Para Desenvolvedores

Autenticação Integrada Lumis Portal 11.0.1 não funciona

Estamos trabalhando em um projeto para ter a autenticação integrada. Mas não está sendo autenticado.

Os passos apresentados no vídeo Integração AD, foram todos feitos. O arquivo XML para acessar o AD configurado corretamente, a geração do XML e a importação do XML, todos realizados com sucesso. Os usuários e grupos importados.

O trecho no arquivo lumisportalconfig.xml descomentado, veja abaixo

<security>
		<!-- Uncomment to configure a HTTP authenticator. See Lumis Portal documentation for details about included authenticators. -->
		<httpAuthenticator className="lumis.portal.authentication.http.SpnegoAuthenticator" />
		
		<!-- Uncomment to configure Kerberos Authentication Protocol. See Lumis Portal documentation for details. 
		<kerberos>
			<configurationFile>security/krb5.conf</configurationFile>
		</kerberos>
		-->
	</security>

No tempo13:20 do vídeo, a pessoa que esta fazendo o vídeo consegue se logar localmente como é o nosso ambiente e aqui não acontece o mesmo.

Sempre é enviado para a página de login e mesmo inserindo o login não acessa.

Lumis 11.0.1. MySQL 8 e Tomcat 9

Por Webmaster

Em 05/04/19 16:43

Acompanhar pergunta

6 resposta(s):

Ordenar por:

Pontos para verificar:

  • A autenticação por SPNEGO/Kerberos pode não funcionar se o navegador web sendo utilizado estiver na mesma máquina que está executando o Lumis Portal. É necessário acessar o portal usando o navegador em outra máquina.

  • Os navegadores podem efetuar automaticamente a autenticação dependendo de suas característica e configurações:

    Internet Explorer: Por padrão efetua a autenticação automática se o endereço acessado for considerado zona de intranet. Pode-se utilizar a funcionalidade de política de grupos do Active Directory para automaticamente configurar as máquinas do domínio para considerarem os endereços do portal como zona de intranet, caso já não seja o caso.

    Google Chrome: Não possui configuração específica, mas utiliza a mesma configuração que o Internet Explorer.

    Mozilla Firefox: Acessar about:config e incluir no parâmetro network.negotiate-auth.trusted-uris os endereços, separados por vírgula, que se confia para efetuar a autenticação automática. Em ambiente corporativos, pode-se usar a funcionalidade do Firefox de difusão das configurações no ambiente corporativo para efetuar tal configuração nas máquinas clientes do ambiente.

  • O endereço usado no setspn tem que estar consistente com o DNS. Por isso recomendamos no manual cadastrar todos os endereços que existam para o endereço acessado pelo navegador.

Por Rodrigo Cesar

Em 08/04/19 13:14

Rodrigo,

Obrigado por responder. Mas mesmo com todas as configurações feitas, esta aparecendo a seguinte mensagem no log

