OpenID login fails with version 0.25
When login in with an openId Kunagi throws an exception that it misses a class:
FATAL AKunagiServlet GET failed: scrum.server.admin.LoginServlet ->
java.lang.NoClassDefFoundError: org/apache/commons/httpclient/methods/RequestEntity
Ilarkesto uses openid4java and its class ConsumerManager uses the "import org.apache.commons.httpclient.HttpClient;". However none of the supplied libraries I can see within the project supplies the "old" httpclient from org.apache.commons as it has been moved to a new project.
"The Commons HttpClient project is now end of life, and is no longer being developed. It has been replaced by the Apache HttpComponents project in its HttpClient and HttpCore modules, which offer better performance and more flexibility. The Commons HttpClient project is now end of life, and is no longer being developed. It has been replaced by the Apache HttpComponents project in its HttpClient and HttpCore modules, which offer better performance and more flexibility.
The fix woudl be to replace the current openid library with openid4java-0.9.8.jar.
However this will lead to a problem in scrum.server.admin.LoginServlet which then misses the class org.openid4java.consumer.VerificationResult...
----------------------------------------------------------
here is the full stacktraceINFO: Server startup in 46936 ms
Wed Feb 05 18:59:31 CET 2014
FATAL AKunagiServlet GET failed: scrum.server.admin.LoginServlet ->
java.lang.NoClassDefFoundError: org/apache/commons/httpclient/methods/RequestEntity
at ilarkesto.auth.OpenId.getConsumerManager(OpenId.java:262)
at ilarkesto.auth.OpenId.createAuthenticationRequest(OpenId.java:153)
at ilarkesto.auth.OpenId.createAuthenticationRequestUrl(OpenId.java:90)
at scrum.server.admin.LoginServlet.redirectOpenId(LoginServlet.java:293)
at scrum.server.admin.LoginServlet.onRequest(LoginServlet.java:76)
at scrum.server.common.AKunagiServlet.onGet(AKunagiServlet.java:60)
at ilarkesto.webapp.AServlet.doGet(AServlet.java:50)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.ClassNotFoundException: org.apache.commons.httpclient.methods.RequestEntity
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1701)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1546)
at ilarkesto.auth.OpenId.getConsumerManager(OpenId.java:262)
at ilarkesto.auth.OpenId.createAuthenticationRequest(OpenId.java:153)
at ilarkesto.auth.OpenId.createAuthenticationRequestUrl(OpenId.java:90)
at scrum.server.admin.LoginServlet.redirectOpenId(LoginServlet.java:293)
at scrum.server.admin.LoginServlet.onRequest(LoginServlet.java:76)
at scrum.server.common.AKunagiServlet.onGet(AKunagiServlet.java:60)
at ilarkesto.webapp.AServlet.doGet(AServlet.java:50)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
Statement from Kunagi Team
Upgraded openid4java library.
Status
Issue is closed for Release 0.26.
Comments
Thu, Feb 6, 2014, 11:34 by anonymous
Thanks Witek. A quick note: I just had a look on it and I noticed that the kunagi-release of 0.25 is only consistent to the master of ilarkesto (and not kunagi-r.025). So working on a consistent 0.26 (=master) of both makes sense.
Thu, Feb 6, 2014, 11:36 by Witek (SM,T)
I have upgraded the openid4java library. Works now.
Thu, Feb 6, 2014, 11:52 by anonymous
You are my hero! :-) Waiting for 0.26 to be released :-)
Thu, Feb 6, 2014, 19:04 by Stefan Höhn
I just build the latest version (I put togehter all libraries for ilarkesto that are mentioned in the classpath) and I can confirm that the bug has been fixed. Well done, Witek!
Fri, Feb 7, 2014, 17:33 by anonymous
It seems it does not work. The system tries to go to localhost:
Fri Feb 07 17:31:41 CET 2014 INFO ConsumerManager Received positive auth response. | app:kunagi > session:127.0.0.1
Fri Feb 07 17:31:41 CET 2014 INFO ConsumerManager Verifying return URL; receiving: http://localhost:8080/kunagi/login.html?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.g
Fri, Feb 14, 2014, 16:27 by Stefan Höhn
Hint: If the system goes to localhost or you get a failed authentication after login via eg. Google, this has something to do that you probably have an Apache in front of your Tomcat. If Apache just forwards the request to Tomcat, Kunagi will compare the URL from which your request came from (eg. mykunagidomain.org) to Tomcat but internalle Tomcat only knows its localhost:8080/kunagi-mapping. This will lead to a failure in comparing the URLs to verify OpenID-authentication.
To fix the issue, make sure you don't use normal apache internal forwarding but integrate Tomcat via mod_jk and it will work.