[jira] [Resolved] (QPID-7444) [Java Broker] 500 http status code is returned on attempt to start SASL negotiation using SASL mechanism not supported by authentication provider

Fri, 25 Nov 2016 06:47:55 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-7444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Keith Wall resolved QPID-7444.
------------------------------
    Resolution: Fixed

> [Java Broker] 500 http status code is returned on attempt to start SASL 
> negotiation using SASL mechanism not supported by authentication provider 
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-7444
>                 URL: https://issues.apache.org/jira/browse/QPID-7444
>             Project: Qpid
>          Issue Type: Task
>          Components: Java Broker
>    Affects Versions: qpid-java-6.0, qpid-java-6.0.1, qpid-java-6.0.2, 
> qpid-java-6.0.3, qpid-java-6.0.4
>            Reporter: Alex Rudyy
>            Assignee: Alex Rudyy
>            Priority: Minor
>             Fix For: qpid-java-6.2
>
>
> When http client attempts to start SASL negotiation using mechanism which is 
> unsupported by authentication provider, 500 http status code is returned by 
> the broker which is used to report a server error.
> It seems that server should return 403 http status code in this case.
> The exception reported into broker log is below
> {noformat}
> 2016-09-23 10:29:25,806 INFO  [HttpManagement-HTTP-251] 
> (o.a.q.s.m.p.f.ExceptionHandlingFilter) - Exception in servlet 
> '/service/sasl' : javax.security.sasl.SaslException: Unsupported mechanism: 
> CRAM-MD5.
> Supported mechanisms: [SCRAM-SHA-256]
> 2016-09-23 10:29:25,813 WARN  [HttpManagement-HTTP-251] 
> (o.e.j.s.ServletHandler) - /service/sasl
> org.apache.qpid.server.util.ConnectionScopedRuntimeException: 
> javax.security.sasl.SaslException: Unsupported mechanism: CRAM-MD5.
> Supported mechanisms: [SCRAM-SHA-256]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:245)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:117)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:595) 
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:668) 
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
>         at 
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684) 
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:70)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
>  ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
>  ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
>  ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501) 
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429) 
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) 
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at org.eclipse.jetty.server.Server.handle(Server.java:370) 
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) 
> [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) 
> [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
>  [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
>  [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
>  [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
>  [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
>  [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
>         at java.lang.Thread.run(Thread.java:745) [na:1.8.0_77]
> Caused by: javax.security.sasl.SaslException: Unsupported mechanism: CRAM-MD5.
> Supported mechanisms: [SCRAM-SHA-256]
>         at 
> org.apache.qpid.server.security.SubjectCreator.createSaslServer(SubjectCreator.java:102)
>  ~[qpid-broker-core-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:133)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:123)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:119)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         at java.security.AccessController.doPrivileged(Native Method) 
> ~[na:1.8.0_77]
>         at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_77]
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:220)
>  ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
>         ... 36 common frames omitted
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to