2019-04-09 19:27:30,355 ERROR 10.10.1.66 guest    [LumisRequest - default task-4; url: [http://proj.fenae.org.br/login.jsp?accessError=2]; login: [guest]] lumis.portal.authentication.http.SpnegoAuthenticator - Could not obtain service subject using login module 'LumisPortalSpnego'. Check the login module configuration.
javax.security.auth.login.LoginException: java.lang.NullPointerException
	at org.jboss.as.security.RealmDirectLoginModule.getDigestCredential(RealmDirectLoginModule.java:243)
	at org.jboss.as.security.RealmDirectLoginModule.login(RealmDirectLoginModule.java:144)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
	at lumis.portal.authentication.http.SpnegoAuthenticator.createServiceSubject(SpnegoAuthenticator.java:175)
	at lumis.portal.authentication.http.SpnegoAuthenticator.authenticate(SpnegoAuthenticator.java:140)
	at lumis.portal.authentication.http.SpnegoAuthenticator.doAuthentication(SpnegoAuthenticator.java:71)
	at lumis.portal.authentication.http.HttpHandshakeAuthenticator.authenticate(HttpHandshakeAuthenticator.java:175)
	at lumis.portal.authentication.LoginControllerHtml.handleLogin(LoginControllerHtml.java:273)
	at lumis.portal.authentication.LoginControllerHtml.handleRequest(LoginControllerHtml.java:122)
	at org.apache.jsp.login_jsp._jspService(login_jsp.java:97)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433)
	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402)
	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:130)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.appserver.UndertowFilter.doFilter(UndertowFilter.java:90)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.rest.RestRootFilter.doFilter(RestRootFilter.java:314)
	at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:462)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.webserver.WebServerIntegrationForwardFilter.doFilter(WebServerIntegrationForwardFilter.java:45)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.service.seo.sitemap.SitemapFilter.doFilter(SitemapFilter.java:72)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceForwardFilter.doFilter(WebResourceForwardFilter.java:347)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.security.csr.CrossSiteRequestFilter.doFilter(CrossSiteRequestFilter.java:227)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceDiscoveryFilter.doFilter(WebResourceDiscoveryFilter.java:365)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.presentation.PortalModeDiscoveryFilter.doFilter(PortalModeDiscoveryFilter.java:125)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:232)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:209)
	at lumis.service.portalmanagement.monitoring.JavaMelodyCustomMonitoringFilter.doFilter(JavaMelodyCustomMonitoringFilter.java:220)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.authentication.AuthenticationFilter.changeThreadNameAndProceed(AuthenticationFilter.java:375)
	at lumis.portal.authentication.AuthenticationFilter.lambda$doFilter$0(AuthenticationFilter.java:271)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:262)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.monitor.impl.MonitorContextFilter.lambda$doFilter$1(MonitorContextFilter.java:380)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.monitor.impl.MonitorContextFilter.doFilter(MonitorContextFilter.java:371)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.page.cache.PageCacheSSIFilter.doFilter(PageCacheSSIFilter.java:52)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalRequestContextFilter.doFilter(PortalRequestContextFilter.java:97)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.filter.EncodingUTF8Filter.doFilter(EncodingUTF8Filter.java:35)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.webserver.WebServerIntegrationInitFilter.doFilter(WebServerIntegrationInitFilter.java:367)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.website.WebsiteDiscoveryFilter.doFilter(WebsiteDiscoveryFilter.java:302)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalConfiguration$RequestInitializer.doFilter(PortalConfiguration.java:142)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264)
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
	at lumis.portal.authentication.http.SpnegoAuthenticator.createServiceSubject(SpnegoAuthenticator.java:175)
	at lumis.portal.authentication.http.SpnegoAuthenticator.authenticate(SpnegoAuthenticator.java:140)
	at lumis.portal.authentication.http.SpnegoAuthenticator.doAuthentication(SpnegoAuthenticator.java:71)
	at lumis.portal.authentication.http.HttpHandshakeAuthenticator.authenticate(HttpHandshakeAuthenticator.java:175)
	at lumis.portal.authentication.LoginControllerHtml.handleLogin(LoginControllerHtml.java:273)
	at lumis.portal.authentication.LoginControllerHtml.handleRequest(LoginControllerHtml.java:122)
	at org.apache.jsp.login_jsp._jspService(login_jsp.java:97)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433)
	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402)
	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:130)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.appserver.UndertowFilter.doFilter(UndertowFilter.java:90)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.rest.RestRootFilter.doFilter(RestRootFilter.java:314)
	at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:462)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.webserver.WebServerIntegrationForwardFilter.doFilter(WebServerIntegrationForwardFilter.java:45)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.service.seo.sitemap.SitemapFilter.doFilter(SitemapFilter.java:72)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceForwardFilter.doFilter(WebResourceForwardFilter.java:347)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.security.csr.CrossSiteRequestFilter.doFilter(CrossSiteRequestFilter.java:227)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceDiscoveryFilter.doFilter(WebResourceDiscoveryFilter.java:365)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.presentation.PortalModeDiscoveryFilter.doFilter(PortalModeDiscoveryFilter.java:125)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:232)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:209)
	at lumis.service.portalmanagement.monitoring.JavaMelodyCustomMonitoringFilter.doFilter(JavaMelodyCustomMonitoringFilter.java:220)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.authentication.AuthenticationFilter.changeThreadNameAndProceed(AuthenticationFilter.java:375)
	at lumis.portal.authentication.AuthenticationFilter.lambda$doFilter$0(AuthenticationFilter.java:271)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:262)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.monitor.impl.MonitorContextFilter.lambda$doFilter$1(MonitorContextFilter.java:380)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.monitor.impl.MonitorContextFilter.doFilter(MonitorContextFilter.java:371)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.page.cache.PageCacheSSIFilter.doFilter(PageCacheSSIFilter.java:52)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalRequestContextFilter.doFilter(PortalRequestContextFilter.java:97)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.filter.EncodingUTF8Filter.doFilter(EncodingUTF8Filter.java:35)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.webserver.WebServerIntegrationInitFilter.doFilter(WebServerIntegrationInitFilter.java:367)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.website.WebsiteDiscoveryFilter.doFilter(WebsiteDiscoveryFilter.java:302)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalConfiguration$RequestInitializer.doFilter(PortalConfiguration.java:142)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264)
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
2019-04-09 19:27:30,371 ERROR 10.10.1.66 guest    [LumisRequest - default task-4; url: [http://proj.fenae.org.br/login.jsp?accessError=2]; login: [guest]] lumis.portal.authentication.http.SpnegoAuthenticator - Unable to obtain service subject.

