內容 |
|
andowson wrote:Hi, I've commit the fix as r224.
JForum will disable the submit button until the captcha image is fully loaded.
Please check out and test if this works.
Thanks. I am current working on other tasks. I will report back once I have a chance to test it out. I need to remind our integration build team to get the latest version of JForum.
|
|
|
I know this problem is not caused by JForum. I post this question here in case someone else runs into the same problem and find a solution.
In the SSO integration, the redirect URL configuration leads to the following error:
2013-02-05 09:27:46,494 ERROR - [net.jforum.exceptions.ExceptionWriter](80) net.jforum.exceptions.ForumException: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at net.jforum.Command.process(Command.java:114)
at net.jforum.JForum.processCommand(JForum.java:246)
at net.jforum.JForum.service(JForum.java:228)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at net.jforum.util.legacy.clickstream.ClickstreamFilter.doFilter(ClickstreamFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:311)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.lang.reflect.InvocationTargetException
... 27 more
Caused by: java.lang.IllegalArgumentException
at java.net.URI.create(URI.java:841)
at net.jforum.view.forum.common.ViewCommon.contextToLogin(ViewCommon.java:135)
at net.jforum.view.forum.common.ViewCommon.contextToLogin(ViewCommon.java:118)
at net.jforum.view.forum.PostAction.anonymousPost(PostAction.java:1507)
at net.jforum.view.forum.PostAction.insert(PostAction.java:504)
... 27 more
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: http://www.zylomlocal.com
at java.net.URI$Parser.fail(URI.java:2810)
at java.net.URI$Parser.parseAuthority(URI.java:3148)
at java.net.URI$Parser.parseHierarchical(URI.java:3059)
at java.net.URI$Parser.parse(URI.java:3015)
at java.net.URI.<init>(URI.java:577)
at java.net.URI.create(URI.java:839)
... 31 more
URL is: /jforum/posts/insert/3.page
2013-02-05 09:27:46,494 ERROR - [ExceptionWriter] net.jforum.exceptions.ForumException: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at net.jforum.Command.process(Command.java:114)
at net.jforum.JForum.processCommand(JForum.java:246)
at net.jforum.JForum.service(JForum.java:228)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at net.jforum.util.legacy.clickstream.ClickstreamFilter.doFilter(ClickstreamFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:311)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.lang.reflect.InvocationTargetException
... 27 more
Caused by: java.lang.IllegalArgumentException
at java.net.URI.create(URI.java:841)
at net.jforum.view.forum.common.ViewCommon.contextToLogin(ViewCommon.java:135)
at net.jforum.view.forum.common.ViewCommon.contextToLogin(ViewCommon.java:118)
at net.jforum.view.forum.PostAction.anonymousPost(PostAction.java:1507)
at net.jforum.view.forum.PostAction.insert(PostAction.java:504)
... 27 more
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: http://www.mylocal.com
at java.net.URI$Parser.fail(URI.java:2810)
at java.net.URI$Parser.parseAuthority(URI.java:3148)
at java.net.URI$Parser.parseHierarchical(URI.java:3059)
at java.net.URI$Parser.parse(URI.java:3015)
With a debugger, I can't see anything wrong on the following lines:
if (ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))) {
String redirect = SystemGlobals.getValue(ConfigKeys.SSO_REDIRECT);
in ViewCommon.java.
|
|
|
andowson wrote:Please provide your system environment for more information. Thanks~
I run it in Tomcat on Windows 7. I can't see how the problem relates with those systems.
|
|
|
andowson wrote:I found that this issue can be reproduced at the first time Java VM starts to load the Captcha engine.
When the Captcha engine is not ready, the imageCaptcha will return null.
A quick fix is to replace the last return statement from return true to return false.
public boolean validateCaptchaResponse(String origUserResponse)
{
String userResponse = origUserResponse;
if ((SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION)
|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
&& this.imageCaptcha != null) {
if (SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_IGNORE_CASE)) {
userResponse = userResponse.toLowerCase(Locale.US);
}
final boolean result = this.imageCaptcha.validateResponse(userResponse).booleanValue();
this.destroyCaptcha();
return result;
}
return false;
}
With the change, I can't pass Captcha with a correct matched text.
Also, I do notice that the Captcha comes up late. A message "Captcha unavailable" shows up first.
