WSO25.3 Custom User store manager

Question

I am on WSO2 5.3

My usecase is to invoke the api to authenticate the user and return isAuthenticated as true/false based on credentials provided. I have written a custom user store ( as MyAPIUserStoreManager which extends JDBCUserStoreManager) and placed into the droppins folder, and i can see this in drop down as well after restarting the server, Then I also configured the travelocity app as a service provider as i want to login to this app by using credentials which will be validated using api(custom user store i.e MyAPIUserStoreManager).

This works fine in wso25.2 version :

but on WSO25.3 my problem is that clicking on login button after providing the username/pwd, in log it says the following : TID: [-1234] [] [2017-01-23 16:05:10,673] ERROR {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - java.lang.ClassCastException: org.wso2.carbon.utils.Secret cannot be cast to java.lang.String TID: [-1234] [] [2017-01-23 16:05:10,676] DEBUG {org.wso2.carbon.identity.application.authenticator.basicauth.BasicAuthenticator} - User authentication failed due to invalid credentials

It is not going through my custom user store i.e MyAPIUserStoreManager somehow. Am I missing any config ? I have followed the followed link : https://docs.wso2.com/display/ADMIN44x/Writing+a+Custom+User+Store+Manager#WritingaCustomUserStoreManager-AbstractUserStoreManagerandimplementations

Here is the code for custom user store manager: public class MyAPIUserStoreManager extends JDBCUserStoreManager{

private static Log log = LogFactory.getLog(MyAPIUserStoreManager.class);
Map<String,String> userProperties;

public MyAPIUserStoreManager() {

}

public MyAPIUserStoreManager(RealmConfiguration realmConfig, Map<String, Object> properties,
                                 ClaimManager claimManager, ProfileConfigurationManager profileManager, UserRealm realm,
                                 Integer tenantId) throws UserStoreException {

    super(realmConfig, properties, claimManager, profileManager, realm, tenantId);

}

@Override
public boolean doAuthenticate(String userName, Object credential) throws UserStoreException {

    boolean isAuthenticated = false;
    if (userName == null || credential == null) {
        return false;
    }

    userName = userName.trim();

    String password = (String) credential;
    password = password.trim();

    if (userName.equals("") || password.equals("")) {
        return false;
    }
    Map<String, String> properties = initUserProperties(userName, password);

    if (userName.equals(properties.get("loginName"))) {
        isAuthenticated = true;
    }
    return isAuthenticated;
}

@Override
public Map<String, String> getUserPropertyValues(String username, String[] propertyNames,
                                                 String profileName) throws UserStoreException {

    Map<String,String> map = new HashMap<>();
    if (userProperties == null) {
        log.warn("User property values not initialized for " + username + ", returning null");
        return null;
    }

    for (String propertyName : propertyNames) {
        if ("accountId".equals(propertyName)) {
            map.put(propertyName, userProperties.get("accountId"));
        } else if ("userStatusID".equals(propertyName)) {
            map.put(propertyName, userProperties.get("userStatusID"));
        } else if ("loginName".equals(propertyName)) {
            map.put(propertyName, userProperties.get("loginName"));
        } else if ("firstName".equals(propertyName)) {
            map.put(propertyName, userProperties.get("firstName"));
        } else if ("lastName".equals(propertyName)) {
            map.put(propertyName, userProperties.get("lastName"));
        } else if ("email".equals(propertyName)) {
            map.put(propertyName, userProperties.get("email"));
        } else if ("phoneNumber".equals(propertyName)) {
            map.put(propertyName, userProperties.get("phoneNumber"));
        } else if ("role".equals(propertyName)) {
            map.put(propertyName, userProperties.get("role"));
        } else if ("roleId".equals(propertyName)) {
            map.put(propertyName, userProperties.get("roleId"));
        } else if ("secretQuestionId".equals(propertyName)) {
            map.put(propertyName, userProperties.get("secretQuestionId"));
        } else if ("secretAnswer".equals(propertyName)) {
            map.put(propertyName, userProperties.get("secretAnswer"));
        } else if ("dateLastUpdated".equals(propertyName)) {
            map.put(propertyName, userProperties.get("dateLastUpdated"));
        } else if ("lastUpdatedByUserId".equals(propertyName)) {
            map.put(propertyName, userProperties.get("lastUpdatedByUserId"));
        } else if ("password".equals(propertyName)) {
            map.put(propertyName, userProperties.get("password"));
        } else if ("existingsuperuser".equals(propertyName)) {
            map.put(propertyName, userProperties.get("existingsuperuser"));
        } else if ("updateMeWithAnnouncements".equals(propertyName)) {
            map.put(propertyName, userProperties.get("updateMeWithAnnouncements"));
        } else if ("blockAccess".equals(propertyName)) {
            map.put(propertyName, userProperties.get("blockAccess"));
        } else if ("allowEndUserOutboundCallerId".equals(propertyName)) {
            map.put(propertyName, userProperties.get("allowEndUserOutboundCallerId"));
        } else if ("allowCallBlocking".equals(propertyName)) {
            map.put(propertyName, userProperties.get("allowCallBlocking"));
        } else if ("passExpiry".equals(propertyName)) {
            map.put(propertyName, userProperties.get("passExpiry"));
        } else if ("passhash".equals(propertyName)) {
            map.put(propertyName, userProperties.get("passhash"));
        } else if ("salt".equals(propertyName)) {
            map.put(propertyName, userProperties.get("salt"));
        } else if ("passHistory".equals(propertyName)) {
            map.put(propertyName, userProperties.get("passHistory"));
        } else if ("passAlgo".equals(propertyName)) {
            map.put(propertyName, userProperties.get("passAlgo"));
        } else if ("sendEmail".equals(propertyName)) {
            map.put(propertyName, userProperties.get("sendEmail"));
        } else if ("contactnumbers".equals(propertyName)) {
            map.put(propertyName, userProperties.get("contactnumbers"));
        }
    }
    return map;
}

