After 5 failed login attempts via the web interface, the Captcha image is missing

  • Document ID:7024919
  • Creation Date:10-Nov-2020
  • Modified Date:10-Nov-2020
    • Micro Focus Products:
      Filr

Environment

Micro Focus Filr 4.x

Situation

Users who failed to provide the correct Filr credentials 5 times via the web client, were presented with the Captcha challenge.  However, the Captcha image was missing as seen in this example.

Resolution

On the affected Filr appliance or node, locate the /opt/novell/filr/apache-tomcat/webapps/rest/WEB-INF/web.xml file.  (As a precaution, make a backup copy of the web.xml file.)  Go to the end of the file and add the following text between </session-config> and  </web-app>:
<security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    
    <servlet>
        <servlet-name>Kaptcha</servlet-name>
        <servlet-class>org.kablink.teaming.module.authentication.util.Captcha</servlet-class>
        <init-param>
            <param-name>kaptcha.border</param-name>
            <param-value>no</param-value>
        </init-param>
        <init-param>
            <param-name>kaptcha.textproducer.font.color</param-name>
            <param-value>black</param-value>
        </init-param>
        <init-param>
            <param-name>kaptcha.noise.color</param-name>
            <param-value>red</param-value>
        </init-param>
    </servlet>
    
    <servlet-mapping>
        <servlet-name>Kaptcha</servlet-name>
        <url-pattern>/Kaptcha.jpg</url-pattern>
    </servlet-mapping>
<security-constraint><web-resource-collection><web-resource-name>Entire Application</web-resource-name><url-pattern>/*</url-pattern></web-resource-collection><user-data-constraint><transport-guarantee>CONFIDENTIAL</transport-guarantee></user-data-constraint></security-constraint>

After saving the changes to the web.xml file it may be necessary to restart the Filr service.  This can be done via the 9443 interface by selecting System Services, highlight Novell Filr, click Action and select Restart.  You can also restart the service via the terminal or a putty session logged in as root.  The command to restart the Filr service is:
rcfilr restart

Cause

The data responsible for the Captcha configuration was missing from the web.xml file.  The reason for the missing text is unknown and is under investigation.

Additional Information

In this specific case the customer had three Filr nodes front ended by a load balancer.  The issue was random yet consistent.  After obtaining the web.xml files from all three nodes, it was determined that two of the Filr nodes had the missing Captcha configuration text.  We resolved the issue by copying the "good" web.xml from the working Filr node to the other Filr nodes.