tracker issue : CF-3928707

select a category, or use search below
(searches all categories and all time range)
Title:

Administrator API login objects not working

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/CannotReproduce

Reporter/Name(from Bugbase): Jake Hand / Jake Hand (Jake Hand)

Created: 01/27/2015

Components: Security

Versions: 11.0

Failure Type:

Found In Build/Fixed In Build: CF11_Final /

Priority/Frequency: Major / Most users will encounter

Locale/System: English / Linux CentOS 6.4

Vote Count: 0

Problem Description: 
When using the CF Administrator API our scripts that interact with datasource.cfc fail with this error: coldfusion.runtime.StructBean$FieldAccessException : Java bean field access exception.An exception occurred while calling the get or the put function. FieldName is DATASOURCES. Possible cause ''. The cause of this exception was that: coldfusion.security.SecurityManager$UnauthenticatedCredentialsException.

We made sure our script is running the Administrator.login() method prior to interacting with datasource.cfc. Also, the same script works on previous versions of ColdFusion. 

Steps to Reproduce: 
Make sure you have CF Administrator authentication enabled within ColdFusion, then try running the following test code within the server's CFIDE system directory:

<cfscript>
    adminObj = createObject("component","CFIDE.adminapi.administrator");
    adminObj.login("Admin!Pass1","admin");

    dsObj = createObject("component", "CFIDE.adminapi.datasource");

    datasource = dsObj.getDatasources(dsnname="ExistingDSN");
    sReturn = StructNew();
    sReturn.database = "#datasource.database#";
    sReturn.username = "#datasource.username#";
    sReturn.host = "#datasource.host#";
    sReturn.port = "#datasource.port#";
</cfscript>
<cfdump var="#sReturn#">

Actual Result: Request fails with this error: coldfusion.runtime.StructBean$FieldAccessException : Java bean field access exception.An exception occurred while calling the get or the put function. FieldName is DATASOURCES. Possible cause ''. The cause of this exception was that: coldfusion.security.SecurityManager$UnauthenticatedCredentialsException.

Expected Result: Successfully dump DSN details

Any Workarounds: You can disable CF Administrator Authentication, and the code will work. This obviously isn't acceptable for production environments though. Please advise.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3928707

External Customer Info:
External Company:  
External Customer Name: Jake
External Customer Email:  
External Test Config: My Hardware and Environment details:

- CentOS 6 64-bit

- CF 11 64-bit Update 3 (11,0,03,292480)

- Apache 2.4

Attachments:

  1. January 30, 2015 00:00:00: 1_cfdsn.cfc

Comments:

