Foren
Cannot log-in to Liferay
Ben Brown, geändert vor 13 Jahren.
Cannot log-in to Liferay
Junior Member Beiträge: 79 Beitrittsdatum: 07.07.10 Neueste Beiträge
Hi,
We have Liferay 6.0.5 installed and it was running fine until I tried AD/NTLM integration.
Now the portal starts, but noone can log in.
I get a blacnk screen in the browser and the following error. Any ideas? Also is there a way to disable the AD/NTLM integration via a property in a settings file?
Thanks for any help and advice,
Ben
We have Liferay 6.0.5 installed and it was running fine until I tried AD/NTLM integration.
Now the portal starts, but noone can log in.
I get a blacnk screen in the browser and the following error. Any ideas? Also is there a way to disable the AD/NTLM integration via a property in a settings file?
[#|2010-10-11T15:22:27.831+0000|INFO|glassfish3.0.1|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=31;_ThreadName=http-thread-pool-80-(1);|15:22:27,830 ERROR [NtlmFilter:136] java.lang.StringIndexOutOfBoundsException: String index out of range: -1
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1937)
at com.liferay.portal.security.ntlm.NtlmServiceAccount.setAccount(NtlmServiceAccount.java:49)
at com.liferay.portal.security.ntlm.NtlmServiceAccount.<init>(NtlmServiceAccount.java:25)
at com.liferay.portal.security.ntlm.NtlmManager.setConfiguration(NtlmManager.java:123)
at com.liferay.portal.security.ntlm.NtlmManager.<init>(NtlmManager.java:43)
at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.getNtlmManager(NtlmFilter.java:115)
at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.processFilter(NtlmFilter.java:162)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.sso.cas.CASFilter.processFilter(CASFilter.java:176)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:179)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:184)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.threadlocal.ThreadLocalFilter.processFilter(ThreadLocalFilter.java:35)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
|#]
</init></init>
Thanks for any help and advice,
Ben
Ben Brown, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 79 Beitrittsdatum: 07.07.10 Neueste Beiträge
Anyone know where to look to disable the AD authentication in settings files?
Thanks
Ben
Thanks
Ben
Martin Lungershausen, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
New Member Beiträge: 11 Beitrittsdatum: 11.08.09 Neueste Beiträge
Put this in your portal-ext.properties under /ROOT/WEB-INF/classes I think this should work.
ldap.auth.enabled=false
ldap.auth.required=false
ntlm.auth.enabled=false
Beside this I have the same problem wih 6.0.5 and MS AD. Did you solve the problem?
ldap.auth.enabled=false
ldap.auth.required=false
ntlm.auth.enabled=false
Beside this I have the same problem wih 6.0.5 and MS AD. Did you solve the problem?
Ben Brown, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 79 Beitrittsdatum: 07.07.10 Neueste Beiträge
Thanks for the reply - tried that with no luck - so as it was a test system, just started again
Cameron McBride, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Expert Beiträge: 269 Beitrittsdatum: 08.02.11 Neueste Beiträge
I'm having this same problem on the latest 6.0.5 version. I checked that NTLM enable box and am dead in the water. If anyone knows where in the database (mysql) the flag for NTLM is I could turn it back off.
Purba Chowdhury, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 25 Beitrittsdatum: 04.06.10 Neueste Beiträge
You can also change in portal.properties file making
ntlm.auth.enabled=false
This should work,if its not working from front end.
ntlm.auth.enabled=false
This should work,if its not working from front end.
raghu N M, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 27 Beitrittsdatum: 27.07.10 Neueste Beiträge
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.
Michael Wall, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 60 Beitrittsdatum: 22.07.10 Neueste Beiträgeraghu N M:
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
<preference><name>ntlm.auth.enabled</name>
<value>false</value></preference>
Shut down LR, update this value from true to false then start LR.
I'd recommend backing up the DB before attempting this just in case.
Hitoshi Ozawa, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Liferay Legend Beiträge: 7942 Beitrittsdatum: 24.03.10 Neueste BeiträgeIn the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?
##
## Default Admin
##
#
# Set the default admin password.
#
default.admin.password=test
#
# Set the default admin screen name prefix.
#
default.admin.screen.name=test
#
# Set the default admin email address prefix.
#
default.admin.email.address.prefix=test
#
# Set the default admin first name.
#
default.admin.first.name=Test
#
# Set the default admin middle name.
#
default.admin.middle.name=
#
# Set the default admin last name.
#
default.admin.last.name=Test
Michael Wall, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 60 Beitrittsdatum: 22.07.10 Neueste BeiträgeHitoshi Ozawa:
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?
So is releasing software that locks users out so easily without an easy way to recover.
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Hitoshi Ozawa, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Liferay Legend Beiträge: 7942 Beitrittsdatum: 24.03.10 Neueste BeiträgeCan you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related.
Michael Wall, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 60 Beitrittsdatum: 22.07.10 Neueste BeiträgeHitoshi Ozawa:
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related.
I'd hardly think switching a true to false is dangerous if you know what you're doing and don't break the xml formatting / structure. As it is he can't get into the system.
I had to do something similar when I enabled LDAP for ADS for CE 6.0.4 in the GUI and the login process ended up going into an infinite loop.
I'd focus more on fixing the underlying issue than criticising the hack.
Hitoshi Ozawa, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Liferay Legend Beiträge: 7942 Beitrittsdatum: 24.03.10 Neueste BeiträgeI'd focus more on fixing the underlying issue than criticising the hack.
Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation.
Michael Wall, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Junior Member Beiträge: 60 Beitrittsdatum: 22.07.10 Neueste BeiträgeHitoshi Ozawa:
I'd focus more on fixing the underlying issue than criticising the hack.
Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation.
No problem, I should have prefaced it as a hack.
Hitoshi Ozawa, geändert vor 13 Jahren.
RE: Cannot log-in to Liferay
Liferay Legend Beiträge: 7942 Beitrittsdatum: 24.03.10 Neueste BeiträgeYou can also change in portal.properties file making.
ntlm.auth.enabled=false
This should work,if its not working from front end.
This won't work because values in the database (from GUI) take precedence over values from the portal-ext.properties file.