After 5 failed login attempts the Captcha image is missing

  • 7024918
  • 10-Nov-2020
  • 10-Nov-2020

Environment

Micro Focus Filr 4.x

Situation

After 5 failed login attempts the user is presented with a Captcha challenge.  However, the Captcha image was blank as seen in this example.

Resolution

Open the /opt/novell/filr/apache-tomcat/webapps/rest/WEB-INF/web.xml.  Go the end of the file and insert the following between </session-config> and </web-app> :
<security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    
    <servlet>
        <servlet-name>Kaptcha</servlet-name>
        <servlet-class>org.kablink.teaming.module.authentication.util.Captcha</servlet-class>
        <init-param>
            <param-name>kaptcha.border</param-name>
            <param-value>no</param-value>
        </init-param>
        <init-param>
            <param-name>kaptcha.textproducer.font.color</param-name>
            <param-value>black</param-value>
        </init-param>
        <init-param>
            <param-name>kaptcha.noise.color</param-name>
            <param-value>red</param-value>
        </init-param>
    </servlet>
    
    <servlet-mapping>
        <servlet-name>Kaptcha</servlet-name>
        <url-pattern>/Kaptcha.jpg</url-pattern>
    </servlet-mapping>
<security-constraint><web-resource-collection><web-resource-name>Entire Application</web-resource-name><url-pattern>/*</url-pattern></web-resource-collection><user-data-constraint><transport-guarantee>CONFIDENTIAL</transport-guarantee></user-data-constraint></security-constraint>

After updating the web.xml file it may be necessary to restart the Filr service.  This can be done via the 9443 interface by accessing System Services, highlight Novell Filr | choose Action | Restart.  You can also restart Filr via the terminal or a putty session by issuing the command:
rcfilr restart

Cause

The web.xml file was missing data responsible for the Captcha configuration.  Why the data was missing is under investigation.