Authorization failed

X-Application Version: 4.1.1
Tamino Version : 4.1.1.1
Platform : Win2k
WebContainer : Tamocat 4.1.1,
JDK Version : 1.4.1

Hello!

I have installed the X-Application, the build has succeded and i can access the generator.
The authorisation in Tamino is enabled and set to “tamino”. I have set up a user “admin” and a group “ino:admin” and added the user “admin”.
Within the X-Application configuration i set the user to “admin”.
When i generate a Application, the Tomcat console said Authorisation failed.
What can i do?

Christian, the X-Application Guru is out of office, so let’s see if I can help … I need some additional information.

Where exactly does the generator fail? After you press the generate button? Could you post the error message?

Can you start example applications if Tamino security is enabled?

Michael

Software AG Germany, Darmstadt

Hello Michael!

The generator fail, when i click the generate button. The following text becomes visible:

Processing status

Processing command: Generate
-------------------------------
generating

And nothing happends. The Tomcat console shows the following exception:

Wrapped exception
java.io.IOException: reading schema dokumente dokumentenSchema failed: NestedExc
eption:Retry after invoke failed.
NestedException:Authorization failed. Invalid userId and password!

I can’t start example applications, like “Simple - Hello”.

Sorry for the delay, I was out of office yesterday.

You said you’ve configured X-Application to use user “admin”. Where did you configure this? xapplication.conf does not contain a user configuration … Or do you refer to one of the xapplication.xml files?

Could you please try to add user and password attributes to xapplication/examples/jsp/simple/xapplication.xml:









Can you run the simple examples now?

Regarding the generator. There are
TAMINO_USERNAME
and
TAMINO_PASSWORD
parameter in xapplication/generator/WEB-INF/web.xml. Did you already adjust them?



By the way: can you access your database using Tamino Xplorer?

Michael

Software AG Germany, Darmstadt

Hello Michael.

The combination of unsername and password matches, when login the Tamino XPlorer.

When i want to build a XApplication, i can setup a username and a password within the part “Configuration” at the generator. There i can also set the Tamino URL and the collection.
At the part “Generate” i setup the schema-name, the doctype and the Application-directory name.
When i click the button generate, the Tomcat console shows the following exception:

Wrapped exception
java.io.IOException: reading schema dokumente dokumentenSchema failed: NestedExc
eption:Retry after invoke failed.
NestedException:Authorization failed. Invalid userId and password!

This exception i also get, when configure xapplication/generator/WEB-INF/web.xml.

In the file xapplication/examples/jsp/simple/xapplication.xml i change the line
to with the right password.
But when start the simple-example “Hello” i get:

HTTP Status 500 -
---------------------------------------------------
type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException: internal error

Ok, I understand.

That a bug. I checked the source code of the generator – username/password are not used properly …

As a work-around you could try the following:
1) first try to get the example applications up and running as described in my
previous post. If that doesn’t work there’s a more serious problem …
2) generate your application for a database without authentication.
3) edit this application’s xapplication.xml file to point to your
authenticated database. Supply username/password as you did for the
example applications.

Please let me know if this work-around works for you.
Unfortunatly, I can’t make any promises when this problem will be
fixed. I checked the source code an there is no simple solution …

Michael

Software AG Germany, Darmstadt

Hello Michael!

1)I modified the file xapplication/examples/jsp/simple/xapplication.xml and i added a user with the password. If authorization is disabled the examples work, otherwise they fail.

2)The generator works faultless if authorization is disabled. I can generate an application and start it.

3)I modified the application’s xapplication.xml file by adding the user “admin” with the password. When switching to authentication “tamino” the application failed:

Error message: internal error
Help message:
Exception id: 999
Exception Type: ApplicationException
Stacktrace:

XException: id = 999
Wrapped exception
java.io.IOException: reading schema dokumente dokumentenSchema failed: NestedException:Retry after invoke failed.
NestedException:Authorization failed. Invalid userId and password!

Marcel

Hello Marcel,

if we didn’t miss a flaw in your configuration, that means authorization is broken through xapplication, not only in the generator. That would be a serious bug! Unfortunatly, I don’t know enough about authorization to be sure about this.

How important is it for you to see this problem fixed? Christian is out of office for another week, could you life with this delay? The alternative is to ask the big guys here if I can delay the other work I’m currently involved to dig into your problem.

Michael

Software AG Germany, Darmstadt

Hello Michael,

it is not so important for me. I want to build an own jsp-Application with the tag-library an i hope that authorisation works in this case. But thanks for your help.

Marcel

Hello,

I had a look at your problem, but did not find its reason. My propose for analyzing the problem is


  • to run Tamino and your X-Application with authorization.

  • to trace the HTTP transfer between X-Application and Tamino:

    How to trace this communication is described within the first Topic of the X-Application Assistance Forum.

    http://tamino.forums.softwareag.com/viewtopic.php?p=13475

  • to post the trace protocol and the xapplication.xml file:

    Comparing the trace and data configuration file, we can check if X-Application sends the correct userid password combination to Tamino.


Remark: Don’t use a userid / password combination you want to use afterwards. Instead, create a temporary user you can delete after protocolling the HTTP transfer.

When you post protocol and zip file, please zip the two files because you can only attach one file to a forum’s post.

Many thanks.

Bye,
Christian.