Closed phillipross closed 5 years ago
thanks for reporting the issue. Are you using the attached Dockerfile with Payara 5.183 or another application server?
I'm using payara and attempting all kind of permutations. The Dockerfile doesn't work at this point because of changes they've made to the Dockerfile in recent months. I was able to adapt to use the new Dockerfile but the same problem occurs. I also tried deploying into a standalone payara-full instance and it behaves the same way. tried with v5.184 and 5.182. I'm working today to try with payara 5.181 and 4.181 (the later needs some changes to the code or pom.xml file)... but at this point I'm thinking this may be a bug in payara or soteria.
OK, I tested payara 5.181 and it behaves the same as 5.182 and 5.184. I didn't try 4.181 yet since it requires some code changes to downgrade to JEE7 (there are some CDI and Validation differences).
Oddly, I get some slightly different behaviors depending on whether I'm using Chrome or Firefox (both on MacOS)
With Chrome... the first login attempt fails with securityContext.authenticate returning a SEND_CONTINUE code, and then returns SUCCESS immediately attempting to login again. After logging out... attempting to login has the same results... first attempt SEND_CONTINUE and second gets SUCCESS
With Firefox, it's slightly different. The first login attempt fails with SEND_CONTINUE and then returns SUCCESS when trying to login again. After logging in... a logout with Firefox successfully logs out, but then subsequent login attempts always return SUCCEED.
Unless you have something else I can try, I think it might be best to see if you can duplicate the behavior I'm seeing and then we can log an issue with payara and see if they can figure out if it's a bug or something.
Do you have any updates on this?
Apologies, I forgot to close this out when I resolved the problem on my side.
I actually tracked down the problem to a combination of things that I can't remember precisely at this point. It had to do with the fact that chrome was caching something and since I was testing many things using the localhost name... chrome's cached cookies or something were interfering. I spent hours tracking down the problem, realized what it was, and by the time i was able to create a reproducer, there was a google update and the problem went away 🤣
oh okay 😆 But thanks for the update and the hint with the possible caching issue. I'll close this one now 👍
For some reason it seems the authentication status that is returned sometimes is SEND_CONTINUE and other times is SUCCESS. When SUCCESS is returned then the result is the welcome page... but when the status is SEND_CONTINUE then nothing happens and the result is the login page with no error message.