tracker issue : CF-4203664

select a category, or use search below
(searches all categories and all time range)
Title:

cflogin authentication issue

| View in Tracker

Status/Resolution/Reason: Open//

Reporter/Name(from Bugbase): rohit sharma / ()

Created: 12/06/2018

Components: Security, Authentication

Versions: 2016

Failure Type: Usability Issue

Found In Build/Fixed In Build: 5.1.4 (Build 0001) /

Priority/Frequency: Normal / All users will encounter

Locale/System: English / Win 2016

Vote Count: 1

Problem Description:
I have recently installed CF2018 (all available updates installed) on windows 2016 server. Users behind the login page on the app are getting authentication failed error messages.

Steps to Reproduce:
After sometime of use users receive an error message

Actual Result:
"Error","ajp-nio-8018-exec-3","12/06/18","06:03:54","","'' Can not decode string ""BF93D94292E2FF6D_J7FlVInggrvvrHEUI5F1mXHbzVsPZnFE3xChv7mXJZg===="". The input string is not base64-encoded."
coldfusion.wddx.Base64Encoder$InvalidEncodedStringException: '' Can not decode string "BF93D94292E2FF6D_J7FlVInggrvvrHEUI5F1mXHbzVsPZnFE3xChv7mXJZg====".
	at coldfusion.wddx.Base64Encoder.decode(Base64Encoder.java:131)
	at coldfusion.security.SecurityManager.decodeBase64(SecurityManager.java:3493)
	at coldfusion.security.SecurityManager.parseAuthInfo(SecurityManager.java:3380)
	at coldfusion.tagext.security.AuthenticateTag.parseAuthUpdate(AuthenticateTag.java:397)
	at coldfusion.tagext.security.AuthenticateTag.doStartTag(AuthenticateTag.java:358)
	

"Error","ajp-nio-8018-exec-3","12/06/18","06:03:54","CLIENT","Authentication has failed.Please check the logs for more details.s The specific sequence of files included or processed is: ..., line: 1 "
coldfusion.security.SecurityManager$AuthenticationFailedException: Authentication has failed.
	at coldfusion.security.SecurityManager.parseAuthInfo(SecurityManager.java:3429)
	at coldfusion.tagext.security.AuthenticateTag.parseAuthUpdate(AuthenticateTag.java:397)
	at coldfusion.tagext.security.AuthenticateTag.doStartTag(AuthenticateTag.java:358)
	

Expected Result:

Any Workarounds:
Users have to delete cookies to be able to login again.

Attachments:

Comments: