share Session authenticator etween several play apps
103 vistas
Ir al primer mensaje no leído
Ugo Bourdon
4 abr 2016, 10:25:36 a.m.4/4/16
para Silhouette
Is it possible ?
Since session authenticator is stateless it could be possible to do that no ?
Since session authenticator is stateless it could be possible to do that no ?
Christian Kaps
4 abr 2016, 11:08:31 a.m.4/4/16
para Silhouette
Hi,
The session authenticator is based on the Play session. So if you share the same application secret between your applications, then you can read also the session from the different applications.
Best regards,
Christian
Ugo Bourdon
4 abr 2016, 11:27:48 a.m.4/4/16
para Silhouette
Can it work between silhouette 2/play 2.3.10 & silhouette 3/play 2.4.x or I dream ? :)
Se borró el mensaje
Ugo Bourdon
4 abr 2016, 11:34:19 a.m.4/4/16
para Silhouette
When I try I have this error
play.api.Application$$anon$1: Execution exception[[AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator]]
at play.api.Application$class.handleError(Application.scala:296) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.DefaultApplication.handleError(Application.scala:402) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at scala.Option.map(Option.scala:146) [scala-library-2.11.7.jar:na]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:316) [play_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:344) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:343) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at play.api.libs.iteratee.Execution$trampoline$.execute(Execution.scala:46) [play-iteratees_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:40) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.tryComplete(Promise.scala:248) [scala-library-2.11.7.jar:na]
at scala.concurrent.Promise$class.complete(Promise.scala:55) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.complete(Promise.scala:153) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.processBatch$1(BatchingExecutor.scala:67) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:82) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch.run(BatchingExecutor.scala:58) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:401) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.7.jar:na]
Caused by: com.mohiva.play.silhouette.api.exceptions.AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:148) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:147) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:36) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure$$anonfun$recover$1.apply(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure.recover(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
... 13 common frames omitted
Caused by: org.apache.commons.codec.DecoderException: Illegal hexadecimal character - at index 1
at org.apache.commons.codec.binary.Hex.toDigit(Hex.java:178) ~[commons-codec-1.10.jar:1.10]
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:91) ~[commons-codec-1.10.jar:1.10]
at play.api.libs.Codecs$.hexStringToByte(Codecs.scala:76) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:276) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:252) ~[play_2.11-2.3.10.jar:2.3.10]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService.com$mohiva$play$silhouette$impl$authenticators$SessionAuthenticatorService$$unserialize(SessionAuthenticator.scala:281) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.Option.flatMap(Option.scala:171) [scala-library-2.11.7.jar:na]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:139) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.util.Success$$anonfun$map$1.apply(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Success.map(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
... 13 common frames omitted
play.api.Application$$anon$1: Execution exception[[AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator]]
at play.api.Application$class.handleError(Application.scala:296) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.DefaultApplication.handleError(Application.scala:402) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3$$anonfun$applyOrElse$4.apply(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at scala.Option.map(Option.scala:146) [scala-library-2.11.7.jar:na]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:320) [play_2.11-2.3.10.jar:2.3.10]
at play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$3.applyOrElse(PlayDefaultUpstreamHandler.scala:316) [play_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:344) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:343) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at play.api.libs.iteratee.Execution$trampoline$.execute(Execution.scala:46) [play-iteratees_2.11-2.3.10.jar:2.3.10]
at scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:40) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.tryComplete(Promise.scala:248) [scala-library-2.11.7.jar:na]
at scala.concurrent.Promise$class.complete(Promise.scala:55) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.Promise$DefaultPromise.complete(Promise.scala:153) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.processBatch$1(BatchingExecutor.scala:67) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:82) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.BatchingExecutor$Batch$$anonfun$run$1.apply(BatchingExecutor.scala:59) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72) [scala-library-2.11.7.jar:na]
at akka.dispatch.BatchingExecutor$Batch.run(BatchingExecutor.scala:58) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:401) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.7.jar:na]
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.7.jar:na]
Caused by: com.mohiva.play.silhouette.api.exceptions.AuthenticatorRetrievalException: [Silhouette][session-authenticator] Could not retrieve authenticator
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:148) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$1.applyOrElse(SessionAuthenticator.scala:147) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:36) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure$$anonfun$recover$1.apply(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Failure.recover(Try.scala:216) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$recover$1.apply(Future.scala:324) ~[scala-library-2.11.7.jar:na]
... 13 common frames omitted
Caused by: org.apache.commons.codec.DecoderException: Illegal hexadecimal character - at index 1
at org.apache.commons.codec.binary.Hex.toDigit(Hex.java:178) ~[commons-codec-1.10.jar:1.10]
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:91) ~[commons-codec-1.10.jar:1.10]
at play.api.libs.Codecs$.hexStringToByte(Codecs.scala:76) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:276) ~[play_2.11-2.3.10.jar:2.3.10]
at play.api.libs.Crypto$.decryptAES(Crypto.scala:252) ~[play_2.11-2.3.10.jar:2.3.10]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService.com$mohiva$play$silhouette$impl$authenticators$SessionAuthenticatorService$$unserialize(SessionAuthenticator.scala:281) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3$$anonfun$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.Option.flatMap(Option.scala:171) [scala-library-2.11.7.jar:na]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:140) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at com.mohiva.play.silhouette.impl.authenticators.SessionAuthenticatorService$$anonfun$retrieve$3.apply(SessionAuthenticator.scala:139) ~[play-silhouette_2.11-2.0.1.jar:2.0.1]
at scala.util.Success$$anonfun$map$1.apply(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.util.Try$.apply(Try.scala:192) ~[scala-library-2.11.7.jar:na]
at scala.util.Success.map(Try.scala:237) ~[scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) [scala-library-2.11.7.jar:na]
... 13 common frames omitted
Christian Kaps
5 abr 2016, 2:41:26 a.m.5/4/16
para Silhouette
Maybe you should set encryptAuthenticator to false. But this may invalidate all your existing sessions.
