Can't authentication with WSO2 IS on webapp

Question

I'm trying to create authentication mechanism on WSO2 IS and I have a trouble as following : - I implemented to remote_user as the below link and the result is OK. I can login and access WSO API from console

https://svn.wso2.org/repos/wso2/people/asela/user-mgt/remote-user-api/4.2.X/

But When I tried on webpage , I can't authenticate to WSO IS. the following is my code for this :

public void init() throws AxisFault{
        userName = HDConstants.USER_NAME;
        password = HDConstants.PASSWORD;
        backEndServerURL = HDConstants.SERVER_URL;

    setKeyStore();
    configCtx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null, null);
}

public void setKeyStore() {
    System.setProperty("javax.net.ssl.trustStore", HDConstants.TRUST_STORE_PATH);
    System.setProperty("javax.net.ssl.trustStorePassword", HDConstants.TRUST_STORE_PASSWORD);
    System.setProperty("javax.net.ssl.trustStoreType", HDConstants.TRUST_STORE_TYPE);
}

public boolean authenticateUser(String userName, String password) throws Exception {
    String serviceURL = null;
    ServiceClient client = null;
    Options option = null;
    boolean isAuthenticated = false;
    AuthenticationAdminStub authStub = null;

    serviceURL = backEndServerURL + "AuthenticationAdmin";
    authStub = new AuthenticationAdminStub(configCtx, serviceURL);
    client = authStub._getServiceClient();
    option = client.getOptions();
    option.setManageSession(true);
    option.setProperty(org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING, authCookie);
    isAuthenticated = authStub.login(userName, password, HDConstants.APP_ID);
    authCookie = (String) authStub._getServiceClient().getServiceContext()
            .getProperty(HTTPConstants.COOKIE_STRING);
    System.out.println(" Auth Cookie ==== " + authCookie);
    return isAuthenticated;
}
`

and the in the controller I used below code to call authenticate method:

AuthenticationServiceClient authenticationServiceClient = new AuthenticationServiceClient();
           authenticationServiceClient.init();
           authenticationServiceClient.authenticateUser("admin", "admin");

But the result is not good. The system inform that :

at org.apache.axis2.deployment.AxisConfigBuilder.processTransportSenders(AxisConfigBuilder.java:688)
at org.apache.axis2.deployment.AxisConfigBuilder.populateConfig(AxisConfigBuilder.java:124)
at org.apache.axis2.deployment.DeploymentEngine.populateAxisConfiguration(DeploymentEngine.java:887)
at org.apache.axis2.deployment.FileSystemConfigurator.getAxisConfiguration(FileSystemConfigurator.java:116)
at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:64)
at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromFileSystem(ConfigurationContextFactory.java:210)
at com.home.hduser.wsois.AuthenticationServiceClient.init(AuthenticationServiceClient.java:29)

I don't know why I can authenticate on console but can't on webapp

and the full trace error attached in the file below : https://drive.google.com/open?id=0B9zEqmu0HBunSlp3X0dpWC1YU0E

I appreciate your help in this case. Thanks

as a work around deploy the webapp in WSO2 AS 5.3.0, remove this jar first: tomcat-annotations-api-7.0.59.jar tomcat-api-7.0.59.jar tomcat-catalina-7.0.59.jar tomcat-catalina-ha-7.0.59.jar tomcat-jdbc-7.0.47.jar tomcat-juli-7.0.59.jar tomcat-tribes-7.0.59.jar tomcat-util-7.0.59.jar — Jorge Infante Osorio, Aug 22 '16 at 17:47
I don't understand what y mentioned above. Currently, I am working around WSO2 IS 5.1.0. — user2659694, Aug 22 '16 at 17:54
WSO2 IS 5.1.0, it's not for app deployment, it's for security services. I deployed the app that you created inside WSO2 Application Server, change the IP/port in SERVER_URL pointing to my WSO2 IS 5.1.0. After that I removed the jars and I can authenticate in the "WSO2 IS" using the webapp. — Jorge Infante Osorio, Aug 23 '16 at 14:21

Jorge Infante Osorio · Accepted Answer · 2016-08-23T17:44:23.080

Just change this dependency in pom.xml file, set provided scope:

     <dependency>
        <groupId>org.wso2.carbon.identity</groupId>
        <artifactId>org.wso2.carbon.um.ws.api</artifactId>
        <version>${carbon.identity.version}</version>
         <scope>provided</scope>
    </dependency>

