Unable to login, using the vaadin generated project

pramilaraju · September 11, 2024, 1:15pm

I just created a simple vaadin project, added few views and added view access restrictions to be logged in user or admin. When I try running the project in my local environment, the login page is showing up, but unable to login. what are the default credentials?

SimonMartinelli · September 11, 2024, 5:22pm

How did you create the project?

pramilaraju · September 12, 2024, 1:41am

I created the project using vaadin start with vaadin flow app starter.

SimonMartinelli · September 12, 2024, 4:29am

Can you share the project?

Leif · September 12, 2024, 6:04am

The projects from start.vaadin.com come with a data.sql file that sets up two users: user and admin. Each user has their username also as their password.

pramilaraju · September 12, 2024, 7:26am

I have tried both ‘user’ and ‘admin’ to login using the same as password too, but didn’t work.

here are the contents of my data.sql

insert into application_user (version, id, username,name,hashed_password) values (1, ‘1’,‘user’,‘John Normal’,‘$2a$10$xdbKoM48VySZqVSU/cSlVeJn0Z04XCZ7KZBjUBC00eKo5uLswyOpe’)

insert into user_roles (user_id, roles) values (‘1’, ‘USER’)

insert into application_user (version, id, username,name,hashed_password) values (1, ‘2’,‘admin’,‘Emma Executive’,‘$2a$10$jpLNVNeA7Ar/ZQ2DKbKCm.MuT2ESe.Qop96jipKMq7RaUgCoQedV.’)

insert into user_roles (user_id, roles) values (‘2’, ‘USER’)

insert into user_roles (user_id, roles) values (‘2’, ‘ADMIN’)

pramilaraju · September 12, 2024, 7:27am

Also see this error on the console

2024-09-11T13:01:18.401+05:30 INFO 51202 — [ restartedMain] com.booking.application.Application : Started Application in 30.783 seconds (process running for 32.208)
2024-09-11T13:05:57.994+05:30 ERROR 51202 — [nio-8080-exec-6] w.a.UsernamePasswordAuthenticationFilter : An internal error occurred while trying to authenticate the user.

org.springframework.security.authentication.InternalAuthenticationServiceException: Result must not be null
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:118) ~[spring-security-core-6.2.6.jar:6.2.6]
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:133) ~[spring-security-core-6.2.6.jar:6.2.6]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.2.6.jar:6.2.6]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.2.6.jar:6.2.6]
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:85) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:231) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.12.jar:6.1.12]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-6.2.6.jar:6.2.6]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.12.jar:6.1.12]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) ~[spring-security-web-6.2.6.jar:6.2.6]

Leif · September 12, 2024, 8:24am

I have identical password hashes in my example application and there it works to log in with user / user and admin / admin.

At the same time, I don’t see that InternalAuthenticationServiceException even if I try to log in with an invalid user name or password so it seems like there’s something else going on with your application other than just using the wrong default credentials.

SimonMartinelli · September 12, 2024, 4:36pm

Can you shared your code?