Lorenz Quack created QPID-7378:
----------------------------------
Summary: [Java Broker] Handle non-ASCII characters
Key: QPID-7378
URL: https://issues.apache.org/jira/browse/QPID-7378
Project: Qpid
Issue Type: Bug
Components: Java Broker
Affects Versions: qpid-java-6.0, qpid-java-6.1, qpid-java-6.0.5
Reporter: Lorenz Quack
Currently, there are numerous places in the Broker that do not handle
non-ASCII characters correctly (either they reject them or they choke on them).
Two examples are SCRAM and MD5 AuthenticationProviders.
When passing "æ" to the MD5 AuthenticationProvider I get this stacktrace in the
log:
{code}
2016-08-04 11:16:26,845 ERROR [HttpManagement-x-132]
(o.a.q.s.m.p.f.ExceptionHandlingFilter) - Unexpected exception in servlet
'/service/sasl':
java.lang.ArrayIndexOutOfBoundsException: 230
at
javax.xml.bind.DatatypeConverterImpl.guessLength(DatatypeConverterImpl.java:659)
~[na:1.8.0_101]
at
javax.xml.bind.DatatypeConverterImpl._parseBase64Binary(DatatypeConverterImpl.java:692)
~[na:1.8.0_101]
at
javax.xml.bind.DatatypeConverterImpl.parseBase64Binary(DatatypeConverterImpl.java:434)
~[na:1.8.0_101]
at
javax.xml.bind.DatatypeConverter.parseBase64Binary(DatatypeConverter.java:342)
~[na:1.8.0_101]
at
org.apache.qpid.server.security.auth.manager.MD5AuthenticationProvider$MD5Callbackhandler.handle(MD5AuthenticationProvider.java:182)
~[classes/:na]
at
com.sun.security.sasl.CramMD5Server.evaluateResponse(CramMD5Server.java:167)
~[na:1.8.0_101]
at
org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HashedSaslServer.evaluateResponse(CRAMMD5HashedSaslServer.java:75)
~[classes/:na]
at
org.apache.qpid.server.security.auth.manager.ConfigModelPasswordManagingAuthenticationProvider.authenticate(ConfigModelPasswordManagingAuthenticationProvider.java:208)
~[classes/:na]
at
org.apache.qpid.server.security.SubjectCreator.authenticate(SubjectCreator.java:115)
~[classes/:na]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.evaluateSaslResponse(SaslServlet.java:212)
~[classes/:na]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:156)
~[classes/:na]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:117)
~[classes/:na]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:113)
~[classes/:na]
at java.security.AccessController.doPrivileged(Native Method)
~[na:1.8.0_101]
at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_101]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:214)
~[classes/:na]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:111)
~[classes/:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
~[classes/:na]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
~[classes/:na]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:70)
~[classes/:na]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
~[classes/:na]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.Server.handle(Server.java:370)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
[jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
[jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
[jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
[jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
[jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
[jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
{code}
I think we should accept Unicode characters throughout the broker.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