We also have the same code above wrapped in a CFC to be called as a Web Service, and it fails when we call the Web Service too.
Comment by External U.
8710 | January 27, 2015 03:07:21 PM GMT
Hi Jake Could you provide us with the complete coldfusion setup details(such as :development or production profile) & also any specific settings or changes you have done in the CF Admin page. Thanks Preethi
Comment by S P.
8711 | January 28, 2015 04:49:48 AM GMT
Hi Preethi, can I email you a Server Settings Summary? If so, where should I send it?
Comment by External U.
8712 | January 28, 2015 11:12:55 AM GMT
Hi Jake, Is the page <cflogin>-protected? Hi Preethi, Perhaps this is related to #CF-3926238? Thanks!, -Aaron
Comment by External U.
8713 | January 29, 2015 06:05:48 AM GMT
If this is same as #CF-3926238? error message would be "User not authorized to invoke this method". But here we getting a different error.
Comment by S V.
8714 | January 29, 2015 06:10:43 AM GMT
Hi Aaron, the page is wide open (for testing) and cflogin isn't being used. Pavan, I feel silly because I accidentally pasted the wrong error. The error above happens when we place the same code within a CFC and call it as a Web Service. I'm attaching that CFC to the ticket for your reference. This is the exact error we get from running the code within a .cfm template (looks like the same exception though): The error occurred in datasource.cfc: line 65 -1 : Unable to display error's location in a CFML template. at cfdatasource2ecfc1623690062$funcGETDATASOURCES.runFunction(/CFIDE/adminapi/datasource.cfc:65) at cfcfmaxtest2ecfm1345108959.runPage(/opt/coldfusion11/cfusion/wwwroot/CFIDE/adminapi/websvc/cfmaxtest.cfm:7) coldfusion.security.SecurityManager$UnauthenticatedCredentialsException at coldfusion.security.SecurityManager.authenticateAdmin(SecurityManager.java:2435) at coldfusion.sql.Executive.getDatasources(Executive.java:143) at sun.reflect.GeneratedMethodAccessor86.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at coldfusion.runtime.StructBean.resolveName(StructBean.java:187) at coldfusion.runtime.Scope.get(Scope.java:60) at coldfusion.runtime.ScopeSearchResult.searchForSubkeys(ScopeSearchResult.java:104) at coldfusion.runtime.LocalScope.search(LocalScope.java:423) at coldfusion.runtime.NeoPageContext.searchScopes(NeoPageContext.java:766) at coldfusion.runtime.NeoPageContext.searchScopes(NeoPageContext.java:684) at coldfusion.runtime.CfJspPage.resolveCanonicalName(CfJspPage.java:1767) at coldfusion.runtime.CfJspPage._resolve(CfJspPage.java:1726) at coldfusion.runtime.CfJspPage._resolve(CfJspPage.java:1714) at cfdatasource2ecfc1623690062$funcGETDATASOURCES.runFunction(/CFIDE/adminapi/datasource.cfc:65) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:487) at coldfusion.filter.SilentFilter.invoke(SilentFilter.java:47) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMethod.java:420) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:383) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:95) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:334) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:533) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:648) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:457) at coldfusion.runtime.CfJspPage._invoke(CfJspPage.java:2424) at cfcfmaxtest2ecfm1345108959.runPage(/{cf_home}/wwwroot/CFIDE/adminapi/websvc/adminapitest.cfm:7) ...
Comment by External U.
8715 | January 29, 2015 11:28:54 AM GMT
Hi Pavan, Okay, good point. Also, Jake is asking what email to send setup details to. Hi Jake, I placed the code from the description into /CFIDE/foo.cfm and it runs fine for me on CF11 Update 3 using the "admin" user and its password. I was testing on x64 Windows 8.1 w/ IIS, FWIW. Would it be possible to see if you get the same error on a clean install of CF11 Update 3, prior to making any settings changes? Regarding Adobe's support email, I believe it is cfsupATadobeDOTcom Thanks!, -Aaron
Comment by External U.
8716 | January 31, 2015 03:13:18 AM GMT
Hi Aaron, I can check into a fresh install on another CentOS server later, but we haven't had any problems on Windows x64 either. This only reared its head when we started testing our services on Linux. Also, the engineers emailed me directly about this, and I got them the info they requested. The cfsup address is for the support team, and those messages don't go directly to ENGG. Even with a platinum support contract it typically takes support several weeks just to reply to one of my emails. (Not impressed.)
Comment by External U.
8717 | January 31, 2015 12:52:00 PM GMT
Hi Jake, Ah okay, thanks for that follow-up, then no need to check on a fresh CentOS install on my behalf (I have no way of testing CentOS) - but it may be helpful for Adobe since they likely haven't seen any error message yet. Hi Adobe, Several weeks for a platinum support follow-up email? Adobe, is that as-advertised? Thanks!, -Aaron
Comment by External U.
8718 | January 31, 2015 01:33:18 PM GMT
Hi Jake, I have tried to repro this issue on a couple of linux machines including a fresh machine and was unable to repro this issue. Can you confirm if you are still hitting this issue. Also is there any other scenario where you are hitting the same exception of "coldfusion.security.SecurityManager$UnauthenticatedCredentialsException" ,but with a different stack trace? Thanks!
Comment by S P.
8719 | September 29, 2015 06:13:53 AM GMT
Hi, we worked around this by just moving the files to a different location, but let me check to see if I can still reproduce the problem or get a different stack trace.
Comment by External U.
8720 | September 30, 2015 06:18:15 PM GMT
Thank you so much Jake, that would be really helpful.
Comment by S P.
8721 | October 05, 2015 05:14:15 AM GMT
Hi, Since we have not got any responses, will be closing the bug. If you do have any concerns, let us know, the ticket would be reopened. Thanks!
Comment by S P.
8722 | November 02, 2015 08:04:56 AM GMT