Custom Authenticator valve not working in EAP 6.0 - the authenticate() method is not called
Issue
- A simple Authenticator valve that always returns true was deployed with our application to test custom authenticator valves with EAP 6
- In the logs we see:
15:53:07,470 INFO [org.apache.tomcat.util.http.Cookies] (http-localhost/127.0.0.1:8180-1) Cookies: Invalid cookie. Value not a token or quoted value
15:53:07,492 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-localhost/127.0.0.1:8180-1) Security checking request GET /restrict
15:53:07,493 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-localhost/127.0.0.1:8180-1) Calling hasUserDataPermission()
15:53:07,493 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-localhost/127.0.0.1:8180-1) Calling authenticate()
15:53:07,499 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] (http-localhost/127.0.0.1:8180-1) Save request in session 'm8hJWMy2KsQSpNQiebFFoLyh'
15:53:11,146 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-localhost/127.0.0.1:8180-1) Failed authenticate() test
15:53:11,149 TRACE [org.jboss.security.SecurityRolesAssociation] (http-localhost/127.0.0.1:8180-1) Setting threadlocal:null
1) the test's authenticate() always returns true
2) org.apache.catalina.authenticator.FormAuthenticator is seen in the logs. My class extends this class, but does not call
out to super(). So the conclusion is that our authenticate() is not called.
Environment
- JBoss Enterprise Application Platform (EAP) 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.