Comments
Comment by j [ 01/Oct/09 9:00 AM ]
hi, I took a short look at the changes and I think that the solution can be easily
bypassed, but I don't have a test-server so I'll describe what's wrong.

source:
http://fisheye.josso.org/viewrep/JOSSO/branches/JOSSO_1_8_1_B/josso/components/josso-
protocol/src/main/java/org/josso/gateway/signon/LoginAction.java?r1=1043&r2=1438

88 for (String trustedHost : cfg.getTrustedHosts()) {
89 if (backTo.startsWith("http://"+trustedHost) ||
        backTo.startsWith("https://"+trustedHost)) {
90 trusted = true;
91 break;
92 }
93 }

Line 89 only checks if the backto parameter starts with trustedHost. An
attacker is able to bypass this using an authority part of the URI
which contains a username or password string (see RFC 3986 or
http://en.wikipedia.org/wiki/URI_scheme) that starts with the (known)
trustedHost and then append an untrusted one. E.g.:

This URL would bypass the filter because it "starts with" trustedHost
but is interpreted by all browsers to go to www.google.com. Some
but not all browsers may show a warning though that a password might be
transmitted in the clear - if a user clicks the OK button, then
redirection happens.
http://$host/josso-logout.php?josso_current_url=http://trustedHost@www.google.com

please reopen
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-118] Implement FIX in Tomcat 6.0 Agent Created: 03/Aug/09                     Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8

Type:                  Sub-task                     Priority:           Major
Reporter:              Sebastian Gonzalez Oyuela    Assignee:           Goran Nastov
Resolution:            Fixed                        Votes:              0
JOSSO Agents mix up saved resources when performing several login/logout operations in the same http
session (JOSSO-107)


   [JOSSO-117] Implement FIX in Weblogic 8.1. Agent Created: 03/Aug/09                      Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                     Priority:           Critical
Reporter:              Sebastian Gonzalez Oyuela    Assignee:           Goran Nastov
Resolution:            Fixed                        Votes:              0
JOSSO Agent does not refresh login / logout state   (JOSSO-114)



   [JOSSO-116] Implement FIX in Tomcat 6.0 Agent Created: 03/Aug/09                Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                         Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:   Goran Nastov
Resolution:            Fixed                            Votes:      0
JOSSO Agent does not refresh login / logout state   (JOSSO-114)



   [JOSSO-115] Implement FIX in Weblogic 8.1. Agent Created: 03/Aug/09             Updated:
22/Dec/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                         Priority:   Critical
Reporter:              Sebastian Gonzalez Oyuela        Assignee:   Goran Nastov
Resolution:            Fixed                            Votes:      0
[JOSSO-114] JOSSO Agent does not refresh login / logout state Created:
22/Jul/09 Updated: 22/Dec/09 Resolved: 21/Aug/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                               Priority:            Critical
Reporter:               Sebastian Gonzalez Oyuela         Assignee:            Goran Nastov
Resolution:             Fixed                             Votes:               0
Environment:            Lates JOSSO-1.8.1 Tomcat 6 agent, including fix for JOSSO-107

Attachments:               josso-configs.zip
Sub-Tasks:              Key                 Summary                Type       Status      Assignee
                        JOSSO-115           Implement FIX in       Sub-task   Closed      Goran Nastov
                                            Weblogic 8.1. Agent
                        JOSSO-116           Implement FIX in       Sub-task   Closed      Goran Nastov
                                            Tomcat 6.0 Agent

Description
Note : .COM, .CZ, .AT ar JOSSO Parter applications.

Reported by User:

Example 1: Log in at .COM -> Change to .CZ (logged in) -> Check member
details on .CZ -> Change to .AT (still logged in) -> log out -> Change
to .CZ (still logged out) -> Log in at .CZ -> Change to .COM (user is
not logged in ... but should be logged in) -> Change to .AT (user is not
logged in ... but should be logged in) -> Change to any other profile (
user is logged in)

Could be related to JOSSO-113 and JOSSO-107

Comments
Comment by Sebastian Gonzalez Oyuela [ 22/Jul/09 6:05 PM ]
JOSSO Configuration and Firefox tamper data
[JOSSO-113] Logout fails after user inactivity Created: 22/Jul/09                                 Updated: 04/Sep/09
Resolved: 04/Sep/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8.1
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                   Priority:               Critical
Reporter:                Sebastian Gonzalez Oyuela             Assignee:               Goran Nastov
Resolution:              Cannot Reproduce                      Votes:                  0
Environment:             Latest 1.8.1 with state invalidation after successful login or logout ( JOSSO-107 )

Attachments:                 josso-configs.zip

Description
Reported by User:

If a user logs on a page (e.g. TSS Global) and then stops to work on the
page for at least ten minutes, he cannot log out from this page.

The logout link can be clicked, but the user information is still
available and the user can enter the secured area.

In case the user selects a different location (partner application) the user isn't logged in
there. But if the user goes back to the first profile (partner application) where he is/was
logged in, the user information is available again and he can access the
member area

This could be related with loca session (partner app session) expiration.

Comments
Comment by Sebastian Gonzalez Oyuela [ 22/Jul/09 6:05 PM ]
JOSSO Configuration and Firefox Tamper data about this issue
[JOSSO-112] No user information available when authenticating user
using wrong 'case' for username Created: 22/Jul/09 Updated: 22/Dec/09 Resolved: 02/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                 Priority:              Critical
Reporter:              Sebastian Gonzalez Oyuela           Assignee:              Goran Nastov
Resolution:            Fixed                               Votes:                 0
Environment:           PHP Agent


Description
Reported by User:

I don't get the User ID from JOSSO after login if we use the "Remember me" check box and enter the UserID in
wrong case.
For e.g. We enter R.Iyer@webdirekt.com instead of r.iyer@webdirekt.com
If you want to check this out, you can use our test site http://tech.webdirekt.de . The password for my User is
webdirekt.

This could be related with the authentication option 'ignore username case'.
[JOSSO-111] Josso deployment console stops responding when
deploying WASCE agent in Windows Created: 22/Jul/09 Updated: 22/Dec/09 Resolved: 10/Sep/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:               Major
Reporter:               Goran Nastov                        Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0
Environment:            Windows


Description
When deploying WASCE agent using josso deployment console in Windows (agent install --target /path/to/wasce --
platform wc21), josso console stops responding after undeployment of wasce tomcat6 module.

(Deployment of josso gateway and sample partner application using josso console in Windows works as expected).



Comments
Comment by Sebastian Gonzalez Oyuela [ 10/Sep/09 11:10 AM ]
We should disable wasce deploy output in the console (but,if posible, keep logging it to the log file) and used
standard gernomio deploy tools. This completes the task.
[JOSSO-110] Support controlling the interval for ISAPI agent heart
beating events Created: 21/Jul/09 Updated: 22/Dec/09 Resolved: 09/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                         Priority:              Critical
Reporter:              Gianluca Brigandi                   Assignee:              Goran Nastov
Resolution:            Fixed                               Votes:                 0

Sub-Tasks:              Key                Summary                  Type         Status      Assignee
                        JOSSO-137          We need to ensure        Sub-task     Closed      Goran Nastov
                                           that concurrent acc...

Description
The JOSSO ISAPI Agent is currently missing controlling the interval for sending keep alive messages to the gateway
in order to keep the single sign-on session alive within the gateway . Within traffic-intensive deployments this can
degrade significantly the overall partner application due to the SOAP/HTTP calls.

Therefore, port this feature from JOSSO Java Agents to the ISAPI one.
Support transparent SSO under WASCE 2.1 (JOSSO-105)


   [JOSSO-109] Implement WASCE 2.1 Agent for JOSSO Created: 17/Jul/09                                     Updated:
22/Dec/09 Resolved: 02/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                           Priority:              Major
Reporter:              Gianluca Brigandi                  Assignee:              Goran Nastov
Resolution:            Fixed                              Votes:                 0


Description
Implement WebSphere Application Server Community Edition Agent for JOSSO.

Considering that WASCE is based on Apache Geronimo 2.0 application server - which is supported by JOSSO 1.7 -
use as a reference the following tutorial :

http://www.josso.org/confluence/x/FQAk

Comments
Comment by Sebastian Gonzalez Oyuela [ 28/Jul/09 10:43 AM ]
The josso wasce agent pom should use the agent's pom as parent artifact instead of Geronimo project artifact. Any
additional information required to build the agent should be added to josso wasce's pom.
Support transparent SSO under WASCE 2.1 (JOSSO-105)


  [JOSSO-108] Add support for deploying the WASCE agent and
gateway from the josso command line console Created: 17/Jul/09 Updated: 22/Dec/09
Resolved: 22/Jul/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.1

Type:                 Sub-task                        Priority:   Major
Reporter:             Gianluca Brigandi               Assignee:   Goran Nastov
Resolution:           Fixed                           Votes:      0
[JOSSO-107] JOSSO Agents mix up saved resources when performing
several login/logout operations in the same http session Created: 09/Jul/09 Updated:
22/Dec/09 Resolved: 09/Sep/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Goran Nastov
Resolution:            Fixed                              Votes:                 0

Sub-Tasks:              Key           Summary                Type       Status Assignee
                        JOSSO-117     Implement FIX in       Sub-task   Closed Goran Nastov
                                      Weblogic 8.1. Agent
                        JOSSO-118     Implement FIX in       Sub-task   Closed Goran Nastov
                                      Tomcat 6.0 Agent
                        JOSSO-120     Implement FIX in       Sub-task   Closed Goran Nastov
                                      Tomcat 5.5 Agent
                        JOSSO-121     Implement FIX In       Sub-task   Closed Goran Nastov
                                      Tomcat 5.0 Agent
                        JOSSO-122     Implement FIX In       Sub-task   Closed Goran Nastov
                                      Servlet Agent
                        JOSSO-123     Implement FIX In       Sub-task   Closed Goran Nastov
                                      Apache Agent
                        JOSSO-124     Implement FIX In       Sub-task   Closed Sebastian Gonzalez Oyuela
                                      ISAPI Agent

Description
Once an agent uses a saved request or saved splash resource to send the user back to after a successful login or
logout, the stored values should be removed from session. This should avoid mixing up resources from previous
operations (logins, logouts) with the current one.
The problem should be verified and solve in all platforms:

* Tomcat (JBoss)
* Weblogic
* Websphere Community?
* Servlet
* Apache
* ISAPI
PHP
[JOSSO-106] JOSSO ISAPI Agent leaking memory Created: 26/Jun/09                              Updated: 21/Aug/09
Resolved: 26/Jun/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                             Priority:             Major
Reporter:              Gianluca Brigandi               Assignee:             Gianluca Brigandi
Resolution:            Fixed                           Votes:                0


Comments
Comment by Gianluca Brigandi [ 26/Jun/09 6:40 PM ]
There was a memory leak in the JOSSO ISAPI Agent upon consumption of server variables from request and
response classes.
[JOSSO-105] Support transparent SSO under WASCE 2.1 Created: 24/Jun/09
Updated: 21/Aug/09 Resolved: 22/Jul/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                      Priority:             Major
Reporter:              Gianluca Brigandi                Assignee:             Goran Nastov
Resolution:            Fixed                            Votes:                0

Sub-Tasks:              Key                Summary               Type     Status       Assignee
                        JOSSO-108          Add support for     Sub-task   Closed       Goran Nastov
                                           deploying the WASCE
                                           a...
                        JOSSO-109          Implement WASCE     Sub-task   Closed       Goran Nastov
                                           2.1 Agent for JOSSO

Description
Implement WebSphere Application Server Community Edition support for JOSSO.
[JOSSO-104] Apache Httpd Agent does not build in FC 11 Created: 24/Jun/09
Updated: 21/Aug/09 Resolved: 24/Jun/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                 Priority:          Major
Reporter:              Goran Nastov                        Assignee:          Goran Nastov
Resolution:            Fixed                               Votes:             0


Description
This issue is related to issue http://www.josso.org/jira/browse/JOSSO-103 .
[JOSSO-103] Apache Httpd Agent does not build in SLES 10 Created: 22/Jun/09
Updated: 21/Aug/09 Resolved: 23/Jun/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                   Priority:            Critical
Reporter:                Gianluca Brigandi                     Assignee:            Goran Nastov
Resolution:              Fixed                                 Votes:               0


Description
For more information see : http://sourceforge.net/forum/forum.php?thread_id=3304403&forum_id=399715

Comments
Comment by Goran Nastov [ 23/Jun/09 12:45 PM ]
This issue is already fixed in josso 1.8.1.

