[jira] [Commented] (SHIRO-615) Refine error message for incorrectly configured rememberMe cipherKey

Rob Young (JIRA) Thu, 23 Feb 2017 12:23:57 -0800

    [ 
https://issues.apache.org/jira/browse/SHIRO-615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15881177#comment-15881177
 ]


Rob Young commented on SHIRO-615:
---------------------------------

Attached is another possible error, if the byte is able to be parsed, but not 
compatible with the cipher suite.

{code}
2017-02-23T15:19:17.989-0500|Info: 15:19:17.988 [http-listener-1(3)] WARN  
o.a.shiro.mgt.DefaultSecurityManager - Delegate RememberMeManager instance of 
type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception 
during onSuccessfulLogin.  RememberMe services will not be performed for 
account [---snip---].
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
        at 
org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495) 
~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444) 
~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324) 
~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313) 
~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.AbstractRememberMeManager.encrypt(AbstractRememberMeManager.java:466)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.AbstractRememberMeManager.convertPrincipalsToBytes(AbstractRememberMeManager.java:352)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.AbstractRememberMeManager.rememberIdentity(AbstractRememberMeManager.java:336)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.AbstractRememberMeManager.rememberIdentity(AbstractRememberMeManager.java:311)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.AbstractRememberMeManager.onSuccessfulLogin(AbstractRememberMeManager.java:287)
 ~[shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.DefaultSecurityManager.rememberMeSuccessfulLogin(DefaultSecurityManager.java:206)
 [shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.DefaultSecurityManager.onSuccessfulLogin(DefaultSecurityManager.java:291)
 [shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:285)
 [shiro-core-1.3.2.jar:1.3.2]
        at 
org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
 [shiro-core-1.3.2.jar:1.3.2]
        ---snip---
Caused by: java.security.InvalidKeyException: Invalid AES key length: 15 bytes
        at 
com.sun.crypto.provider.AESCipher.engineGetKeySize(AESCipher.java:495) 
~[sunjce_provider.jar:1.8.0_71]
        at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1067) 
~[na:1.8.0_71]
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1038) ~[na:1.8.0_71]
        at javax.crypto.Cipher.implInit(Cipher.java:805) ~[na:1.8.0_71]
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864) ~[na:1.8.0_71]
        at javax.crypto.Cipher.init(Cipher.java:1396) ~[na:1.8.0_71]
        at javax.crypto.Cipher.init(Cipher.java:1327) ~[na:1.8.0_71]
{code}

> Refine error message for incorrectly configured rememberMe cipherKey
> --------------------------------------------------------------------
>
>                 Key: SHIRO-615
>                 URL: https://issues.apache.org/jira/browse/SHIRO-615
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Rob Young
>            Priority: Minor
>
> Currently if the shiro configuration key 
> *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is 
> logged via a stack trace.  Unfortunately, this stack trace and associated 
> error message do not provide much context and could be refined to indicate 
> that the source of the error was the cipherKey.
> h4. Sample Error
> {code}
> ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization 
> failed
> java.lang.IllegalArgumentException: Odd number of characters.
>       at org.apache.shiro.codec.Hex.decode(Hex.java:128) 
> ~[shiro-core-1.3.2.jar:1.3.2]
>       at org.apache.shiro.codec.Hex.decode(Hex.java:107) 
> ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) 
> ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123)
>  ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) 
> ~[shiro-core-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203)
>  ~[shiro-web-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99)
>  ~[shiro-web-1.3.2.jar:1.3.2]
>       at 
> org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) 
> ~[shiro-web-1.3.2.jar:1.3.2]
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (SHIRO-615) Refine error message for incorrectly configured rememberMe cipherKey

Reply via email to