Ugo Bourdon
6 abr 2016, 10:17:34 a.m.6/4/16
para Silhouette
I try to use it between 2 diffrent apps (with same version of play & silhouette) with SessionAuthenticator & I have this error message
Do you have idea about the problem ?
It seams silhouette can read session cookie from other app but an issue is present.
Thx for your help.
2016-04-06 16:14:35,865 INFO c.m.p.s.i.a.SessionAuthenticatorService - [Silhouette][session-authenticator] Fingerprint Some(6BB78903D86D8FB2D7CBF3D43F1813BF1CB7438A) doesn't match authenticator: SessionAuthenticator(LoginInfo(credentials,bourdon.u...@gmail.com),2016-04-06T16:14:00.940+02:00,2016-04-07T04:14:00.940+02:00,None,Some(C05D9AA83AF946DEA2310AA37CBBAE89234B07CE))Do you have idea about the problem ?
It seams silhouette can read session cookie from other app but an issue is present.
Thx for your help.
Christian Kaps
6 abr 2016, 1:20:20 p.m.6/4/16
para Silhouette
Your current fingerprint doesn't match the fingerprint stored in your authenticator.
You can disable fingerprinting for the authenticator.
Best regards,
Christian
Am Mittwoch, 6. April 2016 16:17:34 UTC+2 schrieb Ugo Bourdon:
I try to use it between 2 diffrent apps (with same version of play & silhouette) with SessionAuthenticator & I have this error message
Ugo Bourdon
7 abr 2016, 4:54:05 a.m.7/4/16
para Silhouette
I test more the case and
When I log in App 1 and try to access protected content in App 2 it works fine.
But When I log in App 2 ans try to access protected content in App1, it doesn't work, sometimes App1 seems to discard the session cookie.
About the fingerprinting, it is an important thing for security no ?
When I log in App 1 and try to access protected content in App 2 it works fine.
But When I log in App 2 ans try to access protected content in App1, it doesn't work, sometimes App1 seems to discard the session cookie.
About the fingerprinting, it is an important thing for security no ?
Ugo Bourdon
7 abr 2016, 5:22:55 a.m.7/4/16
para Silhouette
It seems I find what's happened. My App1 is play 2.4.6 version. My App2 is play 2.4.2 version. WHen I upgrade App2 to play 2.4.6, the authentification works in the 2 direction.
Have you an idea of the reason about that ? If I should have exactly the same version of framework to perform shared stateless session between my service, I will not be very Happy :)
Have you an idea of the reason about that ? If I should have exactly the same version of framework to perform shared stateless session between my service, I will not be very Happy :)
Ugo Bourdon
7 abr 2016, 11:17:11 a.m.7/4/16
para Silhouette
Hi,
I disabled fingerprinting but it seems I have another issue. My 2 apps have not the same domain but the same subdomain.
How can I set session cookie domain ? I don't see this option for SessionAuthenticator ...
I disabled fingerprinting but it seems I have another issue. My 2 apps have not the same domain but the same subdomain.
How can I set session cookie domain ? I don't see this option for SessionAuthenticator ...
Christian Kaps
7 abr 2016, 11:19:00 a.m.7/4/16
para Silhouette
Ugo Bourdon
7 abr 2016, 11:52:33 a.m.7/4/16
para Silhouette
Thx !
Responder a todos
Responder al autor
Reenviar
0 mensajes nuevos