Fórum

  1. Início
  2. Portal
  3. Cannot log-in to Liferay

Cannot log-in to Liferay

thumbnail
Ben Brown, modificado 13 Anos atrás.

Cannot log-in to Liferay

Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Hi,

We have Liferay 6.0.5 installed and it was running fine until I tried AD/NTLM integration.

Now the portal starts, but noone can log in.

I get a blacnk screen in the browser and the following error. Any ideas? Also is there a way to disable the AD/NTLM integration via a property in a settings file?

[#|2010-10-11T15:22:27.831+0000|INFO|glassfish3.0.1|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=31;_ThreadName=http-thread-pool-80-(1);|15:22:27,830 ERROR [NtlmFilter:136] java.lang.StringIndexOutOfBoundsException: String index out of range: -1
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
        at java.lang.String.substring(String.java:1937)
        at com.liferay.portal.security.ntlm.NtlmServiceAccount.setAccount(NtlmServiceAccount.java:49)
        at com.liferay.portal.security.ntlm.NtlmServiceAccount.<init>(NtlmServiceAccount.java:25)
        at com.liferay.portal.security.ntlm.NtlmManager.setConfiguration(NtlmManager.java:123)
        at com.liferay.portal.security.ntlm.NtlmManager.<init>(NtlmManager.java:43)
        at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.getNtlmManager(NtlmFilter.java:115)
        at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.processFilter(NtlmFilter.java:162)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.servlet.filters.sso.cas.CASFilter.processFilter(CASFilter.java:176)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:179)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:184)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
        at com.liferay.portal.servlet.filters.threadlocal.ThreadLocalFilter.processFilter(ThreadLocalFilter.java:35)
        at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
        at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
        at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
        at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
        at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
        at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
        at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
        at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
        at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
        at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
        at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
        at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
        at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
        at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
        at java.lang.Thread.run(Thread.java:619)
|#]
</init></init>


Thanks for any help and advice,

Ben
thumbnail
Ben Brown, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Anyone know where to look to disable the AD authentication in settings files?

Thanks

Ben
thumbnail
Martin Lungershausen, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

New Member Postagens: 11 Data de Entrada: 11/08/09 Postagens Recentes
Put this in your portal-ext.properties under /ROOT/WEB-INF/classes I think this should work.

ldap.auth.enabled=false
ldap.auth.required=false
ntlm.auth.enabled=false

Beside this I have the same problem wih 6.0.5 and MS AD. Did you solve the problem?
thumbnail
Ben Brown, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Thanks for the reply - tried that with no luck - so as it was a test system, just started again emoticon
thumbnail
Cameron McBride, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Expert Postagens: 269 Data de Entrada: 08/02/11 Postagens Recentes
I'm having this same problem on the latest 6.0.5 version. I checked that NTLM enable box and am dead in the water. If anyone knows where in the database (mysql) the flag for NTLM is I could turn it back off.
Purba Chowdhury, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 25 Data de Entrada: 04/06/10 Postagens Recentes
You can also change in portal.properties file making
ntlm.auth.enabled=false
This should work,if its not working from front end.
raghu N M, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 27 Data de Entrada: 27/07/10 Postagens Recentes
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.
thumbnail
Michael Wall, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens Recentes
raghu N M:
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.


In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled

<preference><name>ntlm.auth.enabled</name>
<value>false</value></preference>

Shut down LR, update this value from true to false then start LR.

I'd recommend backing up the DB before attempting this just in case.
thumbnail
Hitoshi Ozawa, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens Recentes
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled


Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?


##
## Default Admin
##

#
# Set the default admin password.
#
default.admin.password=test

#
# Set the default admin screen name prefix.
#
default.admin.screen.name=test

#
# Set the default admin email address prefix.
#
default.admin.email.address.prefix=test

#
# Set the default admin first name.
#
default.admin.first.name=Test

#
# Set the default admin middle name.
#
default.admin.middle.name=

#
# Set the default admin last name.
#
default.admin.last.name=Test
thumbnail
Michael Wall, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens Recentes
Hitoshi Ozawa:
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled


Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?



So is releasing software that locks users out so easily without an easy way to recover.

Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
thumbnail
Hitoshi Ozawa, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens Recentes
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?


Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related. emoticon
thumbnail
Michael Wall, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens Recentes
Hitoshi Ozawa:
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?


Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related. emoticon


I'd hardly think switching a true to false is dangerous if you know what you're doing and don't break the xml formatting / structure. As it is he can't get into the system.

I had to do something similar when I enabled LDAP for ADS for CE 6.0.4 in the GUI and the login process ended up going into an infinite loop.

I'd focus more on fixing the underlying issue than criticising the hack.
thumbnail
Hitoshi Ozawa, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens Recentes
I'd focus more on fixing the underlying issue than criticising the hack.


Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation. emoticon
thumbnail
Michael Wall, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens Recentes
Hitoshi Ozawa:
I'd focus more on fixing the underlying issue than criticising the hack.


Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation. emoticon


No problem, I should have prefaced it as a hack.
thumbnail
Hitoshi Ozawa, modificado 13 Anos atrás.

RE: Cannot log-in to Liferay

Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens Recentes
You can also change in portal.properties file making
ntlm.auth.enabled=false
This should work,if its not working from front end.
.

This won't work because values in the database (from GUI) take precedence over values from the portal-ext.properties file.