8 Replies Latest reply: May 15, 2013 9:33 AM by Luís Moreira RSS

    ADF login/out BUG?

    908022
      Hello to all.
      I have a problem in Oracle ADF 11.1.2, in my application using IE7 or IE8 I can log in once, after logging out, I try to log in again using Internet Explorer 7 or 8, sometimes logs, sometimes the screen suffers a refresh and do not login, only works if you use ctrl + f5, totally intermittent. jdeveloper appears on the console this error:

      <Error> <oracle.adfinternal.view.faces.webapp.rich.RichWindowManager> <BEA-000000> <No Registered for:w0> window

      I created a login page that uses this code:

      <f:view>
      <af:document id="d2" title="Login - Consulta de Procedures" initialFocusId="j_username">
      <af:form id="f2" defaultCommand="btnLogin">
      <af:panelStretchLayout id="psl1" topHeight="33%">
      <f:facet name="center">
      <af:panelGroupLayout id="pgl1" layout="vertical" halign="center">
      <af:outputText value="Consulta de Procedures" id="optICM"
      inlineStyle="font-size:xx-large;"/>
      <af:spacer width="10" height="25" id="s1"/>
      <af:panelBox text="Login" id="pbxLogin" showDisclosure="false" background="medium"
      inlineStyle="height:150.0px; width:300px;">
      <af:panelFormLayout id="pflLogin" styleClass="AFStretchWidth">
      <f:facet name="footer">
      <af:group id="g1">
      <af:message id="m2" messageType="info"
      message="Matrícula e Senha de Rede"
      inlineStyle="background-color:InfoBackground;"/>
      </af:group>
      </f:facet>
      <af:inputText label="Usuário:" id="j_username" required="true"
      value="#{backing_login.username}" clientComponent="true"/>
      <af:inputText label="Senha:" id="j_password" required="true" secret="true"
      value="#{backing_login.password}" clientComponent="true"></af:inputText>
      <af:commandButton text="Login" id="btnLogin" action="#{backing_login.doLogin}"/>
      </af:panelFormLayout>
      </af:panelBox>
      <af:message id="m1"
      message="#{requestContext.agent.agentName eq 'ie' ? 'Esta aplicação requer XMLHTTP nativo para seu total funcionamento. No painel superior do InternetExplorer clique em Ferramentas > Opções de Internet. Selecione Avançadas. Abaixo de Segurança habilite a opção: Habilitar suporte para XMLHTTP nativo. Reinicie o navegador.' : '' }"
      inlineStyle="border-style:ridge; width:289px; border-color:Scrollbar; background-color:transparent;"
      messageType="warning" rendered="#{requestContext.agent.agentName eq 'ie'}"/>
      </af:panelGroupLayout>
      </f:facet>
      <f:facet name="bottom">
      <!--af:panelGroupLayout id="pgl2"/-->
      </f:facet>
      <f:facet name="top">
      <!--af:panelGroupLayout id="pgl3"/-->
      </f:facet>
      </af:panelStretchLayout>
      </af:form>
      </af:document>
      </f:view>

      The action of the submit call a method in my backing bean, doLogin ()

      public String doLogin() throws NamingException {
      String j_username = _username;
      byte[] pw = null;
      if (_password != null) {
      pw = _password.getBytes();
      FacesContext ctx = FacesContext.getCurrentInstance();
      HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
      CallbackHandler handler = new URLCallbackHandler(j_username, pw);
      try {
      //this.initializeIdentityStoreData("SVN_MRS");
      Subject mySubject = Authentication.login(handler);
      ServletAuthentication.runAs(mySubject, request);
      ServletAuthentication.generateNewSessionID(request);
      String loginUrl = "/adfAuthentication?success_url=/faces/index.jspx";
      HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
      sendForward(request, response, loginUrl);
      } catch (FailedLoginException fle) {
      FacesMessage msg =
      new FacesMessage(FacesMessage.SEVERITY_ERROR, "Usuário ou Senha incorreto", "Um Usuário ou Senha incorretos" +
      " foram especificados");
      ctx.addMessage(null, msg);
      } catch (LoginException le) {
      reportUnexpectedLoginError("LoginException", le);
      }
      }
      return null;
      }

      **************************sendForward code************************

      private void sendForward(HttpServletRequest request, HttpServletResponse response, String forwardUrl) {
      FacesContext ctx = FacesContext.getCurrentInstance();
      RequestDispatcher dispatcher = request.getRequestDispatcher(forwardUrl);
      try {
      dispatcher.forward(request, response);
      } catch (ServletException se) {
      reportUnexpectedLoginError("ServletException", se);
      } catch (IOException ie) {
      reportUnexpectedLoginError("IOException", ie);
      }
      ctx.responseComplete();
      }

      *****************************************************************

      The first time, I can usually log into the application.

