Fórum
Cannot log-in to Liferay
Ben Brown, modificado 13 Anos atrás.
Cannot log-in to Liferay
Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Hi,
We have Liferay 6.0.5 installed and it was running fine until I tried AD/NTLM integration.
Now the portal starts, but noone can log in.
I get a blacnk screen in the browser and the following error. Any ideas? Also is there a way to disable the AD/NTLM integration via a property in a settings file?
Thanks for any help and advice,
Ben
We have Liferay 6.0.5 installed and it was running fine until I tried AD/NTLM integration.
Now the portal starts, but noone can log in.
I get a blacnk screen in the browser and the following error. Any ideas? Also is there a way to disable the AD/NTLM integration via a property in a settings file?
[#|2010-10-11T15:22:27.831+0000|INFO|glassfish3.0.1|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=31;_ThreadName=http-thread-pool-80-(1);|15:22:27,830 ERROR [NtlmFilter:136] java.lang.StringIndexOutOfBoundsException: String index out of range: -1
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1937)
at com.liferay.portal.security.ntlm.NtlmServiceAccount.setAccount(NtlmServiceAccount.java:49)
at com.liferay.portal.security.ntlm.NtlmServiceAccount.<init>(NtlmServiceAccount.java:25)
at com.liferay.portal.security.ntlm.NtlmManager.setConfiguration(NtlmManager.java:123)
at com.liferay.portal.security.ntlm.NtlmManager.<init>(NtlmManager.java:43)
at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.getNtlmManager(NtlmFilter.java:115)
at com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter.processFilter(NtlmFilter.java:162)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.sso.cas.CASFilter.processFilter(CASFilter.java:176)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:179)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:184)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:738)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:196)
at com.liferay.portal.servlet.filters.threadlocal.ThreadLocalFilter.processFilter(ThreadLocalFilter.java:35)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
|#]
</init></init>
Thanks for any help and advice,
Ben
Ben Brown, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Anyone know where to look to disable the AD authentication in settings files?
Thanks
Ben
Thanks
Ben
Martin Lungershausen, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
New Member Postagens: 11 Data de Entrada: 11/08/09 Postagens Recentes
Put this in your portal-ext.properties under /ROOT/WEB-INF/classes I think this should work.
ldap.auth.enabled=false
ldap.auth.required=false
ntlm.auth.enabled=false
Beside this I have the same problem wih 6.0.5 and MS AD. Did you solve the problem?
ldap.auth.enabled=false
ldap.auth.required=false
ntlm.auth.enabled=false
Beside this I have the same problem wih 6.0.5 and MS AD. Did you solve the problem?
Ben Brown, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 79 Data de Entrada: 07/07/10 Postagens Recentes
Thanks for the reply - tried that with no luck - so as it was a test system, just started again
Cameron McBride, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Expert Postagens: 269 Data de Entrada: 08/02/11 Postagens Recentes
I'm having this same problem on the latest 6.0.5 version. I checked that NTLM enable box and am dead in the water. If anyone knows where in the database (mysql) the flag for NTLM is I could turn it back off.
Purba Chowdhury, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 25 Data de Entrada: 04/06/10 Postagens Recentes
You can also change in portal.properties file making
ntlm.auth.enabled=false
This should work,if its not working from front end.
ntlm.auth.enabled=false
This should work,if its not working from front end.
raghu N M, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 27 Data de Entrada: 27/07/10 Postagens Recentes
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.
Michael Wall, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens Recentesraghu N M:
This doesn't work. Do we have any other methods to disable it. I don't want to truncate all my table becuase I loose all other work.
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
<preference><name>ntlm.auth.enabled</name>
<value>false</value></preference>
Shut down LR, update this value from true to false then start LR.
I'd recommend backing up the DB before attempting this just in case.
Hitoshi Ozawa, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens RecentesIn the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?
##
## Default Admin
##
#
# Set the default admin password.
#
default.admin.password=test
#
# Set the default admin screen name prefix.
#
default.admin.screen.name=test
#
# Set the default admin email address prefix.
#
default.admin.email.address.prefix=test
#
# Set the default admin first name.
#
default.admin.first.name=Test
#
# Set the default admin middle name.
#
default.admin.middle.name=
#
# Set the default admin last name.
#
default.admin.last.name=Test
Michael Wall, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens RecentesHitoshi Ozawa:
In the portletpreferences table of your liferay db, there's a record with portletId of LIFERAY_PORTAL and a non-zero ownerId. The preferences field of this record has a large blob of xml. Buried within this you should find ntlm.auth.enabled
Directly modifying Liferay database table is very dangerous. Have you tried setting a new default admin?
So is releasing software that locks users out so easily without an easy way to recover.
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Hitoshi Ozawa, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens RecentesCan you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related.
Michael Wall, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens RecentesHitoshi Ozawa:
Can you explain why it is so dangerous? Storing of config in xml and not in properly structured format, or having 2 seperate ways of storing the data is surely as dangerous?
Or trying to update a xml formated string in a database table without any foreign keys and without any official database table structure document to show how columns in tables are related.
I'd hardly think switching a true to false is dangerous if you know what you're doing and don't break the xml formatting / structure. As it is he can't get into the system.
I had to do something similar when I enabled LDAP for ADS for CE 6.0.4 in the GUI and the login process ended up going into an infinite loop.
I'd focus more on fixing the underlying issue than criticising the hack.
Hitoshi Ozawa, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens RecentesI'd focus more on fixing the underlying issue than criticising the hack.
Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation.
Michael Wall, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Junior Member Postagens: 60 Data de Entrada: 22/07/10 Postagens RecentesHitoshi Ozawa:
I'd focus more on fixing the underlying issue than criticising the hack.
Sorry if you thought I was criticising you suggestion. This is just a community forum and I'm sure every body appreciates your participation.
No problem, I should have prefaced it as a hack.
Hitoshi Ozawa, modificado 13 Anos atrás.
RE: Cannot log-in to Liferay
Liferay Legend Postagens: 7942 Data de Entrada: 24/03/10 Postagens RecentesYou can also change in portal.properties file making.
ntlm.auth.enabled=false
This should work,if its not working from front end.
This won't work because values in the database (from GUI) take precedence over values from the portal-ext.properties file.