[
https://issues.apache.org/jira/browse/QPID-7378?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Keith Wall updated QPID-7378:
-----------------------------
Fix Version/s: Future
> [Java Broker] Handle non-ASCII characters
> -----------------------------------------
>
> Key: QPID-7378
> URL: https://issues.apache.org/jira/browse/QPID-7378
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: qpid-java-6.0, qpid-java-6.1, qpid-java-6.0.5
> Reporter: Lorenz Quack
> Fix For: Future
>
>
> Currently, there are places in the Broker that do not handle non-ASCII
> characters correctly (either they reject them or they choke on them). Two
> examples are SCRAM and MD5 AuthenticationProviders.
> When passing "æ" to the MD5 AuthenticationProvider I get this stacktrace in
> the log:
> {code}
> 2016-08-04 11:16:26,845 ERROR [HttpManagement-x-132]
> (o.a.q.s.m.p.f.ExceptionHandlingFilter) - Unexpected exception in servlet
> '/service/sasl':
> java.lang.ArrayIndexOutOfBoundsException: 230
> at
> javax.xml.bind.DatatypeConverterImpl.guessLength(DatatypeConverterImpl.java:659)
> ~[na:1.8.0_101]
> at
> javax.xml.bind.DatatypeConverterImpl._parseBase64Binary(DatatypeConverterImpl.java:692)
> ~[na:1.8.0_101]
> at
> javax.xml.bind.DatatypeConverterImpl.parseBase64Binary(DatatypeConverterImpl.java:434)
> ~[na:1.8.0_101]
> at
> javax.xml.bind.DatatypeConverter.parseBase64Binary(DatatypeConverter.java:342)
> ~[na:1.8.0_101]
> at
> org.apache.qpid.server.security.auth.manager.MD5AuthenticationProvider$MD5Callbackhandler.handle(MD5AuthenticationProvider.java:182)
> ~[classes/:na]
> at
> com.sun.security.sasl.CramMD5Server.evaluateResponse(CramMD5Server.java:167)
> ~[na:1.8.0_101]
> at
> org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5HashedSaslServer.evaluateResponse(CRAMMD5HashedSaslServer.java:75)
> ~[classes/:na]
> at
> org.apache.qpid.server.security.auth.manager.ConfigModelPasswordManagingAuthenticationProvider.authenticate(ConfigModelPasswordManagingAuthenticationProvider.java:208)
> ~[classes/:na]
> at
> org.apache.qpid.server.security.SubjectCreator.authenticate(SubjectCreator.java:115)
> ~[classes/:na]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.evaluateSaslResponse(SaslServlet.java:212)
> ~[classes/:na]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:156)
> ~[classes/:na]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:117)
> ~[classes/:na]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:113)
> ~[classes/:na]
> at java.security.AccessController.doPrivileged(Native Method)
> ~[na:1.8.0_101]
> at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_101]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:214)
> ~[classes/:na]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:111)
> ~[classes/:na]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
> at
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
> ~[classes/:na]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
> ~[classes/:na]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:70)
> ~[classes/:na]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
> ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
> ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
> ~[classes/:na]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
> [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
> [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
> at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
> {code}
> I think we should accept Unicode characters throughout the broker.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