Nosso krb5.conf esta assim:

[domain_realm]
	fenae.org.br = FENAE.ORG.BR

[libdefaults]	
	default_realm = FENAE.ORG.BR       
	dns_lookup_kdc = true

[realms]
	FENAE.ORG.BR = {
		admin_server = IP_DO_AD
		default_domain = fenae.org.br
		kdc = IP_DO_AD
	}

Achamos estranho a documentação e o arquivo no lumis portal, são diferentes.

Na documentação está assim:

[domain_realm]
.mydomain.com = MYDOMAIN.COM
(comentario: tem um . 'ponto' no inicio da linha)

[libdefaults]
default_tkt_enctypes = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
default_tgs_enctypes = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
permitted_enctypes   = aes128-cts rc4-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc
default_realm = MYDOMAIN.COM

 

[realms]
MYDOMAIN.COM = {
        kdc = 10.200.20.12
        default_domain = MYDOMAIN.COM
}

Ja no arquivo do lumis portal, esta assim:

[domain_realm]
    mydomain.net = MYDOMAIN.NET

[libdefaults]       
    default_realm = MYDOMAIN.NET       
    dns_lookup_kdc = true

 

[realms]
    MYDOMAIN.NET = {
        admin_server = server01
        default_domain = mydomain.net
        kdc = server01
    }

Sem algumas linhas e sem o ponto na linha comentada acima.

 

Nosso arquivo lumissecuritylogin.config, esta assim:

LumisPortal {
  lumis.portal.authentication.LumisLoginModule sufficient debug=false;
};

LumisPortalSpnego {
  com.sun.security.auth.module.Krb5LoginModule required
  debug=false
  storeKey=true
  doNotPrompt=true
  useKeyTab=true
  keyTab="${lumis.portal.lumisDataPath}/config/security/lumisportal.keytab"
  principal="lumisportalservice@fenae.org.br";
};

Geramos o lumisportal.keytab e colocamos no diretorio 'D:\lumisportal\lumisdata\config\security'

A configuração no Active Directory foi feita tbm.

Tem mais alguma configuração?

Por Webmaster

Em 09/04/19 19:42

O JBoss requer que vc faça a configuração que vc fez no lumissecuritylogin.config no arquivo de configuração dele. Busca por security-domain nele e vc deve ver a configuração do LumisLoginModule. Teria que fazer algo equivalente para esse outro que vc está adicionando.