I also try to use the new method I create:
private ImageCaptcha testImageCaptcha(){
if(this.imageCaptcha == null)
this.imageCaptcha = Captcha.getInstance().getNextImageCaptcha();
return this.imageCaptcha;
}
and call this method instead of this.imageCaptcha in this.imageCaptcha != null. The change, however, blocks Captcha - I can't pass Captcha with a matched characters.
|
|
|
andowson wrote:Please provide your system configuration for more information. Thanks~
I am not sure what system configuration you need.
With a debugger, I find the problem is on the following line:
boolean needCaptcha = SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS)
&& request.getSessionContext().getAttribute(ConfigKeys.REQUEST_IGNORE_CAPTCHA) == null;
if (needCaptcha && !us.validateCaptchaResponse(this.request.getParameter("captcha_anwser"))) {
this.context.put("post", post);
this.context.put("start", this.request.getParameter("start"));
this.context.put("error", I18n.getMessage("CaptchaResponseFails"));
this.insert();
return;
}
and the cause is in the following method:
public boolean validateCaptchaResponse(String origUserResponse)
{
String userResponse = origUserResponse;
if ((SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION)
|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
&& this.imageCaptcha != null) {
if (SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_IGNORE_CASE)) {
userResponse = userResponse.toLowerCase(Locale.US);
}
final boolean result = this.imageCaptcha.validateResponse(userResponse).booleanValue();
this.destroyCaptcha();
return result;
}
return true;
}
The condition check line
SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION)
|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
&& this.imageCaptcha != null
returns false. And I find the this.imageCaptcha is null and that alone can make the condition false. So why it is null then?
|
|
|
I write my cookie retrieval function and have the same result. So, the problem isn't related with the JForumExecutionContext.getRequest().getCookies().
I can retrieve the cookie right after it was created. I guess the problem likely relates with the cookie age.
|
|
|
I notice the Captcha works on this JForum installation. That lets me wondering why it doesn't work on our installation with the same configuration.
|
|
|
I use ControllerUtils.getCookie(String name) function to retrieve a cookie. Although the cookie is there, the function return null. With a debugger, I find the JForumExecutionContext.getRequest().getCookies() doesn't pick up all cookies. It only picks up 10 cookies while there are 12 cookie. I can't see any differences in domain nor path for cookies picked up by the function and cookies are not picked up by the function. How to make sure a cookie will be picked up by the function?
|
|
|
Thanks for your reply.
I check the configuration files. Our installation uses the Captcha default configuration as what you show in your answer. And there isn't any Captcha related configuration in the jforum-custom.conf file. The version number is 2.3.5-SNAPSHOT. I can make a post without entering any text in the Captcha field. Any other configuration would change the behaviour? I hope that I don't need to turn on the debugger to find the cause of this problem at PostAction class.
|
|
|
In our installation, the captcha is not working. I can make a post without a correct match text. Where I can enable it?
|
|
|
I can't figure out why I get the following error in the sso.redirect configuration.
I don't see any bad characters there.
|
|
|
andowson wrote:If you want to deny anonymous post in JForum, just go to Admin Control Panel > Group Managment > General > Permission
Choose all boards in the deny anonymous post section.
Thanks very much.
After work, I recognize that it likely is a configuration thing, but not a code problem.
|
|
|
Thanks very much for the lead.
I notice an 'Anonymous' user can post a message in a use scenario, but not in other ones. The authentication seems to be inconsistent. How to enforce only a signin user can post a message for all cases, otherwise it is read only?
|
|
|
I need some helps on JForum integration SSO. I am aware this discussion http://www.coderanch.com/t/574564/jforum/Single-Signon-automatic-login. The information is out updated and doesn't match the current code base. The following is the integration logic. Please correct me if it is not right.
1. After a user signs in the application, encrypt this user’s unique identifier and save this encrypted value in a cookie.
2. This cookie can be used to authenticate the user in JForum. A filter/interceptor will be created to verify the authorization for any JForum URLS with a pattern of “/forum/*”
3. When a user navigates to a JForum page, the cookie value will be used to verify user’s credential against the JForum database. The cookie value will be decrypted for usage, of course.
4. If it is the first time for the user using JForum (that is the user account data doesn’t exist in JForum DB), a web service call will be issued to retrieve this user’s profile data, namely screen name, email, and encrypted password, from our app. And those user data will be stored in the jforum_users table of the JForum database.
5. When the user log off her/his account or a session timeout, the cookie will be removed.
Please advise how the integration need to take place.
Thanks for your helps in advance.
|
|
|