Major Description
Currently it is possible to install the trusted (headers) authenticator at wiki level (on the main wiki) and have it configured in xwiki.cfg.
If this is the case, if, after a restart, the first request to the wiki is to a page of a subwiki and not to the main wiki, the trusted authenticator will fail to initialize properly, with the following exception:
2021-10-12 10:23:38,740 [http-nio-8087-exec-4 - <redacted - subwiki page URL here>] WARN c.x.x.XWiki - Failed to initialize AuthService org.xwiki.contrib.authentication.XWikiTrustedAuthenticator using Reflection, trying default implementations using 'new'.
java.lang.RuntimeException: Failed to load component for type [interface org.xwiki.contrib.authentication.TrustedAuthenticator] for hint [default]
at com.xpn.xwiki.web.Utils.getComponent(Utils.java:754)
at com.xpn.xwiki.web.Utils.getComponent(Utils.java:777)
at com.xpn.xwiki.web.Utils.getComponent(Utils.java:730)
at org.xwiki.contrib.authentication.XWikiTrustedAuthenticator.<init>(XWikiTrustedAuthenticator.java:44)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
at com.xpn.xwiki.XWiki.getAuthService(XWiki.java:6048)
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:4341)
at org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:241)
at org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:271)
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:4359)
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:5835)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:497)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:283)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:626)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:122)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.xwiki.wysiwyg.filter.ConversionFilter.doFilter(ConversionFilter.java:109)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:132)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:698)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:364)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1629)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.xwiki.component.manager.ComponentLookupException: Can't find descriptor for the component with type [interface org.xwiki.contrib.authentication.TrustedAuthenticator] and hint [default]
at org.xwiki.component.embed.EmbeddableComponentManager.getInstance(EmbeddableComponentManager.java:212)
at org.xwiki.component.embed.EmbeddableComponentManager.getInstance(EmbeddableComponentManager.java:210)
at org.xwiki.component.internal.multi.DelegateComponentManager.getInstance(DelegateComponentManager.java:83)
at org.xwiki.component.internal.multi.DelegateComponentManager.getInstance(DelegateComponentManager.java:83)
at org.xwiki.component.internal.multi.DelegateComponentManager.getInstance(DelegateComponentManager.java:83)
at org.xwiki.component.internal.multi.DelegateComponentManager.getInstance(DelegateComponentManager.java:83)
at org.xwiki.component.internal.multi.DelegateComponentManager.getInstance(DelegateComponentManager.java:83)
at com.xpn.xwiki.web.Utils.getComponent(Utils.java:752)
... 59 common frames omitted
and the authentication will fallback on the standard XWiki authentication.
Reproduced on an XWiki 12.x.
Moreover, since an instantiation is not re-attempted, this can only be fixed by a restart.
This is because of the way the trusted auth component is looked up here https://github.com/xwiki-contrib/xwiki-authenticator-trusted/blob/master/xwiki-authenticator-trusted-api/src/main/java/org/xwiki/contrib/authentication/XWikiTrustedAuthenticator.java#L44 , which looks up in the context component manager of the subwiki and doesn't have access to components of the main wiki.
Since it doesn't make sense to install an authenticator on a wiki only (and have it configured globally in xwiki.cfg), this extension should force its installation on the root namespace.