Não sei se ele aceita EL no caminho do keytab, acho que vai que colocar o caminho absoluto.

Por Rodrigo Cesar

Em 10/04/19 12:16

Rodrigo,

Fizemos as configurações no security-domain da seguinte forma:

<security-domains>
                <security-domain name="LumisPortal" cache-type="default">
                    <authentication>
                        <!--login-module code="lumis.portal.authentication.LumisLoginModule" flag="sufficient"/ -->
						<login-module code="lumis.portal.authentication.LumisLoginModule" flag="sufficient">
						<module-option name="debug" value="true"/>
						</login-module>			
							
						<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
						<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
						<module-option name="java.naming.provider.url" value="ldap://10.10.1.11:389"/>
						<module-option name="java.naming.security.authentication" value="simple"/>
						<module-option name="principalDNPrefix" value="cn="/>
						<module-option name="principalDNSuffix" value="dc=fenae,dc=org,dc=br"/>
						
						</login-module>

                    </authentication>
                </security-domain>

O servidor JBoss inicia normalmente mas não autentica os usuários direcionando para a página de login.

Preciso de orientação para configurar esses dois parâmetros, pois acredito que a falha está nessa configuração:

            <module-option name="principalDNPrefix" value="cn="/>
            <module-option name="principalDNSuffix" value="dc=fenae,dc=org,dc=br"/>

 

Por Webmaster

Em 10/04/19 13:04

Rodrigo, conseguimos configurar o JBoss EAP 7 fazer a autenticação integrada.

No standalone.xml ficou assim:

 

<security-domain name="other" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="RealmDirect" flag="required">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>
                <security-domain name="jboss-web-policy" cache-type="default">
                    <authorization>
                        <policy-module code="Delegating" flag="required"/>
                    </authorization>
                </security-domain>
                <security-domain name="jboss-ejb-policy" cache-type="default">
                    <authorization>
                        <policy-module code="Delegating" flag="required"/>
                    </authorization>
                </security-domain>
                <security-domain name="LumisPortal" cache-type="default">
                    <authentication>                        
                        <login-module code="lumis.portal.authentication.LumisLoginModule" flag="sufficient">
							<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
                            <module-option name="userProvider" value="ldap://ip_do_ad:389"/>
							<module-option name="java.naming.security.authentication" value="simple"/>
                            <module-option name="authIdentity" value="uid={userPrincipalname},dc=dominio,dc=com,dc=br"/>
                            <module-option name="useSSL" value="false"/>
                            <module-option name="debug" value="true"/>
                        </login-module>
                    </authentication>
                </security-domain>				
				<security-domain name="LumisPortalSpnego" cache-type="default">
                    <authentication>					
						<login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
                            <module-option name="storeKey" value="true"/>
                            <module-option name="useKeyTab" value="true"/>
                            <module-option name="principal" value="email@DOMINIO.COM.BR"/>
                            <module-option name="keyTab" value="D:/jboss-eap-7.0/standalone/configuration/lumisportal.keytab"/>
                            <module-option name="doNotPrompt" value="true"/>
                            <module-option name="debug" value="true"/>
							<module-option name="isInitiator" value="false"/>
                        </login-module>
                    </authentication>
                </security-domain>				
				<security-domain name="SPNEGO" cache-type="default">
                    <authentication>
                        <login-module code="SPNEGO" flag="requisite">
                            <module-option name="password-stacking" value="useFirstPass"/>
                            <module-option name="serverSecurityDomain" value="host"/>
                        </login-module>
                    </authentication>
                </security-domain>

 

Só não conseguimos fazer o logout, pois quando tentamos, temos a seguinte mensagem no log

 

