[英]First attempt to SSO login to weblogic fails right after weblogic started. Same SSO request 2nd time (and after) succeeds
My question refers to a previously asked question on stackoverflow which was never answered: 我的问题是关于stackoverflow的先前提出的问题,但从未得到解答:
Why does weblogic's "not found" behavior change after the first attempt? 为什么第一次尝试后weblogic的“未找到”行为会更改?
In my case, I'm implementing a SAML solution to log in from the identity provider to the external service provider. 就我而言,我正在实现SAML解决方案,以从身份提供者登录到外部服务提供者。 The external service provider (ESP) is hosted on weblogic 9.2.3.
外部服务提供商(ESP)托管在weblogic 9.2.3上。 On my first attempt after i startup weblogic to SSO-login to the ESP service provider, i can see in the logs that the app proceeds to build a redirect url normally.
在我启动weblogic以SSO登录到ESP服务提供商后的第一次尝试中,我可以在日志中看到该应用程序可以正常构建重定向URL。 On the response.sendRedirect() call, I see that the ESP has received a new request to the "home login" page -- the page users would be directed to if they weren't logged in. It seems to not know it (the servlet) has already been initialized, and then acts as if there is no login session and forwards to the login form page (as if they've not been logged in).
在response.sendRedirect()调用上,我看到ESP收到了对“家庭登录”页面的新请求-如果用户未登录,则将定向到该页面。似乎不知道( servlet)已经初始化,然后就好像没有登录会话,并转发到登录表单页面(好像还没有登录)。 I've checked all the weblogic logs and our application logs, but there's no clue as to why this is happening.
我已经检查了所有的weblogic日志和我们的应用程序日志,但是不知道为什么会发生这种情况。
I've seen this on other weblogic sso projects before. 我之前在其他weblogic sso项目中已经看到了这一点。 It wasn't a problem with those because those other projects typically had a high volume of users logging in through the ESP form before the first SSO request was made.
这些都不是问题,因为在发出第一个SSO请求之前,那些其他项目通常都有大量用户通过ESP表单登录。 (It only takes one attempt.) Also, because of the volume on previous projects, i wasn't able to consistently reproduce the problem...until now.
(仅需尝试一次。)而且,由于先前项目的数量大,我一直无法始终如一地重现该问题……直到现在。
The previous stackoverflow post of this nature (which wasn't answered) is the only relevant search result google gives me. 以前这种性质的stackoverflow帖子(未得到回答)是google给我的唯一相关搜索结果。
Big thank you to anyone who has some insight as to what the problem is. 非常感谢任何对问题有深刻见解的人。
Looks like your authentication never worked. 看来您的验证从未成功。 Why your subsequent requests are working could be because you are using the same browser session and so the SSO cookie are still alive.
您的后续请求为何起作用的原因可能是因为您使用的是同一浏览器会话,所以SSO cookie仍然有效。 So I would suggest you enable following debug directives in your weblogic JVM under debug section.
因此,我建议您在weblogic JVM的“调试”部分下启用以下调试指令。
weblogic -> security -> atn, atz, ldap to start with. weblogic->安全-> atn,atz,ldap开始。 Recreate the scenario and look at the log which should tell whether your authentication is successful or failed.
重新创建方案并查看日志,该日志应告诉您认证是成功还是失败。 You need to also see the server startup logs to see if there is any error related to ldap provider.
您还需要查看服务器启动日志,以查看是否有与ldap提供程序有关的错误。
Thanks. 谢谢。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.