In josso 1.8 a quick solution is e.g. adding the following lines to configure.in:

apr_config=/usr/bin/apr-1-config
CPPFLAGS="$CPPFLAGS `$apr_config --cppflags`"
[JOSSO-102] Apache Httpd Agent crashes Created: 22/Jun/09                         Updated: 21/Aug/09 Resolved:
24/Jun/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8
Fix Version/s:        JOSSO 1.8.1

Type:                 Bug                              Priority:             Critical
Reporter:             Gianluca Brigandi                Assignee:             Goran Nastov
Resolution:           Fixed                            Votes:                0


Description
For more information please see : http://sourceforge.net/forum/forum.php?thread_id=3307340&forum_id=399715
[JOSSO-101] Exception when logging with non-existing user Created: 25/May/09
Updated: 22/Dec/09 Resolved: 25/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                               Priority:              Major
Reporter:              Goran Nastov                      Assignee:              Goran Nastov
Resolution:            Fixed                             Votes:                 0


Description
When using Memory Identity Store and logging with the username that doesn't exist, JOSSO gateway throws
NullPointerException and error page is displayed with the message "Error : org.josso.gateway.SSOException".
[JOSSO-100] RememberMe token not read correctly Created: 25/May/09                                   Updated:
22/Dec/09 Resolved: 25/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                Priority:              Major
Reporter:              Goran Nastov                       Assignee:              Goran Nastov
Resolution:            Fixed                              Votes:                 0
Environment:           Slackware 12.1


Description
When josso gateway is deployed on tomcat 5.5 on linux, rememberme cookie value is stored e.g. as
spQRPYARPTs6d2iV6eOJQg== and returned without the ending == (spQRPYARPTs6d2iV6eOJQg) thus resulting in
failed authentication error. This is not the case when using tomcat 6 or when accessing the gateway from browser in
Windows.
(base64-encoded rememberme token needs to be URL-encoded).
[JOSSO-99] Bad https-prefixed URLs handling in Apache Httpd Agent
Created: 15/May/09 Updated: 21/Aug/09 Resolved: 08/Jun/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                  Priority:                Critical
Reporter:                Gianluca Brigandi                    Assignee:                Goran Nastov
Resolution:              Fixed                                Votes:                   0


Description

Please see the following URL for the issue detail and contributed patches :
https://sourceforge.net/forum/message.php?msg_id=7212050

The following one might be a better one :

https://sourceforge.net/tracker/?func=detail&aid=2792324&group_id=116854&atid=676234



Comments
Comment by Goran Nastov [ 08/Jun/09 4:36 PM ]
Added support for soap https calls. In order to use SSL for soap calls, use '--enable-openssl' as argument to
configure.
User can also define following optional arguments:

--with-openssl-includes=/path/to/ssl/includes' and '--with-openssl-libs=/path/to/ssl/libs'
--with-openssl=/path/to/ssl/base'
--with-pkg-config='/path/to/pkg-config'


Agent configuration example:

<Directory "/usr/local/apache2/htdocs/partnerapp/protected">
  AuthType JOSSO
  AuthName "MyApacheWeb"
  Require user "user1"
  Require role "role2"
  GatewayLoginUrl "https://localhost:8443/josso/signon/login.do"
  GatewayLogoutUrl "https://localhost:8443/josso/signon/logout.do"
  GatewayEndpoint "localhost" 8443

  GatewayEndpointSSLEnable On #enable SSL
  EnableGatewayAuthentication On #enable gateway authentication (default is Off)

  SSLServerCertFile "/tmp/ssl/server.crt" #certificate for server authentication (only needed when
EnableGatewayAuthentication is On)
  #or
  #SSLServerCertDir "/path/to/certs/dir" #directory with certificates for server authentication (only needed when
EnableGatewayAuthentication is On)
</Directory>
[JOSSO-98] Error in role Apache Httpd Agent Authz Created: 15/May/09                         Updated:
18/Sep/09 Resolved: 25/May/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                               Priority:          Critical
Reporter:                Gianluca Brigandi                 Assignee:          Goran Nastov
Resolution:              Fixed                             Votes:             0


Description

Please see the following URL for the issue detail and contributed patches :
https://sourceforge.net/forum/message.php?msg_id=7212050



Comments
Comment by Vargo [ 18/Sep/09 6:42 AM ]
Thanks for including this/fixing this, guys.
[JOSSO-97] Error updating the JBoss 4.2.x login-config.xml descriptor
Created: 15/May/09 Updated: 21/Aug/09 Resolved: 10/Jun/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:               Critical
Reporter:               Gianluca Brigandi                   Assignee:               Goran Nastov
Resolution:             Fixed                               Votes:                  0


Description
XUpdate is probably trying to validate the target XML document before updating it. In case the DTD/XSD is not found
(e.g. due to a firewall issue), this operation fails. A more optimistic approach should be used, and ignore validation
errors due to DTD/XSD resolution issues.

For more information see :
https://sourceforge.net/forum/forum.php?thread_id=2986796&forum_id=399715
http://montrackinginformatique.blogspot.com/2009/03/true.html#comments




Comments
Comment by Goran Nastov [ 10/Jun/09 9:43 PM ]
If DTD doesn't exist document will be parsed again without trying to load the external DTD file.
Agents should send non cache headers when processing special URLs       (JOSSO-85)



   [JOSSO-96] Send non caching http headers in Java Servlet Agent
Created: 12/May/09 Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                             Priority:        Critical
Reporter:              Sebastian Gonzalez Oyuela            Assignee:        Goran Nastov
Resolution:            Fixed                                Votes:           0
Agents should send non cache headers when processing special URLs   (JOSSO-85)



   [JOSSO-95] Send non caching http headers in Apache Agent Created:
12/May/09 Updated: 22/Dec/09 Resolved: 25/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                    Priority:             Critical
Reporter:              Sebastian Gonzalez Oyuela   Assignee:             Goran Nastov
Resolution:            Fixed                       Votes:                0


Description
This can be done along with JOSSO-93 issue.
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-94] Implement automatic login in PHP agent Created: 12/May/09              Updated:
22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                    Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-93] Implement automatic login in Apache agent Created: 12/May/09
Updated: 22/Dec/09 Resolved: 25/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                          Priority:               Critical
Reporter:              Sebastian Gonzalez Oyuela         Assignee:               Goran Nastov
Resolution:            Fixed                             Votes:                  0


Description
This can be done along with JOSSO-95 issue.

Comments
Comment by Goran Nastov [ 25/May/09 9:24 PM ]
For automatic login of public resources add "Require sso-session-or-anonymous", e.g.:

<Directory "/usr/local/apache2/htdocs/public">
 AuthType JOSSO
 ...
 Require sso-session-or-anonymous
 ...
 ...
</Directory>
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-92] Implement automatic login in ISAPI agent Created: 12/May/09
Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                    Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-91] Implement automatic login in Servlet agent Created: 12/May/09
Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                    Priority:   Critical
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Goran Nastov
Resolution:            Fixed                       Votes:      0
[JOSSO-90] Error installing weblogic agent using Deployment Console
on Windows Created: 07/May/09 Updated: 22/Dec/09 Resolved: 11/Aug/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:                Major
Reporter:               Goran Nastov                        Assignee:                Gianluca Brigandi
Resolution:             Fixed                               Votes:                   0
Environment:            Windows XP


Description
InstaIling weblogic 9.2 agent using Deployment Console in Windows gives the following error:

==================================================
Installing JOSSO Agent JARs from Source
Using JAVA JDK at /jdk1.6.0_11
Generate [WL MBeans] [ERROR] Cannot run program "/jdk1.6.0_11/bin/java": CreateProcess error=3, The system
cannot find the path specified
Overall Installation [ERROR] Cannot generate WL MBeans Descriptors : Cannot run program "/jdk1.6.0_11/bin/java":
CreateProcess error=3, The system cannot find the path specified
==================================================

Calling javaFile.getName().getPath() (in WeblogicInstaller.java) returns "/jdk1.6.0_11/bin/java" instead of
"C:/jdk1.6.0_11/bin/java" (the same applies for every other getName().getPath() call).
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-89] Implement automatic login in Weblogic 10 agent Created:
04/May/09 Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                    Priority:   Critical
Reporter:              Gianluca Brigandi           Assignee:   Goran Nastov
Resolution:            Fixed                       Votes:      0
Implement JOSSO Automatic Login (JOSSO-80)


   [JOSSO-88] Implement automatic login in Weblogic 9 agent Created: 04/May/09
Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task              Priority:   Critical
Reporter:              Gianluca Brigandi     Assignee:   Goran Nastov
Resolution:            Fixed                 Votes:      0
[JOSSO-87] josso-ws build error Created: 04/May/09                      Updated: 20/Jul/10 Resolved: 20/Jul/10
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8.1
Fix Version/s:         None

Type:                  Bug                                 Priority:               Minor
Reporter:              Goran Nastov                        Assignee:               Gianluca Brigandi
Resolution:            Won't Fix                           Votes:                  0
Environment:           Windows XP


Description
When path to josso-ws project contains whitespaces (in Windows), there is a following build error:

[INFO] ------------------------------------------------------------------------
[INFO] Building JOSSO :: Web Services
[INFO] task-segment: [install]
[INFO] ------------------------------------------------------------------------
[INFO] [axistools:wsdl2java {execution: default}]
[INFO] about to add compile source root
[INFO] processing wsdl: D:\Work\josso\workspace\josso 1.8.1\components\josso-ws\src\main\wsdl\josso-
soapbinding-1.1.wsdl
04-May-2009 20:36:17 org.apache.axis.utils.JavaUtils isAttachmentSupported
WARNING: Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart).
Attachment support is disabled.
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] error executing plugin
Embedded error: WSDL2Java execution failed
unknown protocol: d
[INFO] ------------------------------------------------------------------------
[INFO] Trace
org.apache.maven.lifecycle.LifecycleExecutionException: error executing plugin
     at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:583)
     at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:499)
     .......
Caused by: org.codehaus.mojo.axistools.axis.AxisPluginException: WSDL2Java execution failed
     at
org.codehaus.mojo.axistools.wsdl2java.DefaultWSDL2JavaPlugin.execute(DefaultWSDL2JavaPlugin.java:316)
     at org.codehaus.mojo.axistools.WSDL2JavaMojo.execute(WSDL2JavaMojo.java:331)
     ... 18 more
Caused by: org.codehaus.mojo.axistools.axis.AxisPluginException: java.net.MalformedURLException: unknown
protocol: d
     at org.codehaus.mojo.axistools.wsdl2java.WSDL2JavaWrapper.execute(WSDL2JavaWrapper.java:84)
     at
org.codehaus.mojo.axistools.wsdl2java.DefaultWSDL2JavaPlugin.execute(DefaultWSDL2JavaPlugin.java:305)
     ... 19 more
Caused by: java.net.MalformedURLException: unknown protocol: d
     at java.net.URL.<init>(URL.java:574)
     at java.net.URL.<init>(URL.java:464)
     at java.net.URL.<init>(URL.java:413)
     at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:650)
     at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:771)
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
    at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
    at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:225)
    at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:283)
    at org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.java:369)
    at org.apache.axis.utils.XMLUtils.newDocument(XMLUtils.java:420)
    at org.apache.axis.wsdl.symbolTable.SymbolTable.populate(SymbolTable.java:482)
    at org.apache.axis.wsdl.gen.Parser$WSDLRunnable.run(Parser.java:361)
    at java.lang.Thread.run(Thread.java:619)
[JOSSO-86] Building josso-test-tck results in test errors Created: 29/Apr/09                              Updated:
20/Jul/10 Resolved: 20/Jul/10
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.3

Type:                    Bug                             Priority:              Trivial
Reporter:                Dejan Maric                     Assignee:              Gianluca Brigandi
Resolution:              Cannot Reproduce                Votes:                 0
Environment:             windows XP


Description
During the test phase, one or more test cases throw "java.net.ConnectException: Connection refused" when they try
to execute first doGet(...) method in that test. Number of test throwing exception changes from build to build.
[JOSSO-85] Agents should send non cache headers when processing
special URLs Created: 28/Apr/09 Updated: 21/Aug/09 Resolved: 22/Jul/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                        Priority:              Critical
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Dejan Maric
Resolution:            Fixed                              Votes:                 0

Sub-Tasks:             Key               Summary                Type           Status       Assignee
                       JOSSO-95          Send non caching http Sub-task        Closed       Goran Nastov
                                         headers in Apac...
                       JOSSO-96          Send non caching http Sub-task        Closed       Goran Nastov
                                         headers in Java...