To remove the tomcat dependencies:

[INFO] +- org.wso2.carbon.identity:org.wso2.carbon.um.ws.api:jar:4.5.4:provided
[INFO] |  +- org.wso2.carbon:org.wso2.carbon.user.core:jar:4.4.1:provided
[INFO] |  |  +- org.wso2.carbon:javax.cache.wso2:jar:4.4.1:provided
[INFO] |  |  |  \- org.apache.geronimo.specs:geronimo-jta_1.1_spec:jar:1.1:provided
[INFO] |  |  +- commons-dbcp.wso2:commons-dbcp:jar:1.4.0.wso2v1:provided
[INFO] |  |  +- org.apache.tomcat.wso2:jdbc-pool:jar:7.0.34.wso2v2:provided
[INFO] |  |  |  \- org.apache.tomcat:tomcat-jdbc:jar:7.0.47:provided
[INFO] |  |  \- commons-collections.wso2:commons-collections:jar:3.2.0.wso2v1:provided
[INFO] |  +- org.wso2.carbon.identity:org.wso2.carbon.user.mgt.common:jar:4.5.4:provided
[INFO] |  +- org.wso2.carbon:org.wso2.carbon.core:jar:4.4.1:provided
[INFO] |  |  +- org.wso2.orbit.com.hazelcast:hazelcast:jar:3.5.0.wso2v1:provided
[INFO] |  |  |  \- com.hazelcast:hazelcast-all:jar:3.5:provided
[INFO] |  |  |     +- com.eclipsesource.minimal-json:minimal-json:jar:0.9.2:provided
[INFO] |  |  |     \- org.freemarker:freemarker:jar:2.3.22:provided
[INFO] |  |  +- org.eclipse.equinox:org.eclipse.equinox.http.helper:jar:1.1.0.wso2v1:provided
[INFO] |  |  \- org.apache.tomcat:tomcat-catalina-ha:jar:7.0.59:provided
[INFO] |  |     +- org.apache.tomcat:tomcat-juli:jar:7.0.59:provided
[INFO] |  |     +- org.apache.tomcat:tomcat-tribes:jar:7.0.59:provided
[INFO] |  |     +- org.apache.tomcat:tomcat-catalina:jar:7.0.59:provided
[INFO] |  |     |  +- org.apache.tomcat:tomcat-annotations-api:jar:7.0.59:provided
[INFO] |  |     |  \- org.apache.tomcat:tomcat-api:jar:7.0.59:provided
[INFO] |  |     \- org.apache.tomcat:tomcat-util:jar:7.0.59:provided
[INFO] |  +- org.wso2.carbon:org.wso2.carbon.authenticator.proxy:jar:4.4.1:provided
[INFO] |  |  \- org.wso2.carbon:org.wso2.carbon.core.common:jar:4.4.1:provided
[INFO] |  +- org.wso2.carbon:org.wso2.carbon.registry.core:jar:4.4.1:provided
[INFO] |  |  +- commons-io.wso2:commons-io:jar:2.0.0.wso2v2:provided
[INFO] |  |  +- net.sourceforge.findbugs:annotations:jar:1.3.2:provided
[INFO] |  |  +- org.wso2.carbon:org.wso2.carbon.registry.xboot:jar:4.4.1:provided
[INFO] |  |  +- org.compass-project.wso2:compass:jar:2.0.1.wso2v2:provided
[INFO] |  |  +- org.apache.abdera.wso2:abdera:jar:1.0.0.wso2v3:provided
[INFO] |  |  +- org.apache.poi.wso2:poi-scratchpad:jar:3.9.0.wso2v1:provided
[INFO] |  |  |  \- org.apache.poi:poi-scratchpad:jar:3.9:provided
[INFO] |  |  |     \- org.apache.poi:poi:jar:3.9:provided
[INFO] |  |  \- commons-pool.wso2:commons-pool:jar:1.5.6.wso2v1:provided
[INFO] |  |     \- commons-pool:commons-pool:jar:1.5.6:provided
[INFO] |  \- org.wso2.carbon.identity:org.wso2.carbon.um.ws.api.stub:jar:4.5.4:provided

EDIT: I had to set IS_HOME path absolute.

