liferay realm authentication error No such user exists with primary key 0

留言板

nikhil kshirsagar，修改在12 年前。

liferay realm authentication error No such user exists with primary key 0

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

Hello

I read on this link that there was an issue in liferay causing a no such user with primary key 0 exception in tomcat.

I am seeing this error in liferay 6.0.6 as well, so am wondering whether this is a liferay bug and needs to be patched. Can someone please help if they know anything about this ? This is what I am trying ..

My liferay web.xml is as follows .. (i commented out the default security constraints in web.xml )

<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>PortalRealm</realm-name>
</login-config>
<security-role>
<role-name>tomcat</role-name>
</security-role>

I've given role-name as "tomcat" so I guess it will refer to my tomcat-users.xml which is

<tomcat-users>

<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="joebloggs@liferay.com" password="test" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>

</tomcat-users>

I have no enabled jaas, and simply with these changes, I see an exception

com.liferay.portal.NoSuchUserException: No User exists with the primary key 0 at com.liferay.portal.service.persistence.UserPersistenceImpl.findByPrim
aryKey(UserPersistenceImpl.java:795)
at com.liferay.portal.service.impl.UserLocalServiceImpl.getUserById(User
LocalServiceImpl.java:1360)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)

So if this is a liferay bug, can someone help me with the patch ? I think the above link talks about some changes to mainservlet.java but the getPrincipalName method has changed in this latest version of liferay and I'm not sure of the changes required.

Would be great to get some help on this issue as I've been stuck here quite a while!

Nikhil.

jelmer kuperus，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Liferay Legend 帖子: 1191 加入日期: 10-3-10 最近的帖子

I never tried anything like this but did you try configuring com.liferay.portal.security.auth.BasicAuthHeaderAutoLogin

nikhil kshirsagar，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

No, I did not.. what is it for?

Let me expain what it is I am trying.. I want to integrate liferay into container managed security to provide a single signon valve mechanism between liferay and other webapps in our product. For that purpose, I made the security-constraints changes I described in the liferay web.xml , so that I get a pop-up box asking for username/password whenever I try to access liferay .. once the user enter login details here (i'm entering tomcat/tomcat), I want to get authenticated by liferay, which I expect will be done inside the autologin hook i write.. where i will extract the username from the httpservletrequest and silently login .. all this is because if the authentication has already happened in the other web application, then the pop-up will not be shown for liferay .. (i expect autologin again to receive the same username entered in the other webapp and again silently login).

This is to provide a single signon solution between different webapp's, one of which is liferay.

jelmer kuperus，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Liferay Legend 帖子: 1191 加入日期: 10-3-10 最近的帖子

if you login as tomcat/tomcat than a user called tomcat with screenname tomcat and password tomcat should exist in liferay or it wont work. If you dont want to manually add all the users you should probably be looking at something like ldap and import users when they do not exist in liferay but do exist in ldap.

BasicAuthHeaderAutoLogin is the component that "will extract the username from the httpservletrequest and silently login"

nikhil kshirsagar，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

Jelmer,

Is it an autologin hook? Do i need to add it in portal-ext.properties as a hook?

Secondly.. I thought that I was getting this exception because that user wasnt created in liferay..
These are my web.xml changes in liferay

<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>PortalRealm</realm-name>
</login-config>
<security-role>
<role-name>tomcat</role-name>
</security-role>

I've kept the role-name as "tomcat" for now.. (more on this later)

My tomcat-users.xml has joebloggs as a user with role-name "admin", the contents of tomcat-users.xml are
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="admin"/>
<user password="tomcat" roles="tomcat" username="tomcat"/>
<user password="test" roles="admin" username="joebloggs@liferay.com"/>
<user password="test" roles="admin" username="joebloggs"/>
<user password="test" roles="admin" username="test"/>
<user password="tomcat" roles="role1" username="role1"/>

With this configuration, if i try to login with joebloggs/test the error is changed from "no such user exists with primary key 0" to "access denied to the specific resource 403 error". If I change the role-name back to "users" or "*" , or if i try to login with tomcat/tomcat, I get the no such user exists with primary key 0 error again!

Can you please explain what exactly is the relationship between the role-name and these errors.. I don't understand it perfectly.. should I be giving some liferay role over there? (in fact thats why I tried putting admin as joebloggs role.. )

Very confused.. emoticon

-nikhil.

nikhil kshirsagar，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

I forgot to mention.. my custom autologin hook is not being called.. I tried writing an autologin hook to basically do the same thing.. and hardcoded joebloggs.. to silently login joebloggs to the portal .. but its not being called at all .. if i dont have the security constraint changes, then i can see it being called and joebloggs is silently logged in.. but if i enable the security constraints.. i either get the no such use exists exception in tomcat, or the 403 error access denied in my browser, and the autologin hook is never called.. so i doubt the hook you suggested would work.. i need to get rid of the exception or the error by putting appropriate auth-role in security-constraints.. can you help me with that ?

-Nikhil.

jelmer kuperus，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Liferay Legend 帖子: 1191 加入日期: 10-3-10 最近的帖子

You gave joebloggs the role admin but in your auth-constraint you specified that only users with role tomcat are allowed access. Ergo. you get an access denied error

and yes the autologin thingie you need to define in portal-ext.properies

auto.login.hooks=com.liferay.portal.security.auth.BasicAuthHeaderAutoLogin,com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.FacebookAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.RememberMeAutoLogin,com.liferay.portal.security.auth.SiteMinderAutoLogin

nikhil kshirsagar，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

<sigh> .. ok .. here is web.xml
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>

<login-config>

<auth-method>BASIC</auth-method>
<realm-name>PortalRealm</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
</web-app>

Here's tomcat-users.xml

<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="admin"/>
<user password="tomcat" roles="tomcat" username="tomcat"/>
<user password="test" roles="admin" username="joebloggs@liferay.com"/>
<user password="test" roles="admin" username="joebloggs"/>
<user password="test" roles="admin" username="test"/>
<user password="tomcat" roles="role1" username="role1"/>

When I try to login using joebloggs/test , I see this exception

11:57:46,310 ERROR [MainServlet:442] com.liferay.portal.NoSuchUserException: No
User exists with the primary key 0
com.liferay.portal.NoSuchUserException: No User exists with the primary key 0
at com.liferay.portal.service.persistence.UserPersistenceImpl.findByPrim
aryKey(UserPersistenceImpl.java:795)
at com.liferay.portal.service.impl.UserLocalServiceImpl.getUserById(User
LocalServiceImpl.java:1360)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflecti
on(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJo
inpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor.in
voke(TransactionInterceptor.java:110)
at com.liferay.portal.dao.jdbc.aop.DynamicDataSourceTransactionIntercept
or.invoke(DynamicDataSourceTransactionInterceptor.java:44)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableM
ethodAdvice.java:58)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableM
ethodAdvice.java:58)

Very frustrating..!!!

nikhil kshirsagar，修改在12 年前。

RE: liferay realm authentication error No such user exists with primary key

Junior Member 帖子: 27 加入日期: 11-4-28 最近的帖子

Also, here's my portal-ext.properties

portal.ctx=/liferay
portal.jaas.enable=false
company.security.auto.login=true
auto.login.hooks=com.liferay.portal.security.auth.BasicAuthHeaderAutoLogin
login.events.pre=com.liferay.portal.events.CustomLoginPreAction

The autologin hook isnt being called as far as I can tell because of this exception ..

I gave admin thinking the joebloggs user in liferay might have this role defined in liferay ..
In any case if i change the auth-role to tomcat, and change the role in tomcat-users.xml for joebloggs to tomcat, I still see this same no user exists exception .. so either its access denied .. or no such user exists with primary key 0 exception.