Description
Agents must send HTTP headers that prevent browsers from caching responses to special resources like
josso_security_check, etc.
This was already implemented in the ISAPI Agent and should now be ported to java and php agents.

Comments
Comment by Dejan Maric [ 06/May/09 7:16 PM ]
Sending of non cache headers implemented in tomcat 5.0, 5.5 and 6.0. Also tested with jboss 4.0 and 4.2.
Comment by Dejan Maric [ 11/May/09 10:00 AM ]
Sending of non cache headers implemented in weblogic 9.2.
[JOSSO-84] The ISAPI Agent doesn't support properties and roles
containing the underscore character Created: 20/Apr/09 Updated: 22/Dec/09 Resolved: 04/May/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:                Major
Reporter:               Gianluca Brigandi                   Assignee:                Gianluca Brigandi
Resolution:             Fixed                               Votes:                   0


Description
If the underscore character (i.e. '_') is used for naming a server variable name, its value won't be accessible to ASP
pages. Therefore, identifying roles and properties using names containing the underscore character, doesn't allow
their corresponding values to be accessed by JOSSO ASP pages.
[JOSSO-83] The pom.xml generated by the josso gateway archetype
does not include JOSSO repositories definitions Created: 16/Apr/09 Updated: 21/Aug/09
Resolved: 21/Apr/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                              Priority:              Major
Reporter:              Gianluca Brigandi                Assignee:              Dejan Maric
Resolution:            Fixed                            Votes:                 0


Description
For more information, refer to forum thread : https://sourceforge.net/forum/message.php?msg_id=7194552




Comments
Comment by Dejan Maric [ 21/Apr/09 6:26 AM ]
Added josso main and snapshot repositories to generated pom.xml
[JOSSO-82] Support redirecting the user to a user-defined resource
upon SSO session establishment Created: 13/Apr/09 Updated: 21/Aug/09 Resolved: 29/Apr/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   New Feature                         Priority:               Minor
Reporter:               Gianluca Brigandi                   Assignee:               Dejan Maric
Resolution:             Fixed                               Votes:                  0
Environment:            Tomcat 5
                        Tomcat 6
                        Servlet Agent


Description
The user defined resource where the user is redirected to is defined as a "splash resource".

Implement tck for feature




Comments
Comment by Dejan Maric [ 20/Apr/09 10:58 AM ]
Added support for redirecting to user-defined resource (splash resource) after establishing SSO session using
custom form. Support added for tomcat 6 agent.

First, we're checking josso_splash_resource parameter in submited form. If it doesn't exist, we check partner app
configuration for splashResource attribute. If that's missing as well, we're falling back to REFERER header field.
Comment by Gianluca Brigandi [ 20/Apr/09 12:54 PM ]
the splash resource support is transversal to all http-based JOSSO Agents. Having this support implemented within
the valve introduces redundancy since agents have their own platform-specific valve implementation.
Most of the logic for supporting this feature may be factored out from valve classes and introduced within the
org.josso.agent.http.HttpSSOAgent one. This way, introducing this feature in all agents requires less effort and higher
scalability is achieved.
For instance, you may follow the design patterns and conventions for relaying an assertion from the gateway to
agents.


Comment by Dejan Maric [ 29/Apr/09 12:11 PM ]
Code refactored, generation of autosubmit page moved to HttpSSOAgent. Added support for tomcat 5.0, tomcat 5.5
and generic servlet agent. Added tests cases for custom authentication.
[JOSSO-81] Develop tutorial for showing how to migrate from 1.7 to 1.8
Created: 06/Apr/09 Updated: 22/Dec/09 Due: 07/Apr/09 Resolved: 08/Apr/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.1

Type:                   Task                                Priority:          Critical
Reporter:               Gianluca Brigandi                   Assignee:          Dejan Maric
Resolution:             Fixed                               Votes:             0


Description
There are currently no instructions available for showing how to upgrade from a JOSSO 1.7 deployment to a JOSSO
1.8 one.




Comments
Comment by Dejan Maric [ 08/Apr/09 10:14 AM ]
Created migration tutorial http://www.josso.org/confluence/display/JOSSO1/Migrating+from+JOSSO+1.7+to+1.8
[JOSSO-80] Implement JOSSO Automatic Login Created: 26/Mar/09                                 Updated: 22/Dec/09
Resolved: 22/Jul/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8.1

Type:                 New Feature                          Priority:             Critical
Reporter:             Sebastian Gonzalez Oyuela            Assignee:             Sebastian Gonzalez Oyuela
Resolution:           Fixed                                Votes:                0

Sub-Tasks:            Key           Summary                  Type       Status   Assignee
                      JOSSO-88      Implement automatic      Sub-task   Closed Goran Nastov
                                    login in Weblogic...
                      JOSSO-89      Implement automatic      Sub-task   Closed Goran Nastov
                                    login in Weblogic...
                      JOSSO-91      Implement automatic      Sub-task   Closed Goran Nastov
                                    login in Servlet ...
                      JOSSO-92      Implement automatic      Sub-task   Closed Sebastian Gonzalez Oyuela
                                    login in ISAPI agent
                      JOSSO-93      Implement automatic      Sub-task   Closed Goran Nastov
                                    login in Apache a...
                      JOSSO-94      Implement automatic      Sub-task   Closed Sebastian Gonzalez Oyuela
                                    login in PHP agent

Description
TODO : Create subtasks for each agent:

Tomcat/JBoss
Weblogic
Servlet
ISAPI
ASP (Probably not)
PHP
Apache
...
[JOSSO-79] Error building JOSSO Isapi Agent, missing regex artifacts
Created: 24/Mar/09 Updated: 22/Dec/09 Resolved: 25/Mar/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8.1
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                   Priority:             Major
Reporter:               Sebastian Gonzalez Oyuela             Assignee:             Gianluca Brigandi
Resolution:             Fixed                                 Votes:                0


Description
fatal error C1083: Cannot open include file: 'regex.h': No such file or directory
JOSSO ActiveX fails when sso session token is used      (JOSSO-76)



   [JOSSO-78] Test JOSSO 1.8 User properties access, using LDAP Created:
06/Mar/09 Updated: 31/Mar/09 Resolved: 31/Mar/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                           Priority:              Critical
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Alejandro Jadzinsky
Resolution:            Fixed                              Votes:                 0


Description
A user is reporting that getuserproperties also fails when using LDAP and JOSSO 1.8. We have to test the 1.8
distribution as is (not 1.8.1) and see if we can reproduce the error.
[JOSSO-77] JOSSO ActiveX isUserInRole fails to load roles list Created:
05/Mar/09 Updated: 12/May/09 Resolved: 12/May/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:                Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:                Alejandro Jadzinsky
Resolution:             Won't Fix                           Votes:                   0


Description
The isUserInRole function is retrieving the roles list using username instead of sso session id.
[JOSSO-76] JOSSO ActiveX fails when sso session token is used Created:
05/Mar/09 Updated: 12/May/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                              Priority:             Critical
Reporter:              Sebastian Gonzalez Oyuela        Assignee:             Alejandro Jadzinsky
Resolution:            Won't Fix                        Votes:                0
Environment:           W2003 Virtual Server

Sub-Tasks:             Key             Summary              Type        Status     Assignee
                       JOSSO-78        Test JOSSO 1.8 User Sub-task     Closed     Alejandro Jadzinsky
                                       properties access...

Description
Some operations using ssoSessionToken retrieved from ASP HTTP Cookie fail due to 80020009 VB Script error.

Verify isUserInRole and getUserProperties operations.
[JOSSO-75] Set sessionTokenOnClient = true by default in web
configuration Created: 04/Mar/09 Updated: 22/Dec/09 Resolved: 10/Apr/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Dejan Maric
Resolution:            Fixed                              Votes:                 0


Comments
Comment by Dejan Maric [ 09/Apr/09 11:17 AM ]
sessionTokenOnClient is true by default in josso-gateway-web.xml. Does it have to be true in ntlm\josso-gateway-
web.xml?
Comment by Dejan Maric [ 10/Apr/09 4:53 AM ]
sessionTokenOnClient set to true in josso-gateway-web.xml file in ntlm folder and in gateway archetype
[JOSSO-74] JOSSO Catalina-based Agents deadlock Created: 02/Mar/09                            Updated:
20/Jul/10 Resolved: 03/Mar/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.7
Fix Version/s:          JOSSO 1.7.1

Type:                   Bug                               Priority:           Major
Reporter:               Gianluca Brigandi                 Assignee:           Eugenia Rocha
Resolution:             Fixed                             Votes:              0

Attachments:                issue-[JOSSO-74]_1_7_0.diff

Description
See forum thread : https://sourceforge.net/forum/message.php?msg_id=6550272

Non-thread safe access to Map instance holding session cache is made from Agent Valve.

Use thread-safe map implementation :

Map _sessionMap = Collections.synchronizedMap(new HashMap());
[JOSSO-73] JEE Agent fails with multiple commons logging Created: 23/Feb/09
Updated: 21/Aug/09 Resolved: 21/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                    Priority:             Major
Reporter:              Gianluca Brigandi              Assignee:             Unassigned
Resolution:            Fixed                          Votes:                0


Description

See: https://sourceforge.net/forum/forum.php?thread_id=3025435&forum_id=399715
[JOSSO-72] Honor SSO session when hitting public resource on a
different host/domain Created: 13/Feb/09 Updated: 22/Dec/09 Resolved: 12/May/09
Status:                   Closed
Project:                  JOSSO
Component/s:              None
Affects Version/s:        JOSSO 1.7
Fix Version/s:            JOSSO 1.8.1

Type:                     Improvement                     Priority:       Major
Reporter:                 Gianluca Brigandi               Assignee:       Sebastian Gonzalez Oyuela
Resolution:               Fixed                           Votes:          0
Environment:              PHP
                          Tomcat

Attachments:                 JOSSO_issue.doc

Description
When a public resource is accessed on a different server than the one
that originally triggered the SSO process, JOSSO must redirect the user
to the Gateway in order to obtain the SSO session token used to provide
a security context (e.g. authenticated user name) to the SSO-enabled
application.
This is supported in the 1.8 release

This feature must be brought back to the 1.7.1 release.



Comments
Comment by Sebastian Gonzalez Oyuela [ 12/May/09 12:15 PM ]
Automatic login feature
[JOSSO-71] Support embedding partner application using an IFRAME
Created: 13/Feb/09 Updated: 22/Dec/09 Resolved: 12/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.7
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                           Priority:          Major
Reporter:              Gianluca Brigandi                     Assignee:          Sebastian Gonzalez Oyuela
Resolution:            Fixed                                 Votes:             0
Environment:           PHP
                       Tomcat

Attachments:               JOSSO_issue.doc

Description
Partner application-local cookies must be
included by the browser in every authenticated HTTP request. When a partner application page is included using an
IFRAME, cookies are
not sent by some browsers such as IE. See :
http://viralpatel.net/blogs/2008/12/how-to-set-third-party-cookies-with-iframe.html

Therefore if the JOSSO token Cookie is not sent by the browser, the
Agent won't receive the SSO session token thus the user will appear as
unauthenticated (e.g. Guest).

This support was added in the 1.8.1 snapshot release. JOSSO now sets
P3P ('compact privacy policy') http headers allowing the sso session
cookie to reach IFRAME sources.

This features should be brought back to the 1.7.1 release.
[JOSSO-70] Multiple Security Domains SLO failing Created: 13/Feb/09                                     Updated:
21/Aug/09 Resolved: 08/Apr/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                    Priority:             Major
Reporter:                Andrew Crowe                           Assignee:             Christian Birge
Resolution:              Fixed                                  Votes:                0
Environment:             JBoss 4.x
                         Apache 2.2.x
                         Multiple security domains

Attachments:                logs.zip

Description
   We have JOSSO 1.8 installed, and I thought it was all working ok.
However, I have noticed that if you log in and then leave the session
for a while, then it does not log you out.

The josso gateway is running on 'ogsysdev.vpn.opengroup.org', and the
applications are on 'aogeadev.vpn.opengroup.org' or
'janus.vpn.opengroup.org'.

The following is the link that we go to to log out of a jboss
application on 'aogeadev.vpn.opengroup.org'.

https://ogsysdev.vpn.opengroup.org/josso/signon/logout.do?josso_partnerapp_host=aogeadev.vpn.opengroup.org&jo
sso_back_to=http://aogeadev.vpn.opengroup.org

If I log in and then out straight away then it logs out of both domains
fine. If however the session is left for a while, then the log outs do
not work for either of the domains.

This is using a custom login URL, i'm not sure if that makes a
difference? On an application on a different domain, it works fine, but
that domain is using the default gateway log in url, not a custom one.
The one that works also only has one domain in the matcher, the one that
is not logging out correctly has two.

Comments
Comment by Gianluca Brigandi [ 13/Feb/09 10:16 AM ]
- loginok.log - This is the log from logging in, and logging out straight away (works fine)
- loginnotok.log - This is the same as above, but leaving for a while between logging in and out (does not log out)
- logoutokonly.log - This is just the log from pressing the 'log out' button when logging out straight away (works fine)
- logoutnotokonly.log - This is the same as above, but leaving a while between logging in and out (does not log out)
Comment by Gianluca Brigandi [ 27/Feb/09 6:32 PM ]
The JOSSO Gateway relies upon the web session in order to hold critical state information, such as the JOSSO
session identifier for the user requesting a logout. If the web session becomes stale (e.g. due to no activity), such
attributes won't be accessible anymore.

Try increasing the timeout by editing jbossweb-tomcat55.sar/conf/web.xml descriptor and change the session timeout
to two hours :
 <session-config>
   <session-timeout>120</session-timeout>
 </session-config>

If this solves the issue you can apply this change to the josso application only by setting this value in its web.xml
descriptor.

In this case this doesn't solve your issue, rollback the previous chances and configure the gateway in order that state
information is held within the user agent through http cookies. This can be achieved by editing the josso-gateway-
web.xml descriptor and setting the "sessionTokenOnClient" attribute value from "false" to "true". The descriptor
should look as follows :

...
<web-configuration id="josso-web-configuraiton"
             rememberMeEnabled="true"
             sessionTokenOnClient="true"
             sessionTokenSecure="false"
             />
...
[JOSSO-69] Nusoap is not compatible with PHP 5 soap stack Created: 04/Feb/09
Updated: 21/Aug/09 Resolved: 04/Feb/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                              Priority:               Major
Reporter:               Sebastian Gonzalez Oyuela        Assignee:               Christian Birge
Resolution:             Fixed                            Votes:                  0


Comments
Comment by Christian Birge [ 04/Feb/09 11:02 AM ]
Was probed in php version 5.2.6-5. with the soap support enabled and disabled.
Add JBoss Portal support (JOSSO-54)


 [JOSSO-68] Publish required libraries that are not found in JBoss
Maven repositories Created: 03/Feb/09 Updated: 22/Dec/09 Resolved: 03/Feb/09
Status:                   Closed
Project:                  JOSSO
Component/s:              None
Affects Version/s:        JOSSO 1.8.1
Fix Version/s:            JOSSO 1.8.1

Type:                     Sub-task                                Priority:   Major
Reporter:                 Sebastian Gonzalez Oyuela               Assignee:   Sebastian Gonzalez Oyuela
Resolution:               Fixed                                   Votes:      0


Description
1. <portal-folder>/jboss-portal.sar/lib folder, portal-identity-lib.jar

 <groupId>org.jboss.portal.identity</groupId>
 <artifactId>identity-identity</artifactId>
 <version>1.1.0-SNAPSHOT</version>

Comments
Comment by Sebastian Gonzalez Oyuela [ 03/Feb/09 2:18 PM ]
Library dependency can be included as follows:

     <dependency>
       <groupId>org.jboss-portal</groupId>
       <artifactId>portal-identity-lib</artifactId>
       <version>2.7.1.GA</version>
     </dependency>
[JOSSO-67] JOSSO .tar.gz distribution does not include php agent zip
file Created: 03/Feb/09 Updated: 21/Aug/09 Resolved: 09/Apr/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                              Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:              Dejan Maric
Resolution:            Cannot Reproduce                 Votes:                 0


Comments
Comment by Dejan Maric [ 09/Apr/09 8:45 AM ]
In 1.8.1 branch, josso-1.8.1-SNAPSHOT.tar.gz distribution contains file josso-php-agent-1.8.1-SNAPSHOT.zip
located in dist/agents/src.
[JOSSO-66] Support JOSSO Upgrade from Deployment Console Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 17/May/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                     Priority:             Critical
Reporter:              Sebastian Gonzalez Oyuela       Assignee:             Goran Nastov
Resolution:            Fixed                           Votes:                0


Description
When deploying JOSSO 1.8.1 Components, the console must be able to remove 1.8.0 artifacts when present.
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-65] Support Microsoft P3P HTTP Header in ISAPI Agent Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 04/Feb/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                           Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0


Comments
Comment by Sebastian Gonzalez Oyuela [ 04/Feb/09 10:16 AM ]
This can be done by adding a custom HTTP header to the Virtual Directory configuration in IIS
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-64] Support Microsoft P3P HTTP Header in Apache Agent
Created: 02/Feb/09 Updated: 22/Dec/09 Resolved: 04/Feb/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.1

Type:                   Sub-task                            Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:   Gianluca Brigandi
Resolution:             Fixed                               Votes:      0


Comments
Comment by Sebastian Gonzalez Oyuela [ 04/Feb/09 10:17 AM ]
Use some apache mod to add custom headers to response
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-63] Support Microsoft P3P HTTP Header in ASP Agent Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 04/Feb/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                           Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0


Comments
Comment by Sebastian Gonzalez Oyuela [ 04/Feb/09 10:17 AM ]
This can be done by adding a custom HTTP header in the Virtual Directory configuration of IIS
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-62] Support Microsoft P3P HTTP Header in PHP Agent Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 02/Feb/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.1

Type:                   Sub-task                        Priority:              Major
Reporter:               Sebastian Gonzalez Oyuela       Assignee:              Sebastian Gonzalez Oyuela
Resolution:             Fixed                           Votes:                 0


Description
set the header , something like:

header('P3P:CP="CAO PSA OUR"');

or maybe ?

header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

Comments
Comment by Sebastian Gonzalez Oyuela [ 02/Feb/09 5:04 PM ]
New PHP Agent configuration parameter : josso_p3pHeaderValue. It can be configured in josso-cfg.inc
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-61] Support Microsoft P3P HTTP Header in Java Agents Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 02/Feb/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                        Priority:      Major
Reporter:              Sebastian Gonzalez Oyuela       Assignee:      Sebastian Gonzalez Oyuela
Resolution:            Fixed                           Votes:         0
Support P3P HTTP header for IE 6+ security compatibility (JOSSO-59)


   [JOSSO-60] Support Microsoft P3P HTTP Header in Gateway Created:
02/Feb/09 Updated: 22/Dec/09 Resolved: 02/Feb/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8.1

Type:                  Sub-task                         Priority:     Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:     Sebastian Gonzalez Oyuela
Resolution:            Fixed                            Votes:        0


Comments
Comment by Sebastian Gonzalez Oyuela [ 02/Feb/09 2:47 PM ]
See new properties in Web configuration
[JOSSO-59] Support P3P HTTP header for IE 6+ security compatibility
Created: 02/Feb/09 Updated: 21/Aug/09 Resolved: 04/Feb/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Improvement                         Priority:            Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:            Gianluca Brigandi
Resolution:             Fixed                               Votes:               0

Sub-Tasks:              Key           Summary                 Type      Status   Assignee
                        JOSSO-60      Support Microsoft P3P Sub-task    Closed Sebastian Gonzalez Oyuela
                                      HTTP Header in ...
                        JOSSO-61      Support Microsoft P3P Sub-task    Closed Sebastian Gonzalez Oyuela
                                      HTTP Header in ...
                        JOSSO-62      Support Microsoft P3P Sub-task    Closed Sebastian Gonzalez Oyuela
                                      HTTP Header in ...
                        JOSSO-63      Support Microsoft P3P Sub-task    Closed Sebastian Gonzalez Oyuela
                                      HTTP Header in ...
                        JOSSO-64      Support Microsoft P3P Sub-task    Closed Gianluca Brigandi
                                      HTTP Header in ...
                        JOSSO-65      Support Microsoft P3P Sub-task    Closed Sebastian Gonzalez Oyuela
                                      HTTP Header in ...

Description
The user should be able enable P3P Header. If no header value is provided, JOSSO will assume the following default
value, including the quotes ("):

CP="CAO PSA OUR"
[JOSSO-58] Support JOSSO and non-JOSSO applications in Tomcat
Created: 28/Jan/09 Updated: 21/Aug/09 Resolved: 14/Apr/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Improvement                         Priority:           Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:           Alejandro Jadzinsky
Resolution:             Fixed                               Votes:              0


Description
This is already supported in JBoss.



Comments
Comment by Sebastian Gonzalez Oyuela [ 13/Apr/09 11:34 AM ]
A user provided a workaround for this:

https://sourceforge.net/forum/message.php?msg_id=7047196

Test this solution and update JOSSO documentation about jossifying partner applications in Tomcat. Add a section
about jossified and non-jossified application coexistentce.
[JOSSO-57] Relay credential name should be configurable Created: 19/Jan/09
Updated: 19/Aug/09 Resolved: 19/Aug/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Improvement                        Priority:              Trivial
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Won't Fix                          Votes:                 0


Description
The relay credential name can differ from the attribute name used in the persistence scheme. Verify best mappings
for LDAP and RDBMS
[JOSSO-56] Support Spring Configuration for base64Key in
RememberMeAuthScheme Created: 16/Jan/09 Updated: 21/Aug/09 Resolved: 19/Aug/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8.1

Type:                Improvement                 Priority:      Minor
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Sebastian Gonzalez Oyuela
Resolution:          Won't Fix                   Votes:         0
[JOSSO-55] DB Stores configuration does not work Created: 15/Jan/09                                   Updated:
21/Aug/09 Resolved: 20/Jan/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8.1

Type:                  Bug                                 Priority:               Major
Reporter:              Sebastian Gonzalez Oyuela           Assignee:               Alejandro Jadzinsky
Resolution:            Fixed                               Votes:                  0


Description
* There are semicolons that must be removed and some column aliases are missing.
* The josso-gateway-config.xml file does not include the josso-gateway-stores.xml file but the josso-gateway-
memory-stores.xml
[JOSSO-54] Add JBoss Portal support Created: 13/Jan/09                                 Updated: 21/Aug/09 Resolved:
09/Apr/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   New Feature                              Priority:              Major
Reporter:               Gianluca Brigandi                        Assignee:              Dejan Maric
Resolution:             Fixed                                    Votes:                 0
Environment:            Jboss Portal 2.7

Attachments:               error.txt
Sub-Tasks:              Key            Summary                     Type       Status    Assignee
                        JOSSO-68       Publish required            Sub-task   Closed Sebastian Gonzalez Oyuela
                                       libraries that are n...

Description
Currently the supported version of JOSSO is 1.5.

The source code for the integration lives here:
http://anonsvn.jboss.org/repos/portal/modules/identity/trunk/

Here are some other source code locations that would be of help to you:

JBoss Portal 2.7 Branch:
http://anonsvn.jboss.org/repos/portal/branches/JBoss_Portal_Branch_2_7/

These are the core products that consume the Identity module with its
respective SSO integrations.

Comments
Comment by Gianluca Brigandi [ 16/Jan/09 9:51 AM ]
Work within the 1.8.1 branch : https://josso.svn.sourceforge.net/svnroot/josso/branches/JOSSO_1_8_1_B/josso

The just created agents/josso-jbportal27-agent module should be used for holding the agent codebase.


Comment by Dejan Maric [ 17/Jan/09 5:54 PM ]
Am I missing something big or the JBoss Portal identity integration for JOSSO was never able to work?

Inspecting JOSSOIdentityStore brought me to loadUser(UserKey userKey) method which never contacts identity
service, but simply
returns BaseUser object with username from userKey and empty password.
Login with some username and empty password doesn't work because
UsernamePasswordAuthScheme.authenticate() doesn't support empty username/password.

I've checked JOSSOIdentityStore from their trunk and from portal-identity-sso-lib.jar file supplied with JBoss Portal
(versions 2.6.2, 2.6.7 and 2.7.0).
Comment by Gianluca Brigandi [ 17/Jan/09 6:57 PM ]
The JOSSO Identity Store for JB Portal is a BindableCredentialStore which means that it should work only when used
from BindUsernamePasswordAuthScheme and not a UsernamePasswordAuthScheme.
Since the an indentiy store working in "bind mode" JOSSO delegates the authentication concern to the corresponding
store - which in this case is realized by the JBoss portal identity service (see JOSSOIdentityStore bind() method) - the
password credential is not required and thus a null-valued one should be ok.

This is a similar mechanism implemented for Ldap authentication.




Comment by Dejan Maric [ 22/Jan/09 7:27 PM ]
JOSSO 1.8.1 and JBoss Portal 2.7 are clashing on same JBOSS AS (4.2.3GA). I've successfully deployed gateway
and agent on JBOSS AS (tested it with partnerapp).
I've also successfully deployed Portal on JBoss AS. However, when trying to start JBOSS AS with both josso
gateway/agent and portal deployed I receive error from the attachment.
It looks to me like a library issue.
Comment by Gianluca Brigandi [ 23/Jan/09 5:08 AM ]
Looks like a classloader issue with Apache's commons-logging.JOSSO gateway is probably seeing two
org.apache.commons.logging.LogFactory classes that were loaded different classloaders . Since the classloader is
part of the class signature they are considered different classes.

Try to leave just one commons logging implementation JAR in the JBoss instance.




Comment by Gianluca Brigandi [ 08/Apr/09 9:43 AM ]
set issue as resolved in case completed
Comment by Dejan Maric [ 09/Apr/09 8:08 AM ]
Added JBoss Portal support. Code is available in agents/josso-jbportal27-agent
[JOSSO-53] TCK failure when building with Weblogic Created: 12/Jan/09                                     Updated:
21/Aug/09 Resolved: 22/Jun/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Bug                                 Priority:               Minor
Reporter:               Sebastian Gonzalez Oyuela           Assignee:               Goran Nastov
Resolution:             Cannot Reproduce                    Votes:                  0


Description
2009-01-12 22:47:28,589 [52942745@qtp0-0] ERROR log - /josso/signon/login.do
java.lang.NoSuchMethodError:
javax.servlet.jsp.tagext.TagAttributeInfo.<init>(Ljava/lang/String;ZLjava/lang/String;ZZLjava/lang/String;ZZLjava/lang/
String;Ljava/lang/String;)V
     at org.apache.jasper.compiler.TagLibraryInfoImpl.createAttribute(TagLibraryInfoImpl.java:737)
     at org.apache.jasper.compiler.TagLibraryInfoImpl.createTagInfo(TagLibraryInfoImpl.java:517)
     at org.apache.jasper.compiler.TagLibraryInfoImpl.parseTLD(TagLibraryInfoImpl.java:369)
     at org.apache.jasper.compiler.TagLibraryInfoImpl.<init>(TagLibraryInfoImpl.java:269)
     at org.apache.jasper.compiler.Parser.parseTaglibDirective(Parser.java:498)
     at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:578)
     at org.apache.jasper.compiler.Parser.parseElements(Parser.java:1642)
     at org.apache.jasper.compiler.Parser.parse(Parser.java:181)
     at org.apache.jasper.compiler.ParserController.doParse(ParserController.java:239)
     at org.apache.jasper.compiler.ParserController.parse(ParserController.java:140)
     at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:199)
     at org.apache.jasper.compiler.Compiler.compile(Compiler.java:435)
     at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:608)
     at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:360)
     at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:486)
     at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:380)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
     at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
     at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:363)
     at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
     at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
     at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
     at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
     at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:334)
     at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:126)
     at org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1069)
     at org.apache.struts.tiles.TilesRequestProcessor.doForward(TilesRequestProcessor.java:274)
     at org.apache.struts.tiles.TilesRequestProcessor.processTilesDefinition(TilesRequestProcessor.java:254)
     at org.apache.struts.tiles.TilesRequestProcessor.processForwardConfig(TilesRequestProcessor.java:309)
     at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:279)
     at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
     at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
     at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
     at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:363)
     at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
     at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
     at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
     at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:334)
at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:126)
at org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1069)
at org.apache.struts.tiles.TilesRequestProcessor.doForward(TilesRequestProcessor.java:274)
at org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:455)
at org.apache.struts.tiles.TilesRequestProcessor.processForwardConfig(TilesRequestProcessor.java:320)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:279)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1124)
at org.josso.gateway.filter.ProtocolHandlerFilter.doFilter(ProtocolHandlerFilter.java:85)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:361)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:864)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:533)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:207)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
[JOSSO-52] Support building the JOSSO apache agent against pre-built
binary distributions Created: 12/Jan/09 Updated: 22/Dec/09 Resolved: 13/Jan/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                New Feature         Priority:     Major
Reporter:            Gianluca Brigandi   Assignee:     Gianluca Brigandi
Resolution:          Fixed               Votes:        0
Glassfish Support (JOSSO-50)


   [JOSSO-51] Perform Research on adding Glassfish support in JOSSO
Created: 06/Jan/09 Updated: 13/Jan/09 Resolved: 13/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8.1

Type:                   Sub-task                            Priority:       Major
Reporter:               Gianluca Brigandi                   Assignee:       Dejan Maric
Resolution:             Won't Fix                           Votes:          0
Environment:            GlassFish v3 Prelude


Description
What http message interceptor contracts are available (e.g. such as Valves in Catalina) ?
What authentication contracts may be leveraged (e.g. JAAS, JSR 196) ?
What authorization contracts may be leveraged (e.g. JAAS, JACC) ?
Does glassfish include a component model for web authentication (e.g. such as Realms in Catalina) ?
What roadmap would you recommend for implementing a Glassfish agent for JOSSO by fostering reuse as much as
it is possible ?




Comments
Comment by Gianluca Brigandi [ 13/Jan/09 11:44 AM ]
How are you doing with this issue ?
Comment by Gianluca Brigandi [ 13/Jan/09 11:57 AM ]
Switch http://www.josso.org/jira/browse/JOSSO-54
[JOSSO-50] Glassfish Support Created: 06/Jan/09                   Updated: 12/May/09 Resolved: 12/May/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8.1

Type:                Task                             Priority:                 Major
Reporter:            Gianluca Brigandi                Assignee:                 Dejan Maric
Resolution:          Won't Fix                        Votes:                    0
Environment:         GlassFish v3 Prelude

Sub-Tasks:           Key                 Summary               Type             Status        Assignee
                     JOSSO-51            Perform Research on Sub-task           Closed        Dejan Maric
                                         adding Glassfish ...
Support JOSSO Gateway Branding (JOSSO-18)


   [JOSSO-49] Write Branding HOW-TO Created: 05/Jan/09                       Updated: 21/Aug/09 Resolved:
06/Jan/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Sub-task                         Priority:             Major
Reporter:              Gianluca Brigandi                Assignee:             Dejan Maric
Resolution:            Fixed                            Votes:                0


Description
Target wiki page for how-to is : http://www.josso.org/confluence/display/JOSSO1/Branding+JOSSO




Comments
Comment by Dejan Maric [ 06/Jan/09 11:24 AM ]
Created wiki page that explains branding of JOSSO.
[JOSSO-48] Agent install error Created: 04/Jan/09                       Updated: 21/Aug/09 Resolved: 05/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Bug                                 Priority:                 Major
Reporter:               Gianluca Brigandi                   Assignee:                 Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                    0
Environment:            tomcat 6.0.18


Description
When installing the agent the process fails with :

Overall Installation [ERROR] Could not list the contents of
"file:///home/gbrigand/Development/wa/josso/trunk/josso/distributions/josso/target/josso-1.8.0-
SNAPSHOT/dist/agents/src" because it is not a folder.



Comments
Comment by Sebastian Gonzalez Oyuela [ 05/Jan/09 8:13 AM ]
Fixed in trunk after merging
[JOSSO-47] Samples install error Created: 04/Jan/09                         Updated: 21/Aug/09 Resolved: 05/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Bug                                   Priority:                Major
Reporter:               Gianluca Brigandi                     Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                                 Votes:                   0
Environment:            tomcat 6.0.18


Description
The josso installation shell installs jetty samples and a partnerapp file without any extension (its a war actually)

Comments
Comment by Sebastian Gonzalez Oyuela [ 05/Jan/09 8:14 AM ]
Fixed in trunk after merging
[JOSSO-46] Gateway startup error with default descriptors Created: 04/Jan/09
Updated: 21/Aug/09 Resolved: 04/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Bug                                 Priority:           Critical
Reporter:               Gianluca Brigandi                   Assignee:           Gianluca Brigandi
Resolution:             Fixed                               Votes:              0
Environment:            tomcat 6.0.18 - fresh gateway-only install


Description
On catalina startup the following exception if thrown by the gateway :

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'josso-ntlm-authentication'
defined in class path resource [josso-gateway-auth.xml]: Initialization of bean failed; nested exception is
org.springframework.beans.InvalidPropertyException: Invalid property 'vf' of bean class
[org.josso.auth.scheme.NtlmAuthScheme]: No property 'vf' found



Comments
Comment by Gianluca Brigandi [ 04/Jan/09 4:04 PM ]
removed bogus 'vf' property
Update Documentation (JOSSO-9)


   [JOSSO-45] Develop JOSSO Console setup HOW-TO Created: 26/Dec/08          Updated:
22/Dec/09 Resolved: 15/Jan/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Sub-task            Priority:   Major
Reporter:              Gianluca Brigandi   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed               Votes:      0
Update Documentation (JOSSO-9)


   [JOSSO-44] Develop NTLM setup HOW-TO Created: 26/Dec/08                                Updated: 22/Dec/09
Resolved: 12/Jan/09
Status:                    Closed
Project:                   JOSSO
Component/s:               None
Affects Version/s:         None
Fix Version/s:             JOSSO 1.8

Type:                      Sub-task                        Priority:              Major
Reporter:                  Gianluca Brigandi               Assignee:              Alejandro Jadzinsky
Resolution:                Fixed                           Votes:                 0

Attachments:                  NTLM configuration

Comments
Comment by Alejandro Jadzinsky [ 29/Dec/08 4:45 PM ]
verify if this is enough
Comment by Gianluca Brigandi [ 29/Dec/08 5:17 PM ]
a) Basic Authentication with AD should be part of the Ldap configuration how-to and eventually referenced from the
Windows Authentication HOW-TO for verifying that the JOSSO Gateway is able to bind against AD.

b) Windows Authentication (aka ntlm authentication) configuration should be documented in a separate how-to

c) Follow the how-to layout conventions: Introduction, Prerequisites, Infrastructure setup, JOSSO setup, JOSSO
setup testing, Conclusion

d) Describe the supported settings : Firefox/AD, IE/AD, Firefox/Samba (?)

e) Use screenshots where possible (e.g. user credential elicitation popups)

f) Upload wiki page to JOSSO Confluence space.
[JOSSO-43] Multiple Security Domains do not support clustering Created:
23/Dec/08 Updated: 12/May/09 Resolved: 12/May/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.8
Fix Version/s:           JOSSO 1.8.1

Type:                    Bug                                   Priority:                Minor
Reporter:                Sebastian Gonzalez Oyuela             Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Won't Fix                             Votes:                   0


Description
When using multiple security domains, JOSSO keeps track of SSO Tokens and domains in memory. This information
is not propagated throw nodes nor is persisted. The responsible component is SecurityDomainRegistryImpl

Comments
Comment by Gianluca Brigandi [ 23/Dec/08 2:41 PM ]
With session replication this should work (if state is stored in the web session).

In case this is not available, there is support for storing this information on the client side using http cookies.

Comment by Sebastian Gonzalez Oyuela [ 23/Dec/08 2:55 PM ]
When resolving back-channel requests the gateway will not be able to access http state. In the first scenario we could
provide access to session information based on SSO tokens to the security domain registry.
Comment by Gianluca Brigandi [ 23/Dec/08 3:09 PM ]
its can resolve these (core web sso workflow) by mapping within the gateway tier a conveyed unique identifier (e.g.
assertion id) to the SSO Security Context. This is working in Unisys deployment.
[JOSSO-41] Mavenize JOSSO Console Created: 17/Dec/08                          Updated: 22/Dec/09 Resolved:
26/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.7.1
Fix Version/s:         JOSSO 1.8

Type:                  Task                              Priority:              Major
Reporter:              Gianluca Brigandi                 Assignee:              Alejandro Jadzinsky
Resolution:            Fixed                             Votes:                 0


Description
The JOSSO Console module should be placed in a dedicated Maven module under the applications folder.