EDIT 2: To use relative path:

This method return the path to the wso2carbon.jks file:

public String setKeyStorePath(){
    String path = System.getProperty("carbon.home") + File.separator +
            "repository" + File.separator + "resources" +
            File.separator + "security" +
            File.separator + "wso2carbon.jks";
    System.out.println("wso2carbon.jks path: " + path);
    return path;
}

Modify the setKeyStore to use setKeyStorePath()

public void setKeyStore() {
    System.setProperty("javax.net.ssl.trustStore", setKeyStorePath());
    System.setProperty("javax.net.ssl.trustStorePassword", HDConstants.TRUST_STORE_PASSWORD);
    System.setProperty("javax.net.ssl.trustStoreType", HDConstants.TRUST_STORE_TYPE);
}

Thanks Jorge, But Currently I have a trouble relating to authentication. the exception is "java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)" while I set trustStore, trustStorePassword as above code: — user2659694, Aug 23 '16 at 17:11
if the problem is related to the trust anchor it´s for the relative path in public static final String IS_HOME = ".." + File.separator + ".." + File.separator; — Jorge Infante Osorio, Aug 23 '16 at 17:15
I tried to get the TRUST_STORE_PATH from resource folder of project with the below code but the result is the same. ClassLoader classLoader = getClass().getClassLoader(); File file = new File(classLoader.getResource("wso2carbon.jks").getFile()); System.setProperty("javax.net.ssl.trustStore", file.getAbsolutePath()); — user2659694, Aug 23 '16 at 17:17
no, I set the path absolute to try and it work. the problem now is with the relative path. — Jorge Infante Osorio, Aug 23 '16 at 17:21
please check my second update. it work now with relative path :-D — Jorge Infante Osorio, Aug 23 '16 at 17:45
Hi Jorge, After login successfully, I tried to get userInformation from storageManager with below code : UserRealm realm = WSRealmBuilder.createWSRealm(serviceURL, authCookie, configCtx); UserStoreManager storeManager = realm.getUserStoreManager(); But I had exception : java.lang.NoClassDefFoundError: org/wso2/carbon/user/core/UserStoreException Could y please help me in this case ? — user2659694, Aug 24 '16 at 09:29
I also post my issue on the below link : http://stackoverflow.com/questions/39120408/cant-get-user-information-after-login-successfully-in-wso2-identity-server — user2659694, Aug 24 '16 at 10:13

score 0 · Answer 2 · edited May 23 '17 at 10:29

0

I assume you're deploying your webapp in IS itself. I can see a lot of jars are packed in your war file. Most of them are already available in IS server.

Above error can happen due to dependency conflicts. See this for more information.

To get rid of the error, you can try setting <scope>provided</scope> to dependencies which are already available in the server.

edited May 23 '17 at 10:29

Community

1
1

answered Aug 22 '16 at 08:02

Bee

12,251
11
46
73

oh, I'm trying to building a gate way to help accessing from our client ---> my Gate --> IS . Supposing that when Our client use login function. We will call login method in my Gate and then it will redirect to authenticate function on IS. I tried to add provided in my pom file but the result is the same before. – user2659694 Aug 22 '16 at 08:15
Could y please provide for me the right repository for wso2 is or edit pom file from my project ? – user2659694 Aug 22 '16 at 08:34
`wso2-nexus` repo you have in pom is correct. To find which versions of jars IS has, you can look at `/repository/components/plugins/` directory. – Bee Aug 22 '16 at 08:50
I see what y mentioned. I wonder that our code is incorrect or wso2 version in m y pom is incorrect so it caused error which I mentioned above. – user2659694 Aug 22 '16 at 08:52
what is `my gate`? tomcat? – Bee Aug 22 '16 at 09:01
So, you get above error in tomcat/jetty? In that case, try setting `provided` in dependencies which are already available in tomcat/jetty. Ideally what we need is to get rid of all duplicate jars. – Bee Aug 22 '16 at 13:44
oh I'm trying to do on Jetty now. I also add in dependencies as your suggestions but the result is the same. what do you think about my code ? maybe it has any problems ? – user2659694 Aug 22 '16 at 16:38
I don't think it's due to a code issue. There's a high chance that it's due to a jar that's bundled to your war file. I googled a bit and found there're 100s of issues reported about `java.lang.IncompatibleClassChangeError on jetty`. Go through them carefully. I believe you'll find a solution. – Bee Aug 22 '16 at 17:34

Can't authentication with WSO2 IS on webapp

2 Answers2