We're having an issue with login form, namely the login.xhml from barcelona. I asked in template forum, but seems like this has nothing to do with the template itself.
Versions: WildFly21 / PF 8.0.12 / Barcelona 2.0.1
I'm not quite sure if what I did was correct, but mainly:
1) web.xml is adjusted to have security-constraints and web-resource-collection collections that are prohibited to public
2) web.xml is adjusted to have login-config with FORM authentication
3) login.xhtml is adjusted like below #1.
If user/pass entered correctly it works, but if they're not entered correctly there is a server side exception like below #2. Actually, we expect that it is redirected to access-denied.xhtml, it tries to render access-denied, but fails.
I'm sort of confused with all this and planning to use own login.html without JSF/PF/Barcelona. I tested a very simple login form with success like below #3.
Excerpt #1
Code: Select all
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html" xmlns:f="http://java.sun.com/jsf/core" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:p="http://primefaces.org/ui">
<h:head>
<f:facet name="first">
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" />
<meta name="apple-mobile-web-app-capable" content="yes" />
</f:facet>
<title>Mikado Web</title>
<h:outputScript name="js/ripple.js" library="barcelona-layout" />
<h:outputScript name="js/layout.js" library="barcelona-layout" />
</h:head>
<h:body styleClass="login-body">
<h:form id="login" onsubmit="document.getElementById('login').action='j_security_check';" prependId="false">
<div class="login-panel ui-fluid">
<div class="ui-g">
<div class="ui-g-12 login-header">
<h2>#{msg['fields.login']} </h2>
<h1>#{msg['fields.welcome']} </h1>
<p:graphicImage name="images/logo.png" library="barcelona-layout" />
</div>
<div class="ui-g-12">
<h:panelGroup styleClass="md-inputfield">
<p:inputText id="j_username" name="j_username" />
<label>#{msg['fields.username']}</label>
</h:panelGroup>
</div>
<div class="ui-g-12">
<h:panelGroup styleClass="md-inputfield">
<p:inputText id="j_password" name="j_password" type="password" />
<label>#{msg['fields.password']}</label>
</h:panelGroup>
</div>
<div class="ui-g-12 chkbox-container">
<p:selectBooleanCheckbox id="remember-me" />
<p:outputLabel for="remember-me" value="#{msg['fields.remember']}" />
</div>
<div class="ui-g-12 button-container">
<p:commandButton id="submit" value="#{msg['fields.login']}" icon="ui-icon-person" ajax="false" />
</div>
</div>
</div>
</h:form>
<h:outputStylesheet name="css/layout-#{sessionView.theme}.css" library="barcelona-layout" />
<h:outputStylesheet name="css/ripple.css" library="barcelona-layout" />
</h:body>
</html>
Code: Select all
14:00:14,081 WARN [org.jboss.weld.Servlet] (default task-1) WELD-000717: Unable to deactivate context org.jboss.weld.module.web.context.http.LazyHttpConversationContextImpl@1bdb7a8d when destroying request HttpServletRequestImpl [ GET /test/login.xhtml ]
14:00:14,097 WARN [org.jboss.weld.Conversation] (default task-1) WELD-000335: Conversation context is already active, most likely it was not cleaned up properly during previous request processing: HttpServletRequestImpl [ GET /test/javax.faces.resource/theme.css.xhtml ]
14:00:17,501 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /test/access-denied.xhtml: java.lang.RuntimeException: javax.servlet.ServletException: Index: 0, Size: 0
at io.undertow.servlet.handlers.security.ServletFormAuthenticationMechanism.servePage(ServletFormAuthenticationMechanism.java:172)
at io.undertow.security.impl.FormAuthenticationMechanism.sendChallenge(FormAuthenticationMechanism.java:174)
at io.undertow.security.impl.SecurityContextImpl$ChallengeSender.transition(SecurityContextImpl.java:301)
at io.undertow.security.impl.SecurityContextImpl$ChallengeSender.transition(SecurityContextImpl.java:319)
at io.undertow.security.impl.SecurityContextImpl$ChallengeSender.access$300(SecurityContextImpl.java:284)
at io.undertow.security.impl.SecurityContextImpl.sendChallenges(SecurityContextImpl.java:130)
at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:102)
at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:107)
at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
at io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.servlet.ServletException: Index: 0, Size: 0
at javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:725)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:81)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:251)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:186)
at io.undertow.servlet.spec.RequestDispatcherImpl.forwardImpl(RequestDispatcherImpl.java:227)
at io.undertow.servlet.spec.RequestDispatcherImpl.forwardImplSetup(RequestDispatcherImpl.java:149)
at io.undertow.servlet.spec.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:111)
at io.undertow.servlet.handlers.security.ServletFormAuthenticationMechanism.servePage(ServletFormAuthenticationMechanism.java:170)
... 48 more
Caused by: java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
at java.util.ArrayList.rangeCheck(ArrayList.java:659)
at java.util.ArrayList.get(ArrayList.java:435)
at javax.faces.component.AttachedObjectListHolder.restoreState(AttachedObjectListHolder.java:146)
at javax.faces.component.UIComponentBase.restoreState(UIComponentBase.java:1228)
at com.sun.faces.application.view.FaceletPartialStateManagementStrategy$2.visit(FaceletPartialStateManagementStrategy.java:372)
at com.sun.faces.component.visit.FullVisitContext.invokeVisitCallback(FullVisitContext.java:127)
at javax.faces.component.UIComponent.visitTree(UIComponent.java:1456)
at javax.faces.component.UIComponent.visitTree(UIComponent.java:1468)
at com.sun.faces.application.view.FaceletPartialStateManagementStrategy.restoreView(FaceletPartialStateManagementStrategy.java:358)
at com.sun.faces.application.StateManagerImpl.restoreView(StateManagerImpl.java:113)
at com.sun.faces.application.view.ViewHandlingStrategy.restoreView(ViewHandlingStrategy.java:99)
at com.sun.faces.application.view.FaceletViewHandlingStrategy.restoreView(FaceletViewHandlingStrategy.java:272)
at com.sun.faces.application.view.MultiViewHandler.restoreView(MultiViewHandler.java:133)
at javax.faces.application.ViewHandlerWrapper.restoreView(ViewHandlerWrapper.java:101)
at javax.faces.application.ViewHandlerWrapper.restoreView(ViewHandlerWrapper.java:101)
at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:181)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:110)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
at javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:707)
... 64 more
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core">
<h:head>
</h:head>
<h:body>
<form name="loginForm" method="POST" action="j_security_check">
<input type="text" name="j_username" size="25"/>
<input type="password" size="15" name="j_password"/>
<input type="submit" value="Submit"/>
<input type="reset" value="Reset"/>
</form>
</h:body>
</html>