tracker issue : CF-4203664

select a category, or use search below
(searches all categories and all time range)

cflogin authentication issue

| View in Tracker

Status/Resolution/Reason: Open//

Reporter/Name(from Bugbase): rohit sharma / ()

Created: 12/06/2018

Components: Security, Authentication

Versions: 2016

Failure Type: Usability Issue

Found In Build/Fixed In Build: 5.1.4 (Build 0001) /

Priority/Frequency: Normal / All users will encounter

Locale/System: English / Win 2016

Vote Count: 2

Problem Description:
I have recently installed CF2018 (all available updates installed) on windows 2016 server. Users behind the login page on the app are getting authentication failed error messages.

Steps to Reproduce:
After sometime of use users receive an error message

Actual Result:
"Error","ajp-nio-8018-exec-3","12/06/18","06:03:54","","'' Can not decode string ""BF93D94292E2FF6D_J7FlVInggrvvrHEUI5F1mXHbzVsPZnFE3xChv7mXJZg===="". The input string is not base64-encoded."
coldfusion.wddx.Base64Encoder$InvalidEncodedStringException: '' Can not decode string "BF93D94292E2FF6D_J7FlVInggrvvrHEUI5F1mXHbzVsPZnFE3xChv7mXJZg====".
	at coldfusion.wddx.Base64Encoder.decode(

"Error","ajp-nio-8018-exec-3","12/06/18","06:03:54","CLIENT","Authentication has failed.Please check the logs for more details.s The specific sequence of files included or processed is: ..., line: 1 "$AuthenticationFailedException: Authentication has failed.

Expected Result:

Any Workarounds:
Users have to delete cookies to be able to login again.



Any update Adobe?
Comment by rohit s.
30088 | January 04, 2019 01:33:49 AM GMT
Hi Adobe, Can you please re-open original ticket CF-4203170? Also, decoding the Base64 auth info produces 4 lines of text. Example: ----------- myUsername myAppName 1544913669249 B21A210A127191FE ----------- Question 1: What was the original value from which the last line (B21A210A127191FE) was derived? Question 2: Can you please provide a CF code snippet showing how to derive B21A210A127191FE from the original value? And, can this auth info format please be documented? Thanks!, -Aaron
Comment by Aaron N.
30111 | January 12, 2019 04:31:21 AM GMT
Hi Rohit, Possibly the error is due to CF attempting to parse cookies having a different auth info format. The auth info format seems undocumented, so I'm unsure. One workaround is the recommended `loginstorage="session"`. Could you try that? Thanks!, -Aaron
Comment by Aaron N.
30112 | January 12, 2019 04:34:53 AM GMT