@Override
public org.wso2.carbon.user.api.Properties getDefaultUserStoreProperties() {

    return MyAPIUserConstants.getDefaultUserStoreProperties();
}

@Override
public String[] getAllProfileNames() throws UserStoreException {

    return new String[]{"default"};
}

@Override
public String[] getProfileNames(String userName) throws UserStoreException {

    return new String[]{"default"};
}

public boolean isMultipleProfilesAllowed() {

    return false;
}

public boolean isReadOnly() throws UserStoreException {

    return true;
}

private Map<String,String> initUserProperties(String userName, String password) throws UserStoreException {

    userProperties = new HashMap<>();
    String url = realmConfig.getUserStoreProperty(MyAPIUserConstants.LOGIN_API);

    if (url == null) {
        throw new UserStoreException("Authentication API not defined");
    }

    String params = URLEncoder.encode(userName + "," + password);

    url = String.format(url, params);

    HttpClient client = HttpClientBuilder.create().build();
    HttpGet request = new HttpGet(url);
    log.debug("Lets see headers");
    request.addHeader("Authorization", "Basic ffgggggddddd"); //hard coding as of now 
    HttpResponse response;
    String xmlResponse = null;
    try {
        log.debug("Authorization header is "+request.getFirstHeader("Authorization"));
        response = client.execute(request);
        if (response.getStatusLine().getStatusCode() == 200) {
            HttpEntity resEntity = response.getEntity();
            xmlResponse = EntityUtils.toString(resEntity);
            xmlResponse = MyApiUserStoreUtils.trim(xmlResponse);
        }
    } catch (IOException e) {
        e.printStackTrace();
    }

    if (StringUtils.isNotEmpty(xmlResponse)) {
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        DocumentBuilder builder;
        InputSource is;
        try {
            builder = factory.newDocumentBuilder();
            is = new InputSource(new StringReader(xmlResponse));
            Document doc = builder.parse(is);
            userProperties.put("accountId", doc.getElementsByTagName("accountId").item(0).getTextContent());
            userProperties.put("userStatusID", doc.getElementsByTagName("userStatusID").item(0).getTextContent());
            userProperties.put("loginName", doc.getElementsByTagName("loginName").item(0).getTextContent());
            userProperties.put("firstName", doc.getElementsByTagName("firstName").item(0).getTextContent());
            userProperties.put("lastName", doc.getElementsByTagName("lastName").item(0).getTextContent());
            userProperties.put("email", doc.getElementsByTagName("email").item(0).getTextContent());
            userProperties.put("phoneNumber", doc.getElementsByTagName("phoneNumber").item(0).getTextContent());
            userProperties.put("role", doc.getElementsByTagName("role").item(0).getTextContent());
            userProperties.put("roleId", doc.getElementsByTagName("roleId").item(0).getTextContent());
            userProperties.put("secretQuestionId", doc.getElementsByTagName("secretQuestionId").item(0).getTextContent());
            userProperties.put("secretAnswer", doc.getElementsByTagName("secretAnswer").item(0).getTextContent());
            userProperties.put("dateLastUpdated", doc.getElementsByTagName("dateLastUpdated").item(0).getTextContent());
            userProperties.put("lastUpdatedByUserId", doc.getElementsByTagName("lastUpdatedByUserId").item(0).getTextContent());
            userProperties.put("password", doc.getElementsByTagName("password").item(0).getTextContent());
            userProperties.put("existingsuperuser", doc.getElementsByTagName("existingsuperuser").item(0).getTextContent());
            userProperties.put("updateMeWithAnnouncements", doc.getElementsByTagName("updateMeWithAnnouncements").item(0).getTextContent());
            userProperties.put("blockAccess", doc.getElementsByTagName("blockAccess").item(0).getTextContent());
            userProperties.put("allowEndUserOutboundCallerId", doc.getElementsByTagName("allowEndUserOutboundCallerId").item(0).getTextContent());
            userProperties.put("allowCallBlocking", doc.getElementsByTagName("allowCallBlocking").item(0).getTextContent());
            userProperties.put("passExpiry", doc.getElementsByTagName("passExpiry").item(0).getTextContent());
            userProperties.put("passhash", doc.getElementsByTagName("passhash").item(0).getTextContent());
            userProperties.put("salt", doc.getElementsByTagName("salt").item(0).getTextContent());
            userProperties.put("passHistory", doc.getElementsByTagName("passHistory").item(0).getTextContent());
            userProperties.put("passAlgo", doc.getElementsByTagName("passAlgo").item(0).getTextContent());
            userProperties.put("sendEmail", doc.getElementsByTagName("sendEmail").item(0).getTextContent());

