• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Custom Authenticator randomly, rarely, stops being called

 
Garrick Oates
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there,

We wrote an authenticator a few years ago, and it runs 99.9999% of the time just fine. I added a bit of logging in it to check that it runs each time a user logs in. However, there are the very rare occasions where it appears that Weblogic simply stops calling it at all, and of course, our users fail to get authenticated. I say stops, because it almost always "never again" calls the authenticator for anyone after that point. On an even rarer chance, it make correct itself.

I've put exception handling in every single method, but nothing is showing as an error. It just simply stops being called.

What causes this, and more importantly, how do I prevent this? Create multiple of the same Authenticator?

-G
 
Bhargav Ram
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

How do you call authenticator ? Is it in the code ?
 
Garrick Oates
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You don't call an authenticator. It is called from within Weblogic when you try to access another application container I believe. Weblogic goes through all the authenticators based on their settings, e.g. REQUIRED, OPTIONAL, SUFFICIENT.

We pass an encrypted cookie to Weblogic via the session, which the authenticator can then look for, decrypt and authenticate based on internal rules.

-G
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Garrick Oates wrote:Hi there,

We wrote an authenticator a few years ago, and it runs 99.9999% of the time just fine. I added a bit of logging in it to check that it runs each time a user logs in. However, there are the very rare occasions where it appears that Weblogic simply stops calling it at all, and of course, our users fail to get authenticated. I say stops, because it almost always "never again" calls the authenticator for anyone after that point. On an even rarer chance, it make correct itself.

I've put exception handling in every single method, but nothing is showing as an error. It just simply stops being called.

What causes this, and more importantly, how do I prevent this? Create multiple of the same Authenticator?

-G


Are there any indications from weblogic logs ? Try setting up an audit provider that will log all authentication events. That should help
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic