share Session authenticator etween several play apps
103 views
Skip to first unread message
Ugo Bourdon
Apr 4, 2016, 10:25:36 AM4/4/16
to Silhouette
Is it possible ?
Since session authenticator is stateless it could be possible to do that no ?
Since session authenticator is stateless it could be possible to do that no ?
Christian Kaps
Apr 4, 2016, 11:08:31 AM4/4/16
to Silhouette
Hi,
The session authenticator is based on the Play session. So if you share the same application secret between your applications, then you can read also the session from the different applications.
Best regards,
Christian
Ugo Bourdon
Apr 4, 2016, 11:27:48 AM4/4/16
to Silhouette
Can it work between silhouette 2/play 2.3.10 & silhouette 3/play 2.4.x or I dream ? :)
Message has been deleted
Ugo Bourdon
Apr 4, 2016, 11:34:19 AM4/4/16
to Silhouette
When I try I have this error
play.api.Application$$anon$1: Execution exception[[AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator]]
at play.api.Application$class.handleError(Application.scala:296) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.DefaultApplication.handleError(Application.scala:402) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at scala.Option.map(Option.scala:146) [scala-library-2.11.7.jar:na]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:316) [play_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:344) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:343) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at play.api.libs.iteratee.Execution$trampoline$.execute(Execution.scala:46) [play-iteratees_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:40) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.tryComplete(Promise.scala:248) [scala-library-2.11.7.jar:na]
at scala.concurrent.Promise$class.complete(Promise.scala:55) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.complete(Promise.scala:153) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.processBatch$1(BatchingExecutor.scala:67) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:82) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch.run(BatchingExecutor.scala:58) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:401) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.7.jar:na]
Caused by: com.mohiva.play.silhouette.api.exceptions.AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:148) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:147) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:36) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure$$anonfun$recover$1.apply(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure.recover(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
... 13 common frames omitted
Caused by: org.apache.commons.codec.DecoderException: Illegal hexadecimal character - at index 1
at org.apache.commons.codec.binary.Hex.toDigit(Hex.java:178) ~[commons-codec-1.10.jar:1.10]
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:91) ~[commons-codec-1.10.jar:1.10]
at play.api.libs.Codecs$.hexStringToByte(Codecs.scala:76) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:276) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:252) ~[play_2.11-2.3.10.jar:2.3.10]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService.com$mohiva$play$silhouette$impl$authenticators$SessionAuthenticatorService$$unserialize(SessionAuthenticator.scala:281) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.Option.flatMap(Option.scala:171) [scala-library-2.11.7.jar:na]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:139) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.util.Success$$anonfun$map$1.apply(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Success.map(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
... 13 common frames omitted
play.api.Application$$anon$1: Execution exception[[AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator]]
at play.api.Application$class.handleError(Application.scala:296) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.DefaultApplication.handleError(Application.scala:402) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at scala.Option.map(Option.scala:146) [scala-library-2.11.7.jar:na]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:316) [play_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:344) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:343) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at play.api.libs.iteratee.Execution$trampoline$.execute(Execution.scala:46) [play-iteratees_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:40) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.tryComplete(Promise.scala:248) [scala-library-2.11.7.jar:na]
at scala.concurrent.Promise$class.complete(Promise.scala:55) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.complete(Promise.scala:153) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.processBatch$1(BatchingExecutor.scala:67) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:82) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch.run(BatchingExecutor.scala:58) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:401) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.7.jar:na]
Caused by: com.mohiva.play.silhouette.api.exceptions.AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:148) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:147) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:36) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure$$anonfun$recover$1.apply(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure.recover(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
... 13 common frames omitted
Caused by: org.apache.commons.codec.DecoderException: Illegal hexadecimal character - at index 1
at org.apache.commons.codec.binary.Hex.toDigit(Hex.java:178) ~[commons-codec-1.10.jar:1.10]
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:91) ~[commons-codec-1.10.jar:1.10]
at play.api.libs.Codecs$.hexStringToByte(Codecs.scala:76) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:276) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:252) ~[play_2.11-2.3.10.jar:2.3.10]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService.com$mohiva$play$silhouette$impl$authenticators$SessionAuthenticatorService$$unserialize(SessionAuthenticator.scala:281) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.Option.flatMap(Option.scala:171) [scala-library-2.11.7.jar:na]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:139) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.util.Success$$anonfun$map$1.apply(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Success.map(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
... 13 common frames omitted
Christian Kaps
Apr 5, 2016, 2:41:26 AM4/5/16
to Silhouette
Maybe you should set encryptAuthenticator to false. But this may invalidate all your existing sessions.