The latest revision of the JOSSO Console code base can be found here :
http://www.josso.org/fisheye/browse/JOSSO/branches/JOSSO_1_7_1_B/josso/applications/josso_console

JOSSO Console dependencies shall be self-contained in the module's pom.xml descriptor, therefore avoid including
managed dependencies or plugin management definitions in the parent pom.xml.




Comments
Comment by Alejandro Jadzinsky [ 26/Dec/08 8:21 AM ]
mavenaized "as is"
pending upgrade seam to version 2.1
[JOSSO-40] Implement new TCK for multiple security domains Created:
17/Dec/08 Updated: 21/Aug/09 Resolved: 22/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Improvement                      Priority:                Major
Reporter:               Sebastian Gonzalez Oyuela        Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Fixed                            Votes:                   0


Description
A new TCK that tests JOSSO Multiple security domains configuration must be implemented.

1. The test must verify the following use cases:

* login
* logout
* try access protected resource on secondary domain (login should be requested)
* remember me
* password reset

2. The domains configured should be:

* josso-1 and josso-2

3. Configured components must include:

* db identity store (embedding hypersonic in gateway)
* memory session store
* memory assertion store
* basic authentication
[JOSSO-39] ASP Agent must send additional parameters required when
using multiple security domains Created: 15/Dec/08 Updated: 21/Aug/09 Resolved: 19/Jan/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8.1

Type:                Task                        Priority:     Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:     Alejandro Jadzinsky
Resolution:          Fixed                       Votes:        0
[JOSSO-38] JOSSO build broken when trying to build agent binary
distribution Created: 13/Dec/08 Updated: 21/Aug/09 Resolved: 15/Dec/08
Status:                       Closed
Project:                      JOSSO
Component/s:                  None
Affects Version/s:            JOSSO 1.8
Fix Version/s:                JOSSO 1.8

Type:                         Bug                                           Priority:   Critical
Reporter:                     Gianluca Brigandi                             Assignee:   Sebastian Gonzalez Oyuela
Resolution:                   Fixed                                         Votes:      0


Description
The binary distribution for the main profile (default) includes the josso-test-agents which is built with the test profile.

[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed to resolve artifact.

Missing:
----------
1) org.josso:josso-test-agents:jar:1.8.0-SNAPSHOT

 Try downloading the file manually from the project website.

 Then, install it using the command:
    mvn install:install-file -DgroupId=org.josso -DartifactId=josso-test-agents \
      -Dversion=1.8.0-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file
Alternatively, if you host your own repository you can deploy the file there: mvn deploy:deploy-file -
DgroupId=org.josso -DartifactId=josso-test-agents \
      -Dversion=1.8.0-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file \
       -Durl=[url] -DrepositoryId=[id]

 Path to dependency:
    1) org.josso:josso-agents-bin:jar:1.8.0-SNAPSHOT
    2) org.josso:josso-test-agents:jar:1.8.0-SNAPSHOT

----------
1 required artifact is missing.

for artifact:
  org.josso:josso-agents-bin:jar:1.8.0-SNAPSHOT

from the specified remote repositories:
  central (http://repo1.maven.org/maven2),
  josso-m2-repo (http://repository.josso.org),
  java.net (http://download.java.net/maven/1),
  codehaus (http://repository.codehaus.org),
  apach-servicemix (http://svn.apache.org/repos/asf/servicemix/m2-repo),
  apache (http://people.apache.org/repo/m2-ibiblio-rsync-repository),
  josso-m2-snapshot-repo (http://repository.josso.org/m2-snapshot-repository),
  jboss (http://repository.jboss.com/maven2)
[JOSSO-37] Authenticat SSO Agent Requests only for Weblogic Created:
11/Dec/08 Updated: 21/Aug/09 Resolved: 11/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                 Priority:   Minor
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-36] Refactor Weblogic SSO Filters Created: 11/Dec/08                               Updated: 21/Aug/09 Resolved:
19/Aug/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8.1

Type:                   Improvement                         Priority:                Minor
Reporter:               Sebastian Gonzalez Oyuela           Assignee:                Sebastian Gonzalez Oyuela
Resolution:             Won't Fix                           Votes:                   0


Description
After user is authenticated, weblogic will not invoke the SSO Filter that is part of the WL Authenticator any more.
[JOSSO-35] JOSSO Installer must also update container configuration
Created: 11/Dec/08 Updated: 22/Dec/09 Resolved: 15/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                          Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela            Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                                Votes:      0
[JOSSO-34] NullPointerException is thrown when no SSO Entry is found
on agent valves Created: 11/Dec/08 Updated: 21/Aug/09 Resolved: 23/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Bug                               Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela         Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                             Votes:      0


Description
Detect this condition and create a propper warning message.
[JOSSO-33] Package JOSSO ActiveX dll in the distribution Created: 10/Dec/08
Updated: 21/Aug/09 Resolved: 13/Jan/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Task                        Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-32] Use Spring component keeper in JOSSO MS ActiveX Created:
10/Dec/08 Updated: 21/Aug/09 Resolved: 15/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Bug                              Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:              Alejandro Jadzinsky
Resolution:            Fixed                            Votes:                 0


Description
The JOSSO ActiveX is forcing a component keeper implementation that is no longer supported, we need to use the
spring component keeper.

Comments
Comment by Alejandro Jadzinsky [ 15/Dec/08 10:44 AM ]
microsoft agent does not need a ComponentKeeper. It was removed.
[JOSSO-31] change ntlm-authscheme-test using embeded LDAP Created:
05/Dec/08 Updated: 09/Dec/08 Resolved: 09/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         None

Type:                  Bug                             Priority:      Minor
Reporter:              Alejandro Jadzinsky             Assignee:      Alejandro Jadzinsky
Resolution:            Fixed                           Votes:         0


Comments
Comment by Alejandro Jadzinsky [ 09/Dec/08 1:09 PM ]
JOSSO-31: to complicate we have to build our own NTLM protocol mock
[JOSSO-30] Force the '/josso' web context in the gateway Created: 04/Dec/08
Updated: 21/Aug/09 Resolved: 05/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Improvement                         Priority:               Minor
Reporter:               Gianluca Brigandi                   Assignee:               Sebastian Gonzalez Oyuela
Resolution:             Fixed                               Votes:                  0


Comments
Comment by Sebastian Gonzalez Oyuela [ 05/Dec/08 7:36 AM ]
This depends a lot on the target platform and the way the deployment is done because the servlet standard leaves
this up to the container implementors.
If JOSSO Installer is used, the gateway install process will perform the necessary tasks to properly deploy the
gateway in the /josso path. If done manually, deployers will have to follow platform instructions.

* We added JBoss descriptors with propper path configuration
* In Tomcat, there is no way to alter the context path from within the web application, extra configuration must be
done in the container or the war must be renamed.
[JOSSO-29] NTLM Filter should only act if NTLM authentication is
configured. Created: 04/Dec/08 Updated: 21/Aug/09 Resolved: 09/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                     Priority:            Major
Reporter:              Sebastian Gonzalez Oyuela       Assignee:            Alejandro Jadzinsky
Resolution:            Fixed                           Votes:               0


Description
To avoid modifying JOSSO gateway web.xml descriptor for NTLM deployments the JOSSO NTLM servlet filter must
detect if NTLM authentication is configured in the gateway before starting a handshake.

Comments
Comment by Alejandro Jadzinsky [ 09/Dec/08 1:06 PM ]
JOSSO-29:
[JOSSO-28] Problem starting tomcat with gateway Created: 04/Dec/08                                 Updated:
21/Aug/09 Resolved: 23/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Bug                                Priority:              Major
Reporter:              Dejan Maric                        Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0
Environment:           Windows XP SP2, JDK 1.5.0_17, tomcat 5.5.27


Description
Josso-gateway-web-1.8.0-SNAPSHOT.war is manually copied in web apps folder. Configuration files are copied to
bin folder. When trying to run tomcat following error occurs:

SEVERE: IOException parsing XML document from class path resource [josso-gateway-config.xml]; nested
exception is java.io.FileNotFoundException: class path resource [josso-gateway-config.xml] cannot be opened
because it does not exist
org.springframework.beans.factory.BeanDefinitionStoreException: IOException parsing XML document from class
path resource [josso-gateway-config.xml]; nested exception is java.io.FileNotFoundException: class path resource
[josso-gateway-config.xml] cannot be opened because it does not exist
      at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.jav
a:349)
      at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.jav
a:310)
      at
org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitio
nReader.java:143)
      at
org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitio
nReader.java:178)
      at
org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitio
nReader.java:149)
      at
org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitio
nReader.java:212)
      at
org.springframework.context.support.AbstractXmlApplicationContext.loadBeanDefinitions(AbstractXmlApplicationCon
text.java:113)
      at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.loadBeanDefinitions(ClassPathXmlApplicationCon
text.java:180)
      at
org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshabl
eApplicationContext.java:123)
      at
org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContex
t.java:423)
      at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:353)
      at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:161
)
     at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
     at org.josso.spring.SpringComponentKeeperImpl.<init>(SpringComponentKeeperImpl.java:51)
     at
org.josso.spring.SpringComponentKeeperFactoryImpl.newComponentKeeper(SpringComponentKeeperFactoryImpl.j
ava:35)
     at org.josso.Lookup.getComponentKeeper(Lookup.java:181)
     at org.josso.Lookup.lookupSSOGateway(Lookup.java:108)
     at org.josso.gateway.signon.SSOContextListener.contextInitialized(SSOContextListener.java:50)
     at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764)
     at org.apache.catalina.core.StandardContext.start(StandardContext.java:4216)
     at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
     at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
     at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
     at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:927)
     at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:890)
     at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
     at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150)
     at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
     at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
     at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
     at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
     at org.apache.catalina.core.StandardService.start(StandardService.java:448)
     at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
     at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:585)
     at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
     at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: java.io.FileNotFoundException: class path resource [josso-gateway-config.xml] cannot be opened
because it does not exist
     at org.springframework.core.io.ClassPathResource.getInputStream(ClassPathResource.java:142)
     at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.jav
a:336)
      ... 41 more
04.12.2008. 20.29.52 org.apache.struts.util.PropertyMessageResources <init>
INFO: Initializing, config='org.apache.struts.util.LocalStrings', returnNull=true
04.12.2008. 20.29.52 org.apache.struts.util.PropertyMessageResources <init>
INFO: Initializing, config='org.apache.struts.action.ActionResources', returnNull=true
04.12.2008. 20.29.53 org.apache.struts.util.PropertyMessageResources <init>
INFO: Initializing, config='ApplicationResources', returnNull=true
04.12.2008. 20.29.53 org.apache.struts.tiles.TilesPlugin init
INFO: Tiles definition factory loaded for module ''.
04.12.2008. 20.29.54 org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
04.12.2008. 20.29.54 org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
04.12.2008. 20.29.54 org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/47 config=null
04.12.2008. 20.29.54 org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
04.12.2008. 20.29.55 org.apache.catalina.startup.Catalina start
INFO: Server startup in 8265 ms

When configuration files are moved to $CATALINA_HOME/shared/classes folder, tomcat started nicely.
Comments
Comment by Gianluca Brigandi [ 04/Dec/08 4:33 PM ]
the gshell installer is deploying configuration file into $CATALINA_HOME/bin
[JOSSO-27] Fire audit trails for selfservices and assertion events Created:
04/Dec/08 Updated: 10/Dec/08 Resolved: 10/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                      Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela        Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Won't Fix                        Votes:      0


Comments
Comment by Sebastian Gonzalez Oyuela [ 10/Dec/08 5:55 PM ]
This requires a sponsor enhancement or maybe in a future release
[JOSSO-26] Problem with installing josso gateway on windows XP Created:
04/Dec/08 Updated: 22/Dec/09 Resolved: 05/Dec/08
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       JOSSO 1.7.1
Fix Version/s:           JOSSO 1.8

Type:                    Bug                                  Priority:                Major
Reporter:                Dejan Maric                          Assignee:                Sebastian Gonzalez Oyuela
Resolution:              Fixed                                Votes:                   0
Environment:             Windows XP SP2, JDK 1.5.0_17