      After logout using the run method doLogout ()

      public String doLogout() throws IOException {
      ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
      HttpSession session = (HttpSession)ectx.getSession(false);
      session.invalidate();
      String url = ectx.getRequestContextPath() + "/adfAuthentication?logout=true&end_url=/faces/login.jspx";
      try {
      ectx.redirect(url);
      } catch (IOException e) {
      e.printStackTrace();
      }

      return null;
      }

      I tested in IE7, IE8, IE9, Chrome.

      Usually works in Chrome.

      I am using security enabled ADF Authentication and Authorization, form based.

      Weblogic: 10.3.5
      Jdeveloper: 11.1.2
      ADF Security
      Java 1.6.31
      Win 7

      any idea?

      Thank you.
        • 1. Re: ADF login/out BUG?
          Frank Nimphius-Oracle
          Hi,

          two comments:

          1) You don't need session.invalidate in this
            session.invalidate();
            String url = ectx.getRequestContextPath() + "/adfAuthentication?logout=true&end_url=/faces/login.jspx";
            try {
              ectx.redirect(url);
             } catch (IOException e) {
              e.printStackTrace();
           }
          Its handled by the /adfAuthentication?logout=true redirect already

          2) Configure authentication to BASIC for programmatic authentication

          Frank
          • 2. Re: ADF login/out BUG?
            908022
            Hi Frank, thanks for replying,

            First, the part of session.invalidate(), actually I had already seen after sending this message that do not need, ADFAuthentication own Servlet that handles the login redirect. But that does not solve the problem.

            Second, this application can not have a basic authentication, I must use FORM based authentication, I need a login screen that allows redirect to protected pages after login and filter any people should not has access. So also does not solve my problem.

            I did a test application, which only has all the logic necessary to have the screen protected, one login and one error, based on this video (basically the same code that I posted this before):
            http://www.youtube.com/watch?v=mAWBezngA1s

            I did deploy in two different servers: one is the development server I use, the client company has provided me and the other is a server that we use for an application for my business.

            Using jazn-data user (local user of the application) I log in.

            In the client server, the problem persisted in first time when I try

            In my company's server, log in 10 times per error(10 for 1).

            I do not know why, already researched, and cannot find a solution.

            If you wan't the sample I made, send me one contact mail.

            Thanks for all Frank and sorry about my english.
            • 3. Re: ADF login/out BUG?
              Sudipto Desmukh
              try following the steps mentioned in this document -
              http://docs.oracle.com/cd/E14571_01/web.1111/b31974/adding_security.htm#autoId34
              • 4. Re: ADF login/out BUG?
                908022
                Hello Sudipto Desmukh,

                Sorry but I did every step's of documentation 3 times, and nothing, the error continue in InternetExplorer 7.

                But I made a new type of test. I put the final methods one counter for each: doLogin (), sendForward () and doLogout ().

                So when I try to log in, and the error happens, the page does a refresh, the counter doLogin () increases but does not redirect to protected page and does not authenticate the user.

                Thank's all.

                Edited by: Rafael Silva on 11/04/2012 07:41
                • 5. Re: ADF login/out BUG?
                  Sudipto Desmukh
                  Did you follow steps while configuring form based authentication wherein you need to setup the page for "Redirect upon successful authentication" ->
                  http://docs.oracle.com/cd/E16162_01/web.1112/e16182/adding_security.htm#insertedID3
                  • 6. Re: ADF login/out BUG?
                    908022
                    Yes, and do again after your post, don't work
                    • 7. Re: ADF login/out BUG?
                      RenanMC
                      Hello Rafael,

                      I filled Bug 14259625 within My Oracle support for that.

                      The bug is already with developers.
                      • 8. Re: ADF login/out BUG?
                        Luís Moreira
                        Someone have a workaround for this errors?
                        Why the bug have status "33 - Suspended, Req'd Info not Avail"?