Ugo Bourdon
Apr 6, 2016, 10:17:34 AM4/6/16
to Silhouette
I try to use it between 2 diffrent apps (with same version of play & silhouette) with SessionAuthenticator & I have this error message
Do you have idea about the problem ?
It seams silhouette can read session cookie from other app but an issue is present.
Thx for your help.
2016-04-06 16:14:35,865 INFO c.m.p.s.i.a.SessionAuthenticatorService - [Silhouette][session-authenticator] Fingerprint Some(6BB78903D86D8FB2D7CBF3D43F1813BF1CB7438A) doesn't match authenticator: SessionAuthenticator(LoginInfo(credentials,bourdon.u...@gmail.com),2016-04-06T16:14:00.940+02:00,2016-04-07T04:14:00.940+02:00,None,Some(C05D9AA83AF946DEA2310AA37CBBAE89234B07CE))Do you have idea about the problem ?
It seams silhouette can read session cookie from other app but an issue is present.
Thx for your help.
Christian Kaps
Apr 6, 2016, 1:20:20 PM4/6/16
to Silhouette
Your current fingerprint doesn't match the fingerprint stored in your authenticator.
You can disable fingerprinting for the authenticator.
Best regards,
Christian
Am Mittwoch, 6. April 2016 16:17:34 UTC+2 schrieb Ugo Bourdon:
I try to use it between 2 diffrent apps (with same version of play & silhouette) with SessionAuthenticator & I have this error message
Ugo Bourdon
Apr 7, 2016, 4:54:05 AM4/7/16
to Silhouette
I test more the case and
When I log in App 1 and try to access protected content in App 2 it works fine.
But When I log in App 2 ans try to access protected content in App1, it doesn't work, sometimes App1 seems to discard the session cookie.
About the fingerprinting, it is an important thing for security no ?
When I log in App 1 and try to access protected content in App 2 it works fine.
But When I log in App 2 ans try to access protected content in App1, it doesn't work, sometimes App1 seems to discard the session cookie.
About the fingerprinting, it is an important thing for security no ?
Ugo Bourdon
Apr 7, 2016, 5:22:55 AM4/7/16
to Silhouette
It seems I find what's happened. My App1 is play 2.4.6 version. My App2 is play 2.4.2 version. WHen I upgrade App2 to play 2.4.6, the authentification works in the 2 direction.
Have you an idea of the reason about that ? If I should have exactly the same version of framework to perform shared stateless session between my service, I will not be very Happy :)
Have you an idea of the reason about that ? If I should have exactly the same version of framework to perform shared stateless session between my service, I will not be very Happy :)
Ugo Bourdon
Apr 7, 2016, 11:17:11 AM4/7/16
to Silhouette
Hi,
I disabled fingerprinting but it seems I have another issue. My 2 apps have not the same domain but the same subdomain.
How can I set session cookie domain ? I don't see this option for SessionAuthenticator ...
I disabled fingerprinting but it seems I have another issue. My 2 apps have not the same domain but the same subdomain.
How can I set session cookie domain ? I don't see this option for SessionAuthenticator ...
Christian Kaps
Apr 7, 2016, 11:19:00 AM4/7/16
to Silhouette
Ugo Bourdon
Apr 7, 2016, 11:52:33 AM4/7/16
to Silhouette
Thx !
Reply all
Reply to author
Forward
0 new messages