Skip to content

Wrong Java class when custom authenticator are used. #1495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
gregoan opened this issue Sep 19, 2023 · 1 comment
Closed

Wrong Java class when custom authenticator are used. #1495

gregoan opened this issue Sep 19, 2023 · 1 comment
Assignees
@jshum2479
Labels
bug Something isn't working

Comments

@gregoan
Copy link

gregoan commented Sep 19, 2023

Our WL domain instances are configured with extra security components.
We are using the following script to execute discoverDomain.sh action :

=> cat discoverDomain.sh
#!/bin/bash

# ----------------------------------------------------------------
oracleServerUrl="t3s://xyz.cc.cec.eu.int:1041"
oracleHome="/ec/local/weblogic/u000/app/owl12214"
domainHome="/ec/local/weblogic/u010/home/wlsopert/config/JEE-WS_TST"
# ----------------------------------------------------------------

echo
echo "oracleHome properties set [${oracleHome}]"

export WLSDEPLOY_PROPERTIES="-Dweblogic.alternateTypesDirectory=/ec/local/weblogic/u010/home/wlsopert/data/ec_components"
echo "WLSDEPLOY_PROPERTIES properties set [${WLSDEPLOY_PROPERTIES}]"

# ----------------------------------------------------------------
# Online mode
#${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -domain_home ${domainHome} -archive_file ./Domain.zip -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl}
${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl} -remote -skip_archive

# Offline mode
#${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -domain_home ${domainHome} -archive_file ./Domain.zip -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties
# ----------------------------------------------------------------

The content of the directory /ec/local/weblogic/u010/home/wlsopert/data/ec_components referenced by -Dweblogic.alternateTypesDirectory system's property is :

=> ls -la /ec/local/weblogic/u010/home/wlsopert/data/ec_components
total 11884
drwxr-x--- 2 wlsopert weblogic      222 Jul 19 12:39 .
drwxr-x--- 6 wlsopert weblogic     4096 Sep 11 15:57 ..
-rwxr-x--- 1 wlsopert weblogic    43828 Dec 18  2020 ECCustomAudit.jar
-rwxr-x--- 1 wlsopert weblogic    22345 Dec 22  2020 ecas-extragroups-1.6-JDK7.jar
-rw-r----- 1 wlsopert weblogic 11964428 Jul 19 12:39 eulogin-weblogic-12-authprovider-9.8.2-jdk8.jar
-rwxr-x--- 1 wlsopert weblogic    40761 Dec 22  2020 group-enhancer-1.6-JDK7.jar
-rwxr-x--- 1 wlsopert weblogic    40449 Dec 21  2020 net-proxy-1.8.jar
-rwxr-x--- 1 wlsopert weblogic    43146 Aug  3  2021 wlECSecurityProviders_11389.jar

The generation of the model is working fine excepted the Java class are wrong

SecurityConfiguration:
	Realm:
		myrealm:
			Auditor:
				ECCustomAudit:
					eu.digit.wls.audit.providers.ECCustomAuditProviderImpl: {}
			AuthenticationProvider:
			
				// DefaultAuthenticator and DefaultIdentityAsserter have been removed for readability
				
				ECASIdentityAsserterV2:
					eu.cec.digit.ecas.client.j2ee.weblogic.EcasIdentityAsserterV2ProviderImpl:
						AssuranceLevel: LOW
						ControlFlag: SUFFICIENT
						ExcludedContextPaths:
						  - /soa-infra
						  - /management
				ECAuthenticator:
					eu.cec.di.stb.authenticationprovider.ECAuthenticationProviderImpl:
						ControlFlag: OPTIONAL
						
				GroupEnhancer:
					eu.europa.ec.digit.iam.weblogic.groupenhancer.GroupEnhancerProviderImpl: {}
					
				NetProxy:
					eu.europa.ec.digit.iam.weblogic.net.proxy.NetProxyAuthenticationProvider:
						Active: 'true'
						ControlFlag: OPTIONAL

The generated file should be :

SecurityConfiguration:
	Realm:
		myrealm:
			Auditor:
				ECCustomAudit:
					eu.digit.wls.audit.providers.ECCustomAudit:

			AuthenticationProvider:
			
				// DefaultAuthenticator and DefaultIdentityAsserter have been removed for readability

				ECASIdentityAsserterV2:
					eu.cec.digit.ecas.client.j2ee.weblogic.EcasIdentityAsserterV2:
						ControlFlag: SUFFICIENT
						ExcludedContextPaths:
							- '/soa-infra'
							- '/management'

				ECAuthenticator:
					eu.cec.di.stb.authenticationprovider.ECAuthenticator:
						ControlFlag: OPTIONAL

				GroupEnhancer:
					eu.europa.ec.digit.iam.weblogic.groupenhancer.GroupEnhancer:
						ControlFlag: OPTIONAL
		
				NetProxy:
				    eu.europa.ec.digit.iam.weblogic.net.proxy.NetProxy:
				        ControlFlag: OPTIONAL
@robertpatrick robertpatrick added the bug Something isn't working label Sep 19, 2023
@jshum2479
Copy link
Member

There is a problem with online WDT discovery with custom security provider, offline works fine. We are investigating the issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jshum2479 jshum2479

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gregoan @jshum2479 @robertpatrick