Daniil Kirilyuk created QPID-8677:
-------------------------------------
Summary: [Broker-J] IllegalConfigurationException when deleting
misconfigured port
Key: QPID-8677
URL: https://issues.apache.org/jira/browse/QPID-8677
Project: Qpid
Issue Type: Bug
Components: Broker-J
Affects Versions: qpid-java-broker-9.2.0
Reporter: Daniil Kirilyuk
Fix For: qpid-java-broker-9.2.1
Following exception was observed in broker log when deleting a port:
{noformat}
2024-04-18T12:44:23,633Z INFO [qtp598169654-115] (q.m.a.allowed) -
[mng:N/A(admin@/127.0.0.1:34350)] ACL-1001 : Allowed : Access Management
ObjectProperties[]
2024-04-18T12:44:23,637Z INFO [qtp598169654-115] (q.m.a.allowed) -
[mng:N/A(admin@/127.0.0.1:34350)] ACL-1001 : Allowed : Configure Broker
ObjectProperties[, delete port 'https']
2024-04-18T12:44:23,638Z INFO [qtp598169654-115] (q.m.p.delete) -
[mng:N/A(admin@/127.0.0.1:34350)] PRT-1006 : Delete "HTTP" : https
2024-04-18T12:44:23,639Z INFO [qtp598169654-115]
(o.a.q.s.m.p.ManagementException) - IllegalConfigurationException processing
request /api/v9.0/port/https from user '/127.0.0.1:34350/admin': Can't create
port which requests SSL client certificates but has no trust store configured.
2024-04-18T12:44:23,639Z ERROR [qtp598169654-115] (o.a.q.s.m.p.s.r.RestServlet)
- Error when executing DELETE request
org.apache.qpid.server.management.plugin.ManagementException: Can't create port
which requests SSL client certificates but has no trust store configured.
at
org.apache.qpid.server.management.plugin.ManagementException.createUnprocessableManagementException(ManagementException.java:108)
at
org.apache.qpid.server.management.plugin.ManagementException.toManagementException(ManagementException.java:211)
at
org.apache.qpid.server.management.plugin.controller.latest.LatestManagementController.delete(LatestManagementController.java:301)
at
org.apache.qpid.server.management.plugin.controller.AbstractManagementController.handleDelete(AbstractManagementController.java:109)
at
org.apache.qpid.server.management.plugin.servlet.rest.RestServlet.doDelete(RestServlet.java:179)
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doDelete(AbstractServlet.java:208)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:526)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587)
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
at
org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
at
org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.lambda$doFilterChainAs$1(AuthenticationCheckFilter.java:155)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
at
org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.doFilterChainAs(AuthenticationCheckFilter.java:153)
at
org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.doFilter(AuthenticationCheckFilter.java:123)
at
org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at
org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at
org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:63)
at
org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at
org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at
org.apache.qpid.server.management.plugin.filter.MethodFilter.doFilter(MethodFilter.java:67)
at
org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at
org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at
org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:314)
at
org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:267)
at
org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at
org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at
org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:59)
at
org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at
org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1580)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1381)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1553)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1303)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
at org.eclipse.jetty.server.Server.handle(Server.java:563)
at
org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
at
org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at
org.apache.qpid.server.bytebuffer.QpidByteBufferFactory.lambda$createQpidByteBufferTrackingThreadFactory$0(QpidByteBufferFactory.java:464)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.apache.qpid.server.configuration.IllegalConfigurationException:
Can't create port which requests SSL client certificates but has no trust store
configured.
at
org.apache.qpid.server.model.port.AbstractPort.validateChange(AbstractPort.java:332)
at
org.apache.qpid.server.model.port.HttpPortImpl.validateChange(HttpPortImpl.java:205)
at
org.apache.qpid.server.model.AbstractConfiguredObject.deleteWithChecks(AbstractConfiguredObject.java:2200)
at
org.apache.qpid.server.model.AbstractConfiguredObject.deleteAsync(AbstractConfiguredObject.java:2169)
at
org.apache.qpid.server.model.AbstractConfiguredObject.delete(AbstractConfiguredObject.java:2088)
at
org.apache.qpid.server.management.plugin.controller.latest.LatestManagementController.delete(LatestManagementController.java:295)
... 57 common frames omitted
{noformat}
When a port is deleted, validateChange() call performs the checks of all port
parameters including the SSL settings. When part of the SSL configuration
becomes corrupted, port becomes undeletable.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
