search

grealish / pwm

Automatically exported from code.google.com/p/pwm
0 stars 0 forks source link

Save Challenge/ Response to NMAS is broken #353

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Configure PWM to Enable and force Setup Responses and enable Store NMAS 
responses as well.
2. Login as user and setup responses.
3. Try to save the responses

What is the expected output? 
Both NMAS responses and pwmResponseSet should be updated after the save.

What do you see instead?
I get the following error message after saving:

PWM 5015

Unexpected error. If this error occurs repeatedly please contact your helpdesk. 
{ 5015 ERROR_UNKNOWN (cannot save response for 'What is the name of the main 
character in your favorite book?' to NMAS, cleartext answer is not available) }

Catalina.out throws an error:

2013-04-05 10:52:00, TRACE, pwm.SessionFilter, {1g,Dhr Drs. S. Veldhuisen} POST 
request for: /pwm/private/SetupResponses  [127.0.0.1/localhost]
  PwmResponse_R_Random_0=***removed***
  PwmResponse_R_Random_2=***removed***
  pwmFormID='4szXg2OEudi9hOrqZexqrjWKMxFZFTVK13dd963882abh76f5'
  PwmResponse_R_Random_1=***removed***
  PwmResponse_R_Random_3=***removed***
  PwmResponse_Q_Random_2='What city / town were you born in?'
  PwmResponse_Q_Random_3='What was your favorite show as a child?'
  PwmResponse_Q_Random_0='What is the name of the main character in your favorite book?'
  PwmResponse_Q_Random_1='What is the name of your favorite pet?'
  processAction='setResponses'
2013-04-05 10:52:00, TRACE, servlet.SetupResponsesServlet, {1g,Dhr Drs. S. 
Veldhuisen} new user responses are acceptable [127.0.0.1/localhost]
2013-04-05 10:52:00, DEBUG, provider.WatchdogWrapper, reopening ldap connection 
for cn=x,ou=users,o=meta
2013-04-05 10:52:00, TRACE, provider.JNDIProviderImpl, bind successful as 
cn=x,ou=users,o=meta (111ms)
2013-04-05 10:52:00, TRACE, provider.ChaiProviderFactory, adding 
WatchdogWrapper to provider instance
2013-04-05 10:52:00, TRACE, provider.WatchdogWrapper, checking for user 
password expiration to adjust watchdog timeout
2013-04-05 10:52:00, TRACE, provider.ChaiProviderFactory, adding 
StatisticsWrapper to provider instance
2013-04-05 10:52:00, INFO , cr.ChaiResponseSet, successfully wrote Chai 
challenge/response set for user cn=x,ou=users,o=meta
2013-04-05 10:52:00, INFO , operations.CrUtility, {1g,Dhr Drs. S. Veldhuisen} 
saved responses for user to chai-ldap format [127.0.0.1/localhost]
2013-04-05 10:52:00, WARN , servlet.TopServlet, {1g,Dhr Drs. S. Veldhuisen} 
unexpected pwm error during page generation: cannot save response for 'What is 
the name of the main character in your favorite book?' to NMAS, cleartext 
answer is not available [127.0.0.1/localhost]
java.lang.IllegalArgumentException: cannot save response for 'What is the name 
of the main character in your favorite book?' to NMAS, cleartext answer is not 
available
    at password.pwm.util.operations.CrUtility.writeResponses(CrUtility.java:553)
    at password.pwm.util.operations.CrUtility.writeResponses(CrUtility.java:438)
    at password.pwm.servlet.SetupResponsesServlet.saveResponses(SetupResponsesServlet.java:268)
    at password.pwm.servlet.SetupResponsesServlet.advanceToNextStage(SetupResponsesServlet.java:171)
    at password.pwm.servlet.SetupResponsesServlet.handleSetupResponses(SetupResponsesServlet.java:260)
    at password.pwm.servlet.SetupResponsesServlet.processRequest(SetupResponsesServlet.java:116)
    at password.pwm.servlet.TopServlet.handleRequest(TopServlet.java:82)
    at password.pwm.servlet.TopServlet.doPost(TopServlet.java:144)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at password.pwm.AuthenticationFilter.processAuthenticatedSession(AuthenticationFilter.java:132)
    at password.pwm.AuthenticationFilter.doFilter(AuthenticationFilter.java:80)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at password.pwm.SessionFilter.processFilter(SessionFilter.java:233)
    at password.pwm.SessionFilter.doFilter(SessionFilter.java:81)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at password.pwm.GZIPFilter.doFilter(GZIPFilter.java:45)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at password.pwm.ApplicationModeFilter.doFilter(ApplicationModeFilter.java:63)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Thread.java:722)
2013-04-05 10:52:00, TRACE, util.PwmMacroMachine, replaced Macro @User:ID@ with 
value: Dhr Drs. S. Veldhuisen
2013-04-05 10:52:00, DEBUG, pwm.SessionManager, {1g} closing user ldap 
connection [127.0.0.1/localhost]
2013-04-05 10:52:00, DEBUG, pwm.PwmSession, {1g} unauthenticate session from 
127.0.0.1 (cn=x,ou=users,o=meta) [127.0.0.1/localhost]

It looks like the Response to the first Challenge is not properly passed to 
NMAS.

What version of the product are you using?
Daily build (data-pwm-version="1.7.0 (RC1)" data-pwm-build="1216")

On what operating system?
SLES 11 SP1

Please provide any additional information below.

eDirectory for Linux x86_64 v8.8 SP7 is used as a LDAP directory.

Original issue reported on code.google.com by sebastia...@gmail.com on 5 Apr 2013 at 9:03

GoogleCodeExporter commented 9 years ago 
fixed in revision 542

Original comment by jrivard on 5 Apr 2013 at 12:09