Description
When trying to install josso gateway on tomcat 5.5 (e.g. in folder c:\foo) using ghell I get a following error:

josso gateway> install -p tc55 -t c:/foo
Deploying Apache Tomcat 5.5.x JOSSO Gateway v.1.8.0-SNAPSHOT
Verify Target Apache Tomcat 5.5.x
  Target lib [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/server/lib
  Target bin [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/bin
  Target conf [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/conf
  Target endorsed lib [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/common/endorsed
  Target JOSSO shared lib [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/common/lib
  Target JOSSO lib [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/server/lib
  Target JOSSO conf [ERROR] folder does not exist or is not a directory:file:///c:/foo/c:/foo/bin
Apache Tomcat 5.5.x JOSSO Gateway v.1.8.0-SNAPSHOT
  Overall Installation [ERROR] Invalid Target Platform
[JOSSO-25] Unable to build jboss agents Created: 03/Dec/08                           Updated: 21/Aug/09 Resolved:
04/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Bug                               Priority:              Major
Reporter:               Dejan Maric                       Assignee:              Gianluca Brigandi
Resolution:             Fixed                             Votes:                 0
Environment:            Windows XP SP2, JDK 1.5.0_17


Description
When building josso project following error occurs:

[INFO] Building JOSSO :: JBoss 3.2 Agent
[INFO] task-segment: [clean, install]
[INFO] ------------------------------------------------------------------------
[INFO] [clean:clean]
[INFO] Deleting directory C:\Source\josso\josso\agents\josso-jboss32-agent\target
[INFO] [xbean:mapping {execution: default}]
[FATAL ERROR] org.apache.xbean.maven.XBeanMojo#execute() caused a linkage error
(java.lang.NoClassDefFoundError) and may
 be out-of-date. Check the realms:
[FATAL ERROR] Plugin realm = app0.child-container[org.apache.xbean:maven-xbean-plugin]
urls[0] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/apache/xbean/maven-xbean-plugin/3.4.3/maven-
xbean-plu
gin-3.4.3.jar
urls[1] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/apache/xbean/xbean-spring/3.4.3/xbean-spring-
3.4.3.ja
r
urls[2] = file:/C:/Documents and Settings/Dejan/.m2/repository/commons-logging/commons-logging/1.0.3/commons-
logging-1.0
.3.jar
urls[3] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/springframework/spring-beans/2.0.5/spring-beans-
2.0.5
.jar
urls[4] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/springframework/spring-core/2.0.5/spring-core-
2.0.5.j
ar
urls[5] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/springframework/spring-context/2.0.5/spring-
context-2
.0.5.jar
urls[6] = file:/C:/Documents and Settings/Dejan/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
urls[7] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/codehaus/plexus/plexus-utils/1.1/plexus-utils-
1.1.jar
urls[8] = file:/C:/Documents and Settings/Dejan/.m2/repository/junit/junit/3.8.1/junit-3.8.1.jar
urls[9] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/codehaus/plexus/plexus-archiver/1.0-alpha-
5/plexus-ar
chiver-1.0-alpha-5.jar
urls[10] = file:/C:/Documents and Settings/Dejan/.m2/repository/org/apache/maven/maven-archiver/2.0/maven-
archiver-2.0.j
ar
urls[11] = file:/C:/Documents and Settings/Dejan/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
urls[12] = file:/C:/Documents and Settings/Dejan/.m2/repository/com/thoughtworks/qdox/qdox/1.6.3/qdox-1.6.3.jar
urls[13] = file:/C:/Documents and Settings/Dejan/.m2/repository/jmock/jmock/1.0.0/jmock-1.0.0.jar
[FATAL ERROR] Container realm = plexus.core
urls[0] = file:/c:/Java/apache-maven-2.0.9/lib/maven-2.0.9-uber.jar
[INFO] ------------------------------------------------------------------------
[ERROR] FATAL ERROR
[INFO] ------------------------------------------------------------------------
[INFO] javax/servlet/http/HttpServletRequest
[INFO] ------------------------------------------------------------------------
[INFO] Trace
java.lang.NoClassDefFoundError: javax/servlet/http/HttpServletRequest
      at java.lang.Class.getDeclaredMethods0(Native Method)
      at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
      at java.lang.Class.privateGetPublicMethods(Class.java:2547)
      at java.lang.Class.privateGetPublicMethods(Class.java:2563)
      at java.lang.Class.getMethods(Class.java:1410)
      at com.thoughtworks.qdox.JavaDocBuilder.createBinaryClass(JavaDocBuilder.java:189)
      at com.thoughtworks.qdox.JavaDocBuilder.getClassByName(JavaDocBuilder.java:119)
      at com.thoughtworks.qdox.model.ClassLibrary.getClassByName(ClassLibrary.java:37)
      at com.thoughtworks.qdox.model.Type.getJavaClass(Type.java:98)
      at com.thoughtworks.qdox.model.JavaClass.getSuperJavaClass(JavaClass.java:86)
      at org.apache.xbean.spring.generator.QdoxMappingLoader.loadElement(QdoxMappingLoader.java:178)
      at org.apache.xbean.spring.generator.QdoxMappingLoader.loadElements(QdoxMappingLoader.java:143)
      at org.apache.xbean.spring.generator.QdoxMappingLoader.loadNamespaces(QdoxMappingLoader.java:101)
      at org.apache.xbean.spring.generator.QdoxMappingLoader.loadNamespaces(QdoxMappingLoader.java:96)
      at org.apache.xbean.maven.XBeanMojo.execute(XBeanMojo.java:185)
      at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:451)
      at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:558)
      at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:49
9)
      at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:478)
      at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.jav
a:330)
      at
org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:291)
      at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:142)
      at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:336)
      at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:129)
      at org.apache.maven.cli.MavenCli.main(MavenCli.java:287)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315)
      at org.codehaus.classworlds.Launcher.launch(Launcher.java:255)
      at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430)
      at org.codehaus.classworlds.Launcher.main(Launcher.java:375)
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 43 seconds
[INFO] Finished at: Wed Dec 03 19:57:16 CET 2008
[INFO] Final Memory: 28M/51M
[INFO] ------------------------------------------------------------------------

Problem also persists for josso-jboss-40-agent and josso-jboss-42-agent.
[JOSSO-24] Implement Identity store test cases for DB and LDAP using
embededd repositories Created: 02/Dec/08 Updated: 22/Dec/09 Resolved: 04/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                         Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela           Assignee:              Alejandro Jadzinsky
Resolution:            Fixed                               Votes:                 0


Comments
Comment by Alejandro Jadzinsky [ 04/Dec/08 2:55 PM ]
DB Stores
1.
Implemented test for DataSourceAssertionStore
2.
Implemented test for JDBCIdentityStore (includes implicit test for IdentityDAO but can be separated if needed)
No implemented test for DataSourceIdentityStore
3.
Implemented test for JdbcSessionStore
No implemented test for DataSourceSessionStore

LDAP Store
Implemented test for LDAPIdentityStore
[JOSSO-23] Implement Extended Identity DB Store Created: 02/Dec/08              Updated:
22/Dec/09 Resolved: 05/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                 Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Alejandro Jadzinsky
Resolution:            Fixed                       Votes:      0
[JOSSO-22] Implement Extended Identity LDAP Store Created: 02/Dec/08                 Updated:
22/Dec/09 Resolved: 05/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                 Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Alejandro Jadzinsky
Resolution:            Fixed                       Votes:      0
[JOSSO-21] Include MS Agent fix provided by community user Created:
02/Dec/08 Updated: 20/Jul/10 Resolved: 12/Dec/08
Status:                         Closed
Project:                        JOSSO
Component/s:                    None
Affects Version/s:              JOSSO 1.7.1
Fix Version/s:                  JOSSO 1.7.1

Type:                           Improvement                 Priority:   Major
Reporter:                       Sebastian Gonzalez Oyuela   Assignee:   Alejandro Jadzinsky
Resolution:                     Fixed                       Votes:      0


Description
I have one problem with Josso which I think I share with many other
people who try to make Josso work from Microsoft ASP.NET. It is from
what I have understand not possible to receive the username from a
logged in user using the JossoActiveX.dll. The problem is also that I
don't know how to recompile the DLL even I have the source code. I
believe that the following code would solve the problem to get the
username from Josso:



/**

      * Finds the username associated to a sso session

      *

      * @param sessionId the sso session identifier

      */

  public String getUserName(String sessionId) {

           try {

       return
getIdentityManager().findUserInSession(sessionId).getName();

           } catch (SSOIdentityException e) {

               return null; // Session has expired ...

           } catch (Exception e) {

               logger.error(e.getMessage(), e);

       throw new RuntimeException(e.getMessage() != null ?
e.getMessage() : e.toString(), e);

           }

  }
Comments
Comment by Sebastian Gonzalez Oyuela [ 10/Dec/08 9:41 AM ]
We should add this new opperation to the java component representing the ActiveX. This must be done in both
versions independently.

Start with JOSSO 1.7.1 first. JOSSO_1_7_1_B because 1.8 is still under work
Support JOSSO Gateway Branding (JOSSO-18)


  [JOSSO-20] Support installing custom Gateway distributions from the
JOSSO GShell Created: 01/Dec/08 Updated: 22/Dec/09 Resolved: 05/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8

Type:                   Sub-task                             Priority:                Major
Reporter:               Gianluca Brigandi                    Assignee:                Dejan Maric
Resolution:             Fixed                                Votes:                   0


Description
The josso gshell only supports deploying the built-in "official" josso gateway from the binary distribution.
Once a custom gateway artifact is generated it should be deployable from the standard josso gshell.

Therefore, support deploying through the josso gshell a custom josso gateway distribution located in the maven
repository.

In order to achieve this implement a Commons VFS provider for supporting Maven-specific urls (e.g.
mvn:groupId/artifactId/version). Then, enhance the gateway deployment gshell command for allowing to install
custom josso gateway distribution artifacts from the maven repository through maven-protocol urls (e.g. mvn:...) .

For supporting the maven protocol for referencing artifacts leverage the OPS4J maven protocol handler. For more
information see :

http://wiki.ops4j.org/confluence/x/CoA6

The OPS4J maven protocol handler should comply to the Commons VFS provider contract leveraged in the josso
gshell as the resource abstraction layer.

For more information about GShell see :

http://geronimo.apache.org/gshell.html




Comments
Comment by Gianluca Brigandi [ 29/Dec/08 1:08 PM ]
Referring to your latest tweet : http://twitter.com/dmaric/status/1080782943

a) Enhance the existing gateway installation gshell command instead of creating a dedicated one, by adding an extra
argument for setting the gateway's artifact location using VFS-style URIs (e.g. mvn: prefixed) .

b) Gateway configuration files shouldn't be copied onto the target execution environment when installing branded
gateway WARs. Therefore, there should be an additional argument for specifying that configuration files shouldn't be
deployed since they're already part of the branded gateway distribution.

c) If the target execution environment where the branded gateway artifact is requested to be installed already
includes the default JOSSO Gateway configuration files, the command shall notify this to the user, backup such files
and remove them so that there are no conflicts due to duplication with external and embedded descriptors.




Comment by Dejan Maric [ 04/Jan/09 8:46 AM ]
- Where should existing configuration files be backed up?
- We still need josso-auth.properties deployed to server, am I right?
Comment by Gianluca Brigandi [ 04/Jan/09 9:10 AM ]
> - Where should existing configuration files be backed up?
On the same directory with the .bkp.($attempt) extension, in the same way its implemented in
org.josso.tooling.gshell.install.installer.VFSInstaller class, backupFile() operation.

>- We still need josso-auth.properties deployed to server, am I right?
Yes, It should be available in the branded gateway WAR like the other descriptors, therefore in case its available
externally, it should be removed and backed up (see (c) bullet) .
Comment by Dejan Maric [ 05/Jan/09 11:58 AM ]
Created maven provider for maven type urls (mvn:group/artifact...).
Enhanced existing install gateway command with 2 arguments, 1st specifying branded gateway location using maven
type url and 2nd specifying if configuration files should be copied.
Support JOSSO Gateway Branding (JOSSO-18)


  [JOSSO-19] Implement Maven Archetype for JOSSO Gateway
distribution Created: 01/Dec/08 Updated: 21/Aug/09 Resolved: 09/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Sub-task                           Priority:              Major
Reporter:               Gianluca Brigandi                  Assignee:              Dejan Maric
Resolution:             Fixed                              Votes:                 0


Description
Implement maven archetype capable of creating a custom JOSSO gateway distributions for enabling users to :

* run custom gateway descriptors for affecting the gateway behavior
* apply UI branding to authentication screens
* change web page layout (i.e. structure)
* update the web page flow

The archetype shall create a maven module based on the josso-gateway-web distribution.

The location of the archetype is :

https://josso.svn.sourceforge.net/svnroot/josso/trunk/josso/tooling/archetypes/josso-archetype-gateway/

The servicemix project archetypes which can be found here
(http://svn.apache.org/repos/asf/servicemix/archetypes/trunk/) may be used as reference implementations for this
archetype.

