Comments (2)
Interesting development. I downloaded your source into my program so I could play with the logging. It seems that if the password is valid... it sets it to null then says access denied. If the password is invalid it's access denied. If the password has special characters it's also denied.
Hard-code the password..... access works.
LOGGER.info("1pass:"+password);
password = "testpassword";
if(password==null)
return PAM_CONV_ERR;
LOGGER.info("2pass:"+password);
from libpam4j.
ok finally found the problem. Never fails I search at a problem but the minute I have to document it into an issue like this I find it.
So my problem was this:
Collection<? extends GrantedAuthority> authorities = Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"));
return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
authentication.getCredentials(),
authorities);
vs
authentication.getCredentials());
Without the ROLES at the end it authenticates once fine (which I missed in the logs) then blanks out the password. Then tries a second attempt with a null password. Which is what I saw above. When it was a wrong password the thing would fail on first try.
So resolution... pay attention to the logs more closely. Posting here in case anyone else falls into the same trap but the issue can be closed.
from libpam4j.
Related Issues (20)
- JVM crash during finalization HOT 1
- Debian 5.0 support HOT 1
- pam_tally2 does not reset tally on successful login HOT 1
- libpam4j not compatible with JNA 4.2.2 HOT 12
- libpam4j authenticates invalid accounts HOT 3
- Fails to build with Java 9: _ as keyword
- Does it compatible java8 HOT 1
- change password
- libpam.pam_setcred | Jenkins needs sufficient privileges
- Tests are failing in Windows 10
- libpam4j authenticate() fails on centos 8 with org.jvnet.libpam.PAMException: pam_acct_mgmt failed : Authentication failure HOT 2
- Not able to authenticate when service is running in non-root privileges.
- UnixUser constructor uses a pam function to get groups that is not thread safe.
- Pam authentication is slow HOT 1
- LDAP Authentication Failed with Docker image Jenkins LTS (2.414.1)
- getUserName() returns the input username and not the correct name
- 'GLIBC_2.11' not found
- On CentOS libpam4j crashes java in PAM.authenticate() HOT 1
- Inconsistent "getGroups()" and garbage getShell() results under load HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libpam4j.