Problem/bug with external users & Postgres

[tinnyb]

I set myself the task of configuring JasperServer to use an external JDBC data source for authentication today. I have come across what looks like a bug. I am running JasperServer 2.0.1 and PostgreSQL 8.2.4 for both the JasperServer data and my authentication data.

 

I set up applicationContext-security.xml to use the external source. Viewing the tomcat logs indicated that authentication with the external source was successful:

 

15:46:53,494 WARN UserAuthorityServiceImpl,http-8080-Processor3:548 - Created new external user: martin.bayley 15:46:53,689 WARN UserAuthorityServiceImpl,http-8080-Processor3:598 - Added following external roles to: martin.bayley

 

However the browser window goes blank after login - the repository page does not appear. Server-side there is an exception after a warning message:

 

15:45:50,953 WARN UserAuthorityServiceImpl,http-8080-Processor2:743 - User: martin.bayley was not found to make them logged in 15:45:51,224 ERROR [jsp],http-8080-Processor2:704 - Servlet.service() for servlet jsp threw exception java.lang.NoSuchMethodException: org.acegisecurity.userdetails.User.getFullName() at java.lang.Class.getMethod(Class.java:1581)

 

I looked into the postgres log (logging all SQL statements) and found that an attempt is made to insert an externally defined user, along with user roles, but that this transaction is rolled-back. From the postgres log:

 

2007-09-07 15:58:00.919 ESTLOG: execute <unnamed>: select nextval ('hibernate_sequence') 2007-09-07 15:58:00.922 ESTLOG: execute <unnamed>: insert into JIUser (username, fullname, emailAddress, password, externallyDefined, enabled, id) values ($1, $2, $3, $4, $5, $6, $7) 2007-09-07 15:58:00.922 ESTDETAIL: parameters: $1 = 'martin.bayley', $2 = 'martin.bayley', $3 = NULL, $4 = NULL, $5 = 't', $6 = 't', $7 = '243' 2007-09-07 15:58:00.923 ESTLOG: execute <unnamed>: insert into JIUserRole (userId, roleId) values ($1, $2) 2007-09-07 15:58:00.923 ESTDETAIL: parameters: $1 = '243', $2 = '1' 2007-09-07 15:58:00.924 ESTLOG: execute S_3: ROLLBACK

 

To test a theory I manually added a user record in the JasperServer jiuser table for 'martin.bayley', flagged as externally defined, along with the roleids in jiuserrole table. Having done this the login is successful. (Examining the postgres logs shows that the system still attempts to maintain the jiuserroles by deleting and reinserting, but again this is rolled-back). This would seem to confirm that JasperServer intentions to add an externally defined user into the jiuser table fail - perhaps because no commit is issued.

 

Can anyone confirm this to be an issue / bug?

 

Thanks.

Post edited by: tinnyb, at: 2007/09/10 03:06

[swood]

It does look like a bug we had a while ago.

 

Could you post the full stack trace into a new bug in the JasperServer tracker?

 

Thanks,

 

Sherman

JasperSoft

[tinnyb]

I have added this as artf2671 to the tracker.

[tinnyb]

I have found that if I change defaultAutoCommit to true in META-INF/context.xml then authentication is permitted and this bug doesn't arise. This is a workaround no doubt. What are the wider implications of defaulting autocommit to true in the meantime?

[lucianc]

Setting defaultAutoCommit to true is not a good idea since it would inhibit rollback on other scenarios, and you might end up with a inconsistent JS metadata.

 

I think the proper fix for this is to add

Code:

<prop key="maintainInternalUser">PROPAGATION_REQUIRED</prop>

to the transactionAttributes property of the userAuthorityService bean found in WEB-INF/applicationContext.xml.

 

Could you try this and let us know whether it works?

 

Regards,

Lucian

[tinnyb]

It works! After resetting defaultAutoCommit="false", and making your suggested change, and then logging in as a previously un-authenticated user, login successful.

 

Thanks,

 

 

Martin