For more information about maven archetypes refer to :

http://maven.apache.org/guides/mini/guide-creating-archetypes.html

This eBook also covers the subject :

http://www.exist.com/better-build-maven



Comments
Comment by Dejan Maric [ 02/Dec/08 3:00 PM ]
Implemented basic maven archetype for JOSSO Gateway distribution.
Comment by Gianluca Brigandi [ 02/Dec/08 5:04 PM ]
* The archetype-generated distribution module should include default gateway descriptors for allowing customization,
bundling and delivering onto the target container.

* The pom.xml for the archetype-generated module it must not be a child module of the JOSSO maven project,
therefore it should stand on its own. Fix archetype-generated pom.xml . Run third-party archetypes and pay special
attention to the conventions used for generating the pom.xml .

* The pom.xml for the custom gateway distribution is leveraging inherited settings from the JOSSO parent pom, such
as dependency and plugin management properties. Considering that the generated module is first-level, there will be
no settings available for inheriting, thus the module won't build. Fix archetype-generated pom.xml.

* Declare a property in the archetype-generated pom for storing the josso version referenced by dependencies.

* Make sure to include copyright in every JOSSO project artifact (e.g. java, xml, etc.) . For instance, the
archetype.xml descriptor is not including it.

* Test that the custom gateway distribution war is working correctly by deploying it and running an authentication
procedure.
Comment by Dejan Maric [ 09/Dec/08 1:46 PM ]
* Configuration files are inside war file after building project created with archetype. Since war file was manually
copied to webapps folder, josso-auth.properties had to be created in /shared/classes. The plan is to create this file
once gshell is used to deploy the application?

* For now, all files that make archetype are copies of files from distributions/josso module and josso-gateway-web
module. Should it stay this way or should files be copied somehow from those modules during build time?
Comment by Gianluca Brigandi [ 09/Dec/08 3:09 PM ]
Ideally, the archetype should trigger the josso-auth.properties file generation. Since I don't think this is support with
m2 archetypes, we should use a built-in file just as its implemented now. If the user wishes to increase the
deployment security, he'll have to replace manually the archetype-generated josso-auth.properties file with the new
one.

Yes, this works for now as long as the archetype artifacts are kept in sync with the built-in gateway distribution one. In
order to avoid this, the archetype could expand a working gateway configuration set which is shared with the built-in
gateway distribution. In order to implement this we would need - as in the first case - to dynamically augment the
archetype behavior. For now leave it as-is.




Comment by Dejan Maric [ 09/Dec/08 3:34 PM ]
Modified basic maven archetype for JOSSO Gateway distribution:
- included configuration files,
- project is no longer child project,
- added copyright information.
[JOSSO-18] Support JOSSO Gateway Branding Created: 01/Dec/08                                 Updated: 21/Aug/09
Resolved: 13/Jan/09
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    JOSSO 1.8
Fix Version/s:        JOSSO 1.8

Type:                 New Feature                       Priority:              Major
Reporter:             Gianluca Brigandi                 Assignee:              Dejan Maric
Resolution:           Fixed                             Votes:                 0

Sub-Tasks:             Key                Summary                Type         Status         Assignee
                       JOSSO-19           Implement Maven     Sub-task        Closed         Dejan Maric
                                          Archetype for JOSSO
                                          G...
                       JOSSO-20           Support installing    Sub-task      Closed         Dejan Maric
                                          custom Gateway dis...
                       JOSSO-49           Write Branding HOW- Sub-task        Closed         Dejan Maric
                                          TO

Description
Support creating custom JOSSO Gateway distributions capable of being customized, built and deployed onto the
target container.
[JOSSO-17] Agent cookie does not set a path when partner application
is deployed in the root context Created: 26/Nov/08 Updated: 21/Aug/09 Resolved: 26/Nov/08
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   JOSSO 1.8
Fix Version/s:       JOSSO 1.8

Type:                Bug                         Priority:      Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:      Gianluca Brigandi
Resolution:          Fixed                       Votes:         0
[JOSSO-16] Deployment of .tar.gz artifacts produces an error when
downloading dependencies Created: 26/Nov/08 Updated: 04/Sep/09 Resolved: 04/Sep/09
Status:                  Closed
Project:                 JOSSO
Component/s:             None
Affects Version/s:       None
Fix Version/s:           None

Type:                    Bug                               Priority:             Minor
Reporter:                Sebastian Gonzalez Oyuela         Assignee:             Sebastian Gonzalez Oyuela
Resolution:              Won't Fix                         Votes:                0


Description
.zip dependencies work just fine, this is the error:

Downloading: http://repository.josso.org/m2-snapshot-repository/org/josso/josso-php-agent/1.8.0-SNAPSHOT/josso-
php-agent-1.8.0-20081126.110437-1.tar.gz
201K downloaded
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed to resolve artifact.

Error transferring file
 org.josso:josso-php-agent:tar.gz:1.8.0-20081126.110437-1

from the specified remote repositories:
  central (http://repo1.maven.org/maven2),
  josso-m2-repo (http://repository.josso.org),
  java.net (http://download.java.net/maven/1),
  codehaus (http://repository.codehaus.org),
  apach-servicemix (http://svn.apache.org/repos/asf/servicemix/m2-repo),
  apache (http://people.apache.org/repo/m2-ibiblio-rsync-repository),
  josso-m2-snapshot-repo (http://repository.josso.org/m2-snapshot-repository),
  jboss (http://repository.jboss.com/maven2)
Path to dependency:
      1) org.josso:josso:pom:1.8.0-SNAPSHOT
      2) org.josso:josso-php-agent:tar.gz:1.8.0-SNAPSHOT



Caused by I/O exception: Not in GZIP format
[JOSSO-15] Support JOSSO and non-JOSSO secured applications Created:
20/Nov/08 Updated: 21/Aug/09 Resolved: 10/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Improvement                        Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0


Description
Already working for JBoss 4.2.

Comments
Comment by Sebastian Gonzalez Oyuela [ 10/Dec/08 6:18 PM ]
Tested only for JBoss. The JOSSO Realm will automatically delegate authentication and role resolution operations to
parent realm when the jaas security domain is not 'josso'
[JOSSO-14] DB Stores do not close preapared statements Created: 20/Nov/08
Updated: 21/Aug/09 Resolved: 04/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      JOSSO 1.8
Fix Version/s:          JOSSO 1.8

Type:                   Bug                                  Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela            Assignee:   Alejandro Jadzinsky
Resolution:             Fixed                                Votes:      0


Description
Close statements on 'finally' caluse to avoid leaks on errors.
[JOSSO-13] ClassCastException when accessiong SSOUser from java
partner appliacation Created: 18/Nov/08 Updated: 21/Aug/09 Resolved: 26/Nov/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Bug                                Priority:              Major
Reporter:              Sebastian Gonzalez Oyuela          Assignee:              Sebastian Gonzalez Oyuela
Resolution:            Fixed                              Votes:                 0
Environment:           Tomcat 6.0.x


Comments
Comment by Sebastian Gonzalez Oyuela [ 26/Nov/08 6:35 AM ]
Some JOSSO jars were included in the partner application producing this error. Partner applications do not need any
JOSSO Jars , it is a 'provided' dependency.
[JOSSO-12] Upgrade JOSSO spring-security support to spring 2.x Created:
29/Oct/08 Updated: 21/Aug/09 Resolved: 23/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Bug                         Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
Migrate Gateway to Spring/XBean (JOSSO-4)


   [JOSSO-11] Test JOSSO Mbeans using Spring IoC Created: 28/Oct/08              Updated:
22/Dec/09 Resolved: 04/Dec/08
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     JOSSO 1.8
Fix Version/s:         JOSSO 1.8

Type:                  Sub-task                    Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-10] Release JOSSO 1.8 Created: 24/Oct/08              Updated: 22/Dec/09 Resolved: 13/Jan/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                Task                        Priority:                Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:                Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:                   0
[JOSSO-9] Update Documentation Created: 24/Oct/08                   Updated: 22/Dec/09 Resolved: 15/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8

Type:                   Task                           Priority:             Major
Reporter:               Sebastian Gonzalez Oyuela      Assignee:             Sebastian Gonzalez Oyuela
Resolution:             Fixed                          Votes:                0

Sub-Tasks:               Key          Summary            Type       Status   Assignee
                         JOSSO-44     Develop NTLM setup Sub-task   Closed Alejandro Jadzinsky
                                      HOW-TO
                         JOSSO-45     Develop JOSSO      Sub-task   Closed Sebastian Gonzalez Oyuela
                                      Console setup HOW-
                                      TO

Description
* Installing
Per platform / component guide!

* Quick Start

* JOSSO Console / Seam

* Configuring
General, LDAP, DB, STRONG, Monitoring , Auditing , Remember Me, Password Reset, Security Domain, NTLM

* Reference

* Branding

* Building (for developers)

* Upgrading from JOSSO 1.7

* Integrate JOSSO Training material
Some diagrams and slides
[JOSSO-8] Test Distribution Created: 24/Oct/08       Updated: 22/Dec/09 Resolved: 13/Jan/09
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                Task                        Priority:              Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:              Gianluca Brigandi
Resolution:          Fixed                       Votes:                 0
[JOSSO-7] Generate binary and source distribution Created: 24/Oct/08           Updated:
22/Dec/09 Resolved: 13/Jan/09
Status:                Closed
Project:               JOSSO
Component/s:           None
Affects Version/s:     None
Fix Version/s:         JOSSO 1.8

Type:                  Task                        Priority:   Major
Reporter:              Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:            Fixed                       Votes:      0
[JOSSO-6] Implement GShell for JOSSO Created: 24/Oct/08      Updated: 22/Dec/09 Resolved:
18/Nov/08
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                New Feature                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-5] Decouple at the build system level gateway plugins from its
core Created: 24/Oct/08 Updated: 28/Oct/08 Resolved: 28/Oct/08
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                New Feature                 Priority:   Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:   Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:      0
[JOSSO-4] Migrate Gateway to Spring/XBean Created: 24/Oct/08                      Updated: 22/Dec/09
Resolved: 18/Nov/08
Status:               Closed
Project:              JOSSO
Component/s:          None
Affects Version/s:    None
Fix Version/s:        JOSSO 1.8

Type:                 New Feature                    Priority:            Major
Reporter:             Sebastian Gonzalez Oyuela      Assignee:            Sebastian Gonzalez Oyuela
Resolution:           Fixed                          Votes:               0

Sub-Tasks:            Key           Summary            Type      Status   Assignee
                      JOSSO-11      Test JOSSO Mbeans Sub-task   Closed Sebastian Gonzalez Oyuela
                                    using Spring IoC
[JOSSO-3] Complete Maven upgrade Created: 24/Oct/08          Updated: 22/Dec/09 Resolved: 18/Nov/08
Status:              Closed
Project:             JOSSO
Component/s:         None
Affects Version/s:   None
Fix Version/s:       JOSSO 1.8

Type:                New Feature                 Priority:       Major
Reporter:            Sebastian Gonzalez Oyuela   Assignee:       Sebastian Gonzalez Oyuela
Resolution:          Fixed                       Votes:          0
[JOSSO-2] ProtocolHandlerFilter is not removing NTLM session attribute
Created: 24/Oct/08 Updated: 22/Dec/09 Resolved: 02/Dec/08
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8

Type:                   Bug                                 Priority:            Major
Reporter:               Sebastian Gonzalez Oyuela           Assignee:            Alejandro Jadzinsky
Resolution:             Fixed                               Votes:               0


Description
Provide a mechanism to clean this attribute without coupling frontchannel with NTLM
[JOSSO-1] Modify documentation references to changed code Created:
23/Oct/08 Updated: 22/Dec/09 Resolved: 13/Jan/09
Status:                 Closed
Project:                JOSSO
Component/s:            None
Affects Version/s:      None
Fix Version/s:          JOSSO 1.8

Type:                   Task                            Priority:   Major
Reporter:               Sebastian Gonzalez Oyuela       Assignee:   Sebastian Gonzalez Oyuela
Resolution:             Fixed                           Votes:      0


Description
The class was refactored and moved to a new package :

SpringSSOAuditManager
SpringJMXSSOEventManagerImpl
Generated at Wed Dec 12 08:43:09 CST 2012 using JIRA 4.1.2#531.

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:91
posted:12/17/2012
language:English
pages:525