PASOE Basic Auth: 'no group 1' error

Posted by BartMille on 23-Oct-2018 04:20

I'm trying to setup a PASOE server with basic authentication. But I keep getting the error:

ERROR c.p.a.s.s.OEClientPrincipalFilter - Error converting Spring token to OEAuthenticationToken: java.lang.IndexOutOfBoundsException: No group 1

I've never had this problem before with both classic & pasoe in previous OE versions. Also no problem with openrealm PASOE auth for the current OE.

It is related to this property:

OEClientPrincipalFilter.domainRoleFilter

If I put a value in it (ROLE_), it gives the above error. If I leave it empty, I can continu, but with a corrupt CP-token

Anybody an idea?

OE: 11.7.3

OS: Windows & Linux

Log file:

10:55:16.665/51500 [thd-8] DEBUG c.p.a.s.s.OEClientPrincipalFilter - OEClientPrincipleFilter processing token of type: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken
10:55:16.668/51503 [thd-8] DEBUG c.p.a.s.s.OEClientPrincipalFilter - Substituting OEAuthenticationToken for authenticated token: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e6c9d665: Principal: org.springframework.security.core.userdetails.User@915f7eff: Username: restdebug; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_PSCAdmin,ROLE_PSCDebug,ROLE_PSCUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 192.168.88.1; SessionId: null; Granted Authorities: ROLE_PSCAdmin, ROLE_PSCDebug, ROLE_PSCUser'
10:55:16.668/51503 [thd-8] DEBUG c.p.a.s.s.OEClientPrincipalFilter - Creating Domain Registry: 'com.progress.auth.OEDefaultRegistry'
10:55:16.670/51505 [thd-8] DEBUG c.p.a.s.s.OEClientPrincipalFilter - Loading Domain Registry: 'com.progress.auth.OEDefaultRegistry'
10:55:16.675/51510 [thd-8] DEBUG c.p.a.s.s.OEClientPrincipalFilter - Converting Spring token to OEAuthenticationToken: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e6c9d665: Principal: org.springframework.security.core.userdetails.User@915f7eff: Username: restdebug; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_PSCAdmin,ROLE_PSCDebug,ROLE_PSCUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 192.168.88.1; SessionId: null; Granted Authorities: ROLE_PSCAdmin, ROLE_PSCDebug, ROLE_PSCUser'
10:55:16.679/51514 [thd-8] TRACE c.p.a.s.s.OEAuthenticationTokenConverter - OEAuthentication Spring token principal type: org.springframework.security.core.userdetails.User
10:55:16.679/51514 [thd-8] DEBUG c.p.a.s.s.OEAuthenticationTokenConverter - replaceToken: using non-qualified userName restdebug
10:55:16.679/51514 [thd-8] DEBUG c.p.a.s.s.OEAuthenticationTokenConverter - Loading OE Domain name from Spring authorities ...
10:55:16.679/51514 [thd-8] DEBUG c.p.a.s.s.OEAuthenticationTokenConverter - Checking Spring authority for Domain name in value: ROLE_PSCAdmin
10:55:16.679/51514 [thd-8] WARN c.p.a.s.s.OEAuthenticationTokenConverter - Exception in obtaining OE Domain from Spring authorities : java.lang.IndexOutOfBoundsException: No group 1
10:55:16.679/51514 [thd-8] ERROR c.p.a.s.s.OEAuthenticationTokenConverter - No group 1
10:55:16.685/51520 [thd-8] ERROR c.p.a.s.s.OEClientPrincipalFilter - Error converting Spring token to OEAuthenticationToken: java.lang.IndexOutOfBoundsException: No group 1

OpenEdge Development - Forum
Posted by BartMille on 24-Oct-2018 02:09

No, this property doesn't actually need a value in this case (basic, local). So I left it empty and then found out I had a bug registering my domains. It works ok now. Still, I like the PASOE, but once something goes wrong you're left with a maze of properties and settings with little to no help at all.

Thx for your help!

All Replies

Posted by Irfan on 23-Oct-2018 05:08

Something seems wrong with the instance. Can you try creating a new instance and see if it works with the basic authentication. We can try to compare them and see whats wrong.

Posted by Irfan on 23-Oct-2018 05:08

Something seems wrong with the instance. Can you try creating a new instance and see if it works with the basic authentication. We can try to compare them and see whats wrong.

Posted by BartMille on 24-Oct-2018 02:09

No, this property doesn't actually need a value in this case (basic, local). So I left it empty and then found out I had a bug registering my domains. It works ok now. Still, I like the PASOE, but once something goes wrong you're left with a maze of properties and settings with little to no help at all.

Thx for your help!

This thread is closed