2019-04-12 10:17:45,759 INFO  10.10.1.66 rogeriorodrigues@fenae.org.br /Portal/Intranet Home Intranet - Reposit de Widgets [LumisRequest - default task-16; url: [http://intranet.fenae.org.br/intranet/.lumis]; login: [rogeriorodrigues@fenae.org.br]] org.hibernate.cache.StandardQueryCache - starting query cache at region: lumis.service.pagepersonalization.bean.WidgetInstanceHolder#query
2019-04-12 10:20:11,438 ERROR 10.10.1.66 rogeriorodrigues@fenae.org.br    [LumisRequest - default task-4; url: [http://intranet.fenae.org.br/lumis/api/rest/lum-internal/monitor/pageView.lumis?lumReferer=http%3A%2F%2Fintranet.fenae.org.br%2Fpt_br%2Fintranet%2Fminhas-ferramentas%2Fminha-intranet%2Fmeu-perfil%2F%23&duration=10355&referrer=http%3A%2F%2Fintranet.fenae.org.br%2Fpt_br%2Fintranet%2F]; login: [rogeriorodrigues@fenae.org.br]] lumis.portal.rest.PortalDefaultExceptionMapper - Exception thrown during call to POST http://intranet.fenae.org.br/lumis/api/rest/lum-internal/monitor/pageView?lumReferer=http%3A%2F%2Fintranet.fenae.org.br%2Fpt_br%2Fintranet%2Fminhas-ferramentas%2Fminha-intranet%2Fmeu-perfil%2F%23&duration=10355&referrer=http%3A%2F%2Fintranet.fenae.org.br%2Fpt_br%2Fintranet%2F
java.lang.IllegalStateException: UT000010: Session not found I4nVK7jGVzZgGD3FR5JEz3udSaUZp9DPr-XokVvv
	at io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:464)
	at io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122)
	at lumis.portal.presentation.HttpSessionMonitor.monitorSession(HttpSessionMonitor.java:156)
	at lumis.portal.monitor.impl.MonitorResource.lambda$pageView$0(MonitorResource.java:168)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.portal.monitor.impl.MonitorResource.pageView(MonitorResource.java:101)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:76)
	at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:148)
	at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:191)
	at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$VoidOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:183)
	at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:103)
	at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:493)
	at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:415)
	at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:104)
	at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:277)
	at org.glassfish.jersey.internal.Errors$1.call(Errors.java:272)
	at org.glassfish.jersey.internal.Errors$1.call(Errors.java:268)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:316)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:298)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:268)
	at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:289)
	at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:256)
	at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:703)
	at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:416)
	at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:370)
	at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389)
	at lumis.portal.rest.RestServletApplication.service(RestServletApplication.java:30)
	at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342)
	at lumis.portal.rest.BaseRestServletContainer.service(BaseRestServletContainer.java:228)
	at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at lumis.portal.rest.RestRootFilter.doFilter(RestRootFilter.java:314)
	at org.glassfish.jersey.servlet.ServletContainer.doFilter(ServletContainer.java:462)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:266)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:201)
	at io.undertow.servlet.spec.RequestDispatcherImpl.forwardImpl(RequestDispatcherImpl.java:202)
	at io.undertow.servlet.spec.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:109)
	at lumis.portal.webserver.WebServerIntegrationInitFilter$RequestWrapper$1.forward(WebServerIntegrationInitFilter.java:319)
	at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at net.bull.javamelody.JspWrapper.invoke(JspWrapper.java:152)
	at net.bull.javamelody.JdbcWrapper$DelegatingInvocationHandler.invoke(JdbcWrapper.java:294)
	at com.sun.proxy.$Proxy182.forward(Unknown Source)
	at lumis.portal.webserver.WebServerIntegrationForwardFilter.doFilter(WebServerIntegrationForwardFilter.java:40)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.service.seo.sitemap.SitemapFilter.doFilter(SitemapFilter.java:72)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceForwardFilter.doFilter(WebResourceForwardFilter.java:347)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.security.csr.CrossSiteRequestFilter.doFilter(CrossSiteRequestFilter.java:227)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.url.WebResourceDiscoveryFilter.doFilter(WebResourceDiscoveryFilter.java:365)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.presentation.PortalModeDiscoveryFilter.doFilter(PortalModeDiscoveryFilter.java:125)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:232)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:209)
	at lumis.service.portalmanagement.monitoring.JavaMelodyCustomMonitoringFilter.doFilter(JavaMelodyCustomMonitoringFilter.java:220)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.authentication.AuthenticationFilter.changeThreadNameAndProceed(AuthenticationFilter.java:375)
	at lumis.portal.authentication.AuthenticationFilter.lambda$doFilter$0(AuthenticationFilter.java:271)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:262)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.monitor.impl.MonitorContextFilter.lambda$doFilter$1(MonitorContextFilter.java:380)
	at lumis.portal.util.PortalUtilInternal.execWithSilentThrow(PortalUtilInternal.java:527)
	at lumis.util.log.MDCUtil.execWithValues(MDCUtil.java:60)
	at lumis.portal.monitor.impl.MonitorContextFilter.doFilter(MonitorContextFilter.java:371)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.page.cache.PageCacheSSIFilter.doFilter(PageCacheSSIFilter.java:52)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalRequestContextFilter.doFilter(PortalRequestContextFilter.java:97)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.filter.EncodingUTF8Filter.doFilter(EncodingUTF8Filter.java:35)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.webserver.WebServerIntegrationInitFilter.doFilter(WebServerIntegrationInitFilter.java:367)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.website.WebsiteDiscoveryFilter.doFilter(WebsiteDiscoveryFilter.java:302)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at lumis.portal.PortalConfiguration$RequestInitializer.doFilter(PortalConfiguration.java:142)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264)
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
2019-04-12 10:30:44,691 WARN       [default task-47] lumisservice.lumis.portal.navigation - The requested resource (/favicon.ico) is not available. Its origin was: http://intranet.fenae.org.br/pt_br/intranet/login.htm?accessError=2
2019-04-12 10:31:23,178 WARN       [default task-10] lumisservice.lumis.portal.navigation - The requested resource (/favicon.ico) is not available. Its origin was: http://intranet.fenae.org.br/pt_br/intranet/login.htm?accessError=2
2019-04-12 10:39:34,775 WARN  10.10.1.66 guest    [LumisRequest - default task-9; url: [http://intranet.fenae.org.br/favicon.ico.lumis]; login: [guest]] lumis.portal.security.csr.CrossSiteRequestFilter - The request is not allowed to access this site: Origin: ''; Method: 'GET'; Path: '/favicon.ico'. Blocking access...
2019-04-12 10:39:37,228 WARN  10.10.1.66     [LumisRequest - default task-8; url: [http://intranet.fenae.org.br/apple-touch-icon.png.lumis]] lumis.portal.security.csr.CrossSiteRequestFilter - The request is not allowed to access this site: Origin: ''; Method: 'GET'; Path: '/apple-touch-icon.png'. Blocking access...
2019-04-12 10:42:08,029 WARN       [default task-32] lumisservice.lumis.portal.navigation - The requested resource (/favicon.ico) is not available. Its origin was: http://intranet.fenae.org.br/pt_br/intranet/login.htm?accessError=2

Tem ideia do porque?

Por Webmaster

Em 12/04/19 10:51

A não ser se após vc efetuar logout vc caia numa página que guest tenha permissão de visualizar, o que vai acontecer é que o acesso negado na página vai disparar novamente a autenticação integrada e o usuário vai ser logado automaticamente novamente, dando a impressão que o logout não ocorreu.

A interface de logout do serviço de login padrão após o logout redireciona para a mesma página caso guest tenha acesso a ela, caso contrário redireciona para a home do website. Então para esse logout funcionar com autenticação integrada, vc precisaria ou que a página que contém o logout tenha permissão para guest, ou que a home tenha permissão para guest.

Por Rodrigo Cesar

Em 12/04/19 18:38

Entrar

Interaja com a comunidade e tenha acesso a conteúdos exclusivos.

Houve algum erro ao acessar o banco de dados. Tente novamente mais tarde.