[
https://issues.apache.org/jira/browse/KNOX-2804?focusedWorklogId=807352&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-807352
]
ASF GitHub Bot logged work on KNOX-2804:
----------------------------------------
Author: ASF GitHub Bot
Created on: 09/Sep/22 10:38
Start Date: 09/Sep/22 10:38
Worklog Time Spent: 10m
Work Description: smolnar82 opened a new pull request, #632:
URL: https://github.com/apache/knox/pull/632
## What changes were proposed in this pull request?
TODO
## How was this patch tested?
JSON I used for testing:
```
{
"providers" : [ {
"role" : "webappsec",
"name" : "WebAppSec",
"enabled" : true,
"params" : {
"xframe.options.enabled" : "true"
}
}, {
"role" : "authentication",
"name" : "ShiroProvider",
"enabled" : true,
"params" : {
"main.ldapContextFactory" :
"org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory",
"main.ldapRealm" : "org.apache.knox.gateway.shirorealm.KnoxLdapRealm",
"main.ldapRealm.authenticationCachingEnabled" : "false",
"main.ldapRealm.contextFactory" : "$ldapContextFactory",
"main.ldapRealm.contextFactory.authenticationMechanism" : "simple",
"main.ldapRealm.contextFactory.url" : "ldap://localhost:33389";,
"main.ldapRealm.userDnTemplate" :
"uid=0ou=people,dc=hadoop,dc=apache,dc=org",
"main.ldapRealm.userSearchFilter" :
"(&(&(objectclass=person)(sAMAccountName={0}))(|(memberOf=CN=SecXX-ali-bda-users,OU=ManagedGroups,OU=Groups,OU=XX,OU=dm,DC=dm,DC=int)(memberOf=CN=SecXX-ali-bda-rls-serviceuser,OU=ManagedGroups,OU=Groups,OU=XX,OU=dm,DC=dm,DC=int)))",
"redirectToUrl" : "/${GATEWAY_PATH}/knoxsso/knoxauth/login.html",
"restrictedCookies" : "rememberme,WWW-Authenticate",
"sessionTimeout" : "30",
"urls./**" : "authcBasic"
}
}, {
"role" : "identity-assertion",
"name" : "Default",
"enabled" : true,
"params" : { }
} ],
"readOnly" : true
}
```
Issue Time Tracking
-------------------
Worklog Id: (was: 807352)
Remaining Estimate: 0h
Time Spent: 10m
> HadoopXmlResource parser should handle unescaped XML entries
> ------------------------------------------------------------
>
> Key: KNOX-2804
> URL: https://issues.apache.org/jira/browse/KNOX-2804
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 2.0.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Based on end-user feedback: they specified the following LDAP realm property
> {noformat}
> authentication.param.main.ldapRealm.userSearchFilter=(&(&(objectclass=person)(sAMAccountName={0}))(|(memberOf=CN=SecXX-ali-bda-users,OU=ManagedGroups,OU=Groups,OU=XX,OU=dm,DC=dm,DC=int)(memberOf=CN=SecXX-ali-bda-rls-serviceuser,OU=ManagedGroups,OU=Groups,OU=XX,OU=dm,DC=dm,DC=int)))
> {noformat}
> in their application and this resulted in an error in Knox:
> {noformat}
> 2022-09-09 11:27:53,199 ERROR digester3.Digester (Digester.java:parse(1652))
> - An error occurred while parsing XML from '(already loaded from stream)',
> see nested exceptions
> org.xml.sax.SAXParseException: The entity name must immediately follow the
> '&' in the entity reference.
> at
> com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1239)
> ~[?:1.8.0_282]
> at
> com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:643)
> ~[?:1.8.0_282]
> at org.apache.commons.digester3.Digester.parse(Digester.java:1642)
> [commons-digester3-3.2.jar:3.2]
> at org.apache.commons.digester3.Digester.parse(Digester.java:1701)
> [commons-digester3-3.2.jar:3.2]
> at
> org.apache.knox.gateway.util.TopologyUtils.parse(TopologyUtils.java:50)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.services.topology.impl.DefaultTopologyService.parse(DefaultTopologyService.java:154)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.topology.simple.SimpleDescriptorHandler.shouldPersistGeneratedTopology(SimpleDescriptorHandler.java:669)
> [gateway-topology-simple-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.topology.simple.SimpleDescriptorHandler.generateTopology(SimpleDescriptorHandler.java:614)
> [gateway-topology-simple-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.topology.simple.SimpleDescriptorHandler.handle(SimpleDescriptorHandler.java:193)
> [gateway-topology-simple-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.topology.simple.SimpleDescriptorHandler.handle(SimpleDescriptorHandler.java:96)
> [gateway-topology-simple-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.services.topology.monitor.DescriptorsMonitor.onFileChange(DescriptorsMonitor.java:97)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.services.topology.impl.DefaultTopologyService.triggerDescriptorDiscovery(DefaultTopologyService.java:566)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.services.topology.impl.DefaultTopologyService.startMonitor(DefaultTopologyService.java:561)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at org.apache.knox.gateway.GatewayServer.start(GatewayServer.java:698)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at
> org.apache.knox.gateway.GatewayServer.startGateway(GatewayServer.java:360)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at org.apache.knox.gateway.GatewayServer.main(GatewayServer.java:176)
> [gateway-server-2.0.0-SNAPSHOT.jar:2.0.0-SNAPSHOT]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_282]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_282]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_282]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_282]
> at
> org.apache.knox.gateway.launcher.Invoker.invokeMainMethod(Invoker.java:68)
> [gateway.jar:?]
> at org.apache.knox.gateway.launcher.Invoker.invoke(Invoker.java:39)
> [gateway.jar:?]
> at org.apache.knox.gateway.launcher.Command.run(Command.java:99)
> [gateway.jar:?]
> at org.apache.knox.gateway.launcher.Launcher.run(Launcher.java:75)
> [gateway.jar:?]
> at org.apache.knox.gateway.launcher.Launcher.main(Launcher.java:52)
> [gateway.jar:?]
> 2022-09-09 11:27:53,199 ERROR topology.simple
> (SimpleDescriptorHandler.java:shouldPersistGeneratedTopology(674)) - Error
> comparing the generated XXX topology with the existing version:
> org.xml.sax.SAXParseException; lineNumber: 31; columnNumber: 26; The entity
> name must immediately follow the '&' in the entity reference. {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
