Thank you, David.
I checked this. If you look at my jspwiki.policy, one sign whether I am
actually logged in or not is that I should be able to edit a page in
case I am authenticated.
I click on "Sandbox" but no editing is possible. A sign that I am not
authenticated.
I also checked in from exactly the URL placed in
jspwiki-custom.properties ... same unexpected behaviour.
My server is based on Apache with Tomcat connected.
Here is my virtual host configuration (sites-enabled) for apache2:
http://paste.siduction.org/20150707091634
Maybe the URL passing through this connections puzzels jspwiki. Any
experience?
Another hint to a solution could be, that the log says that the
login-name is authenticated where the failure reports that the full name
is not authenticated.
I think, authentication is a cornerstone to internet access these days.
I would take it serious.
E.g.: If you get a new password from jspwiki why all credentials are
send via an open email? How to change that? (but this is a second step
after the first to authenticate.)
---
Viele Grüße, Best Regards
Rolf Schumacher
Am 07.07.2015 08:34, schrieb David Vittor:
Hi Rolf,
Not 100% sure, but I had a similar experience. When you log in the
server
automatically redirects you to:your baseUrl in the
jspwiki-custom.properties.
jspwiki.baseURL=https://JSPWiki.my-domain.com/
If this is different to the baseUrl that you log in on, then it will
look like you are not logged in, even though you are on the main page
(check the url). The cookie is stored against the baseUrl of the login
URL.
One way to test this is to manually change the baseUrl back to the one
you logged in at, it will show the user logged in correctly.
To fix this just change your baseUrl.
Not sure if this is your case, but thought I'd mention it.
Cheers,
David V
On Tue, Jul 7, 2015 at 12:19 AM, Rolf Schumacher <[email protected]>
wrote:
Need help with Authentication.
JSPWiki 2.10.1 has just been installed and used for nothing else yet.
Goal
is to have a closed group for accessing any page from the public
internet
in a secure way by a known set of members.
I have added one user with a login name of "myLogin" and a full name
of
"My Name".
When I open the Main page, the server already knows my full name -
maybe
due to cookies - but I am not logged in.
Then I login and the logs report the "Successfully authenticated user
myLogin".
Then the server redirects me to the Main page.
Getting there, I see that user My Name has not been authenticated.
What did I do wrong here?
The following information has been subject to anonymisation:
userdatabase.xml: http://paste.siduction.org/20150706140710
jspwiki.log: http://paste.siduction.org/20150706140808
jspwiki.policy: http://paste.siduction.org/20150706141119
jspwiki-custom.properties: http://paste.siduction.org/20150706141148
--
Viele Grüße, Best Regards
Rolf Schumacher
