Error in blogs after upgrading to 10.3 with custom Authentication Module

I have a site recently migrated to 10.3 and am using a custom auth module.  The module appears to work...I can edit pages, get into /administration area, edit widgets, etc.  However when I navigate to a blog I get the following exception - if I hit it as the anonymous user, there is no error.

Server Error in '/' Application.


Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Stack Trace: 

[NullReferenceException: Object reference not set to an instance of an object.]
   Telligent.Evolution.Components.RoleService.GetAllRolesForUser(User user, Int32 pageIndex, Int32 pageSize) +0
   Telligent.Evolution.Components.RoleServiceAdapter.GetRoles(String userName) +68
   Telligent.Evolution.Components.Roles.GetRoles(String userName) +68
   Telligent.Evolution.Components.SectionQuery.get_RoleSet() +208
   Telligent.Evolution.Components.SectionQuery.<GetComponents>b__125_0(Object x, ResolveValueArgs`1 y) +12
   Telligent.Common.QueryModel.DynamicProperty`1.OnResolveKey() +78
   Telligent.Common.QueryModel.DynamicProperty`1.GetKey() +20
   Telligent.Common.QueryModel.Query.GetKey() +240
   Telligent.Evolution.Blogs.Components.WeblogDataService.(SectionQuery Œ) +34
   Telligent.Evolution.Blogs.Components.WeblogDataService.˜(SectionQuery Œ) +15
   Telligent.Evolution.Blogs.Components.WeblogDataService.GetWeblogs(SectionQuery query) +23
   Telligent.Evolution.Blogs.Plugins.BlogApplicationType.˜(PageContext ) +527
   Telligent.Evolution.Urls.Routing.UrlManager.ParseContext(RouteValueDictionary values) +2368
   Telligent.Evolution.Urls.Routing.SiteUrlRouteHandler.GetHttpHandler(RequestContext requestContext) +816
   System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +215
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +222
   System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +212
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +90
Parents
  • This would occur if the accessing user's username doesn't match a user in the Community database. With your custom auth implementation -- is the user created automatically when authenticated if the user doesn't exist yet in Community? 

  • And if it does create the local user account, when does it do that? This stack trace is pretty early in a request.

  • Adding in the "GetAuthenticatedUserId" method seems to bypass my "AuthenticateRequest" method now.  The new method is returning the correct UserId, however I'm still getting the same exception.

  • In this specific code-path, HttpContext.User.Identity.Name is preferred over the platform-defined user. I'll log this as a bug:

    As a work-around, if you also set HttpContext.User.Identity.Name, you should get around this error.

  • I debugged the code and traced the request through the loading of that page/modal and the following code is executing on every request to set the user accordingly.  This is how we did it on 8.5...is it the same for 10.3?  This is in my IAuthenticationPlugin Plugin

                            if (!user.IsAnonymous)
                            {
                               GenericIdentity identity = new GenericIdentity(user.IsAnonymous ? string.Empty : user.Username, "passport");
                                csContext.Context.User = new GenericPrincipal(identity, new string[0]);
    
                                // set the contextual user.
                                CSContext.Current.User = user;
                            }
    

  • In this specific case (listing blogs, media galleries, or forums), the query will use the HttpContext.User.Identity.Name if HttpContext.User is not null (it will use the platform user, CSContext.User, only when HttpContext.User is null). This is a bug and inconsistent with the remainder of the platform and will be fixed as bug TE-14341. 

    To work around the issue, you can validate or nullify the HttpContext.User (note that this is HttpContext and not CSContext) in addition to the existing user identification logic as part of your IAuthenticationPlugin.

  • Thanks.  I am still getting the error right after I login even with the change to HttpContext.Current.User.  The weird thing is.... If I let the page sit for 60 minutes and then refresh, the error goes away and I can view those pages.  If I then logout and login again, the error comes back...and then if I let it sit the same thing happens and error goes away...

    I can even login with the same users in two different browsers...let one sit for 60 minutes and it works...login the other browser (with the same user) and immediately hit that page and I get the Exception,  while in the other browser it loads fine with the same user.

  • When you get the error, is the stack trace the same? Does the timing of your auth mechanism align with a 60 minute window (cookie expiration, token expiration, etc)? If the HttpContext.Current.User is null, the issue will be avoided. If it is set to a value with the same name as CSContext.Current.User, the issue will be avoided.

    If the timing issue cannot be adjusted, it may be worth waiting for the underlying bug to be fixed.

  • Error is the same.  And even when I get the error, I can immediately get into the Administration area with that user so the auth module appears to be working in that regard.

  • Right. This generally wouldn't be an issue. Most of the site will function just fine. This is a very specific issue when querying for a list of blogs, forums, or media galleries at a potentially specific time in the page lifecycle where HttpContext.Current.User is different from CSContext.Current.User.

    I'm not suggesting that your auth component is the cause of the problem. I was trying to provide a work-around to the bug that causes the issue. It sounds like it may be more difficult to work-around than it originally seemed and you may be better off waiting for the bug fix to be released.

  • - do you know if the REST endpoints when called from javascript also follow this?  I'm noticing a few issues in this scenario as well.

  • Trying to enter edit mode and I get this...This one is on 8.5 though


    Message: You do not have permissions to perform the requested action.
    Telligent.Evolution.Components.CSException: You do not have permissions to perform the requested action.
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.(String )
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.RaiseCallbackEvent(String eventArgument)
    at Telligent.Glow.CallbackManager.OnInit(EventArgs e)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.AddedControl(Control control, Int32 index)
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.CreateChildControls()
    at System.Web.UI.Control.EnsureChildControls()
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.OnInit(EventArgs e)
    at Telligent.Evolution.Controls.ContentFragmentPageControl.OnInit(EventArgs e)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Reply
  • Trying to enter edit mode and I get this...This one is on 8.5 though


    Message: You do not have permissions to perform the requested action.
    Telligent.Evolution.Components.CSException: You do not have permissions to perform the requested action.
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.(String )
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.RaiseCallbackEvent(String eventArgument)
    at Telligent.Glow.CallbackManager.OnInit(EventArgs e)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.AddedControl(Control control, Int32 index)
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.CreateChildControls()
    at System.Web.UI.Control.EnsureChildControls()
    at Telligent.Evolution.Controls.ContentFragmentContainerBase.OnInit(EventArgs e)
    at Telligent.Evolution.Controls.ContentFragmentPageControl.OnInit(EventArgs e)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Control.InitRecursive(Control namingContainer)
    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Children
No Data