            String contactNumbers = "";
            for (int i = 0 ; i < doc.getElementsByTagName("contactnumbers").getLength(); i++) {
                if (StringUtils.isNotEmpty(contactNumbers)) {
                    contactNumbers += ",";
                }
                contactNumbers += doc.getElementsByTagName("contactnumbers").item(i).getTextContent();
            }
            userProperties.put("contactnumbers", contactNumbers);
        } catch (ParserConfigurationException e) {
            throw new UserStoreException("Error while initializing document builder", e);
        } catch (IOException e) {
            throw new UserStoreException("Error while parsing Input source", e);
        } catch (org.xml.sax.SAXException e) {
            throw new UserStoreException("Error while parsing Input source", e);
        }
    }

    return userProperties;
}

protected Connection getDBConnection() throws SQLException, UserStoreException {
    return null;
}

protected boolean isExistingJDBCRole(RoleContext context) throws UserStoreException {

    return false;
}

public boolean doCheckExistingUser(String userName) throws UserStoreException {
    if (userProperties != null) {
        return true;
    } else {
        return false;
    }
}

public String[] getUserListOfJDBCRole(RoleContext ctx, String filter) throws UserStoreException {

    String [] user = null;
    if (userProperties != null) {
         user = new String[]{userProperties.get("loginName")};
    }
    return user;
}

public RoleDTO[] getRoleNamesWithDomain(boolean noHybridRoles) throws UserStoreException {
    return null;
}

public String[] doGetExternalRoleListOfUser(String userName, String filter) throws UserStoreException {
    return null;
}

@Override
protected String[] doGetSharedRoleListOfUser(String userName,
                                             String tenantDomain, String filter) throws UserStoreException {
    return null;
}

public String[] getRoleListOfUser(String userName) throws UserStoreException {
    return new String[]{"Internal/everyone"};
}

public boolean isRecurssive() {
    return false;
}

}

Please suggest.

Here is the log after i click on login button: TID: [-1234] [] [2017-01-24 16:35:30,315] DEBUG {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} - Authentication Context is null TID: [-1234] [] [2017-01-24 16:35:30,318] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} - In authentication flow TID: [-1234] [] [2017-01-24 16:35:30,318] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Executing the Step Based Authentication... TID: [-1234] [] [2017-01-24 16:35:30,318] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} - Starting Step: 1 TID: [-1234] [] [2017-01-24 16:35:30,319] DEBUG {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} - Finding already authenticated IdPs of the Step TID: [-1234] [] [2017-01-24 16:35:30,320] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} - Receive a response from the external party TID: [-1234] [] [2017-01-24 16:35:30,320] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} - BasicAuthenticator can handle the request. TID: [-1234] [] [2017-01-24 16:35:30,325] ERROR {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - java.lang.ClassCastException: org.wso2.carbon.utils.Secret cannot be cast to java.lang.String TID: [-1234] [] [2017-01-24 16:35:30,327] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Authentication failure. Wrong username or password is provided. TID: [-1234] [] [2017-01-24 16:35:30,328] DEBUG {org.wso2.carbon.identity.application.authenticator.basicauth.BasicAuthenticator} - User authentication failed due to invalid credentials

Answer 1

You can add debug logs as follows in /repository/conf/log4j.properties file

log4j.logger.org.wso2.carbon.user.core=DEBUG log4j.logger.org.wso2.carbon.identity.application.authenticator.basicauth.BasicAuthenticator=DEBUG

Attach the wso2carbon.log file.

Better if you can attach your custom as well.

I think you can write a custom authenticator for your use-case.

Thanks
Isura