The problem occurs when using the JAASSessionValidator in Jetspeed to authenticate through the Weblogic app server, along with using the struts bridge from the apache portals project. After logging in as the same user in more than one session (by first logging in, and then opening another browser to log in again with the same userid), and going from one page to another in the same mode (view mode, for example), the server throws up this error:
Included resource or
file "/action/edit.jas;jsessionid=C7QZxyGkX0pm6Sp9ckM6vyfxTRJ4p1Tn0Ph3bdz
g3TJQX4pyDxwC!-2002059013" not found from requested resource "/jetspeed/portal/_
ns:YTIxMzQ4fGMwfGQwfGVfa3JhPTE9MXxlX3NwYWdlPTE9L2VkaXRfb2JzLmphcztqc2Vzc2lvbmlkP
T1DN1FaeHlHa1gwcG02U3A5Y2tNNnZ5ZnhUUko0cDFUbjBQaDNiZHpnM1RKUVg0cHlEeHdDIS0yMDAyM
DU5MDEzfGVfbW9kZT0xPXZpZXc_/".This appears to be a problem with how Jetspeed will rewrite URL's, and maybe it is more specifically related to the struts bridge. I say Jetspeed, and not Weblogic, because the problem can be resolved by telling Weblogic to only use cookies to relay session data instead of also rewriting url's. So we fixed this by placing this next configuration into the weblogic.xml file of ALL of our war files:
<session-descriptor>
<session-param>
<param-name>URLRewritingEnabled</param-name>
<param-value>false</param-value>
</session-param>
</session-descriptor>
At least we found a work around!
2 comments:
Jeff,
Can you give me any pointers on how to start with cinfiguring Jetspeed (2) to use Weblogic as it's JAAS provider?
Sorry, but it has been more than 8 months since I last looked at Jetspeed. I wouldn't be able to give you a very good answer. But I know you can find all of your answers on the jetspeed-user mailing list. Try this jetspeed-user archives.
Post a Comment