Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-25187

Fix OpenID module authentication

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 9.10, 10.1, 10.2-SNAPSHOT
    • Fix Version/s: 9.10-HF27, 10.10
    • Component/s: OAuth, Open Id

      Description

      Prepare a working configuration 8.10-HF30 OpenID as a login mechanism.
      check you have set nuxeo.oauth.auth.create.user=true and login with an unknown user
      This works in 8.10 but fails in 9.10 up to HF10, in 10.1 and in master.

      The 3 last versions will fail when an unknown login happens and gets created with the exception (see attached server.log)

      DirectorySecurityException:User null does not have Write permission
      ... (BaseSession.java:149) or (BaseSession.java:143) depending on version
      
      nuxeo.bind.address=...
      nuxeo.url=https://openid101.nuxeo.com/nuxeo
      nuxeo.server.https.port=443
      nuxeo.server.https.keystoreFile=...
      nuxeo.server.https.keystorePass=...
      
      nuxeo.openid.google.client.id=...
      nuxeo.openid.google.client.secret=...
      nuxeo.oauth.auth.create.user=true
      
      nuxeo.templates=default,openid
      

      Suggestion:
      In class `UserResolver`

      userDoc = userManager.createUser(userDoc);
      

      ==>

      userDoc = Framework.doPrivileged(() -> userManager.createUser(userDoc));
      

      Attaching server.log gotten in master

        Attachments

        1. server.log
          20 kB
          Patrick Abgrall

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 10 minutes
                  2h 10m