Hi Maxim, I wasn't able to reproduce the problem. Additionally I think it is a normal use case. org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy#load() [1] catches RuntimeException, logs an INFO message explaining why it may happen and removes the cookie. I am not sure why you see this exception stack trace. It is not logged by Wicket, or at least I don't see where.
1. https://github.com/apache/wicket/blob/wicket-6.x/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java#L101 Martin Grigorov Wicket Training and Consulting https://twitter.com/mtgrigorov On Tue, Jan 27, 2015 at 6:52 PM, Maxim Solodovnik <[email protected]> wrote: > Hello Martijn, > > It seems like "Remember log in" feature is not working anymore. > > Steps: > 1) Save login/password in cookies > 2) delete JSESSIONID cookie > 3) reload page > Result: no login prompt > > 1) stop tomcat > 2) start tomcat > 3) reload page > Result: exception [1] in the logs + login prompt > > it was working in 6.18.0 .... did I miss to update some dependencies or > something broken? > > > [1] java.lang.RuntimeException: Unable to decrypt the text '�� �!��@ �� > {�� ��y4 ��x�MJ� ������}]' > at > > org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:154) > ~[wicket-util-6.19.0.jar:6.19.0] > at > > org.apache.wicket.util.crypt.AbstractCrypt.decryptUrlSafe(AbstractCrypt.java:66) > ~[wicket-util-6.19.0.jar:6.19.0] > at > > org.apache.openmeetings.web.app.OmAuthenticationStrategy.load(OmAuthenticationStrategy.java:50) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at > org.apache.openmeetings.web.app.WebSession.isSignedIn(WebSession.java:174) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at > > org.apache.openmeetings.web.pages.auth.SignInDialog$SignInForm.<init>(SignInDialog.java:219) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at > > org.apache.openmeetings.web.pages.auth.SignInDialog.<init>(SignInDialog.java:92) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at > > org.apache.openmeetings.web.pages.auth.SignInPage.<init>(SignInPage.java:127) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at > > org.apache.openmeetings.web.pages.auth.SignInPage.<init>(SignInPage.java:136) > [openmeetings-web-3.0.4-SNAPSHOT.jar:na] > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > [na:1.7.0_76] > at > > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) > [na:1.7.0_76] > at > > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > [na:1.7.0_76] > at java.lang.reflect.Constructor.newInstance(Constructor.java:526) > [na:1.7.0_76] > at > > org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:175) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:67) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.DefaultMapperContext.newPageInstance(DefaultMapperContext.java:133) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.core.request.handler.PageProvider.resolvePageInstance(PageProvider.java:268) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.core.request.handler.PageProvider.getPageInstance(PageProvider.java:166) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.handler.render.PageRenderer.getPage(PageRenderer.java:78) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.handler.render.WebPageRenderer.respond(WebPageRenderer.java:279) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.core.request.handler.RenderPageRequestHandler.respond(RenderPageRequestHandler.java:175) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:890) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64) > [wicket-request-6.19.0.jar:6.19.0] > at > org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:261) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:218) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:289) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processRequestCycle(AbstractUpgradeFilter.java:59) > [wicket-native-websocket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:201) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282) > [wicket-core-6.19.0.jar:6.19.0] > at > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > [tomcat-embed-core.jar:7.0.57] > at > org.red5.logging.LoggerContextFilter.doFilter(LoggerContextFilter.java:77) > [red5-server.jar:1.0.4-RELEASE] > at > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) > [tomcat-embed-core.jar:7.0.57] > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) > [tomcat-embed-core.jar:7.0.57] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1736) > [tomcat-embed-core.jar:7.0.57] > at > > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1695) > [tomcat-embed-core.jar:7.0.57] > at > > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > [na:1.7.0_76] > at > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > [na:1.7.0_76] > at > > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > [tomcat-embed-core.jar:7.0.57] > at java.lang.Thread.run(Thread.java:745) [na:1.7.0_76] > Caused by: javax.crypto.BadPaddingException: Given final block not properly > padded > at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811) > ~[sunjce_provider.jar:1.7.0_80] > at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676) > ~[sunjce_provider.jar:1.7.0_80] > at com.sun.crypto.provider.PBECipherCore.doFinal(PBECipherCore.java:422) > ~[sunjce_provider.jar:1.7.0_80] > at > > com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316) > ~[sunjce_provider.jar:1.7.0_80] > at javax.crypto.Cipher.doFinal(Cipher.java:2087) ~[na:1.7.0_71] > at org.apache.wicket.util.crypt.SunJceCrypt.crypt(SunJceCrypt.java:115) > ~[wicket-util-6.19.0.jar:6.19.0] > at > > org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:150) > ~[wicket-util-6.19.0.jar:6.19.0] > ... 48 common frames omitted > > > On Mon, Jan 26, 2015 at 6:37 PM, Tobias Soloschenko < > [email protected]> wrote: > > > [+] Yes, release Apache Wicket 6.19.0 > > > > kind regards > > > > Tobias > > > > > Am 26.01.2015 um 10:39 schrieb Martijn Dashorst < > > [email protected]>: > > > > > > This is a vote to release Apache Wicket 6.19.0 > > > > > > Please download the source distributions found in our staging area > > > linked below. > > > > > > I have included the signatures for both the source archives. This vote > > > lasts for 72 hours minimum. > > > > > > [ ] Yes, release Apache Wicket 6.19.0 > > > [ ] No, don't release Apache Wicket 6.19.0, because ... > > > > > > Distributions, changelog, keys and signatures can be found at: > > > > > > https://dist.apache.org/repos/dist/dev/wicket/6.19.0 > > > > > > Staging repository: > > > > > > > > https://repository.apache.org/content/repositories/orgapachewicket-1033/ > > > > > > The binaries are available in the above link, as are a staging > > > repository for Maven. Typically the vote is on the source, but should > > > you find a problem with one of the binaries, please let me know, I can > > > re-roll them some way or the other. > > > > > > > > > > ======================================================================== > > > > > > The signatures for the source release artefacts: > > > > > > > > > Signature for apache-wicket-6.19.0.zip: > > > > > > -----BEGIN PGP SIGNATURE----- > > > Version: GnuPG/MacGPG2 v2.0.22 (Darwin) > > > Comment: GPGTools - https://gpgtools.org > > > > > > iEYEABECAAYFAlTGCcIACgkQJBX8W/xy/UWvZACfWKgij/ptCo0iEnzpR/e0j9Nz > > > mAsAn0NfQNOWEBtVMsQuCnwG+L6kqO28 > > > =tEEj > > > -----END PGP SIGNATURE----- > > > > > > Signature for apache-wicket-6.19.0.tar.gz: > > > > > > -----BEGIN PGP SIGNATURE----- > > > Version: GnuPG/MacGPG2 v2.0.22 (Darwin) > > > Comment: GPGTools - https://gpgtools.org > > > > > > iEYEABECAAYFAlTGCcIACgkQJBX8W/xy/UWqKwCgt9wLbuSjvAGwuO4E67KbXPhc > > > /WAAnR1ZWxjr077abSwK2b77WM3nuwO4 > > > =9HPf > > > -----END PGP SIGNATURE----- > > > > > > > ======================================================================== > > > > > > CHANGELOG for 6.19.0: > > > > > > > > > ** Bug > > > > > > * [WICKET-5747] - Wicket Ajax Click handling gets requeued in > > > OnDomReady so fire out of order > > > * [WICKET-5752] - ReplacementResourceBundleReference should return > > > the dependencies for the replacing resource ref > > > * [WICKET-5755] - Restoring focus after Ajax replace no longer works > > in IE8 > > > * [WICKET-5759] - AjaxRequestAttributes extra parameters aren't > > > properly handled in getCallbackFunction() > > > * [WICKET-5770] - PageParametersEncoder should not decode > > > parameters with no name > > > * [WICKET-5782] - Missing escaping in MultiFileUploadField.js - sort > > of XSS > > > * [WICKET-5783] - Multiple events in AjaxEventBehavior with prefix > > 'on' > > > * [WICKET-5784] - arraycopy with bad length in > > AbstractRequestLogger:172 > > > * [WICKET-5793] - Request for static resource creating a session in > > 6.13.0+ > > > * [WICKET-5809] - URL IPv6 parsing > > > * [WICKET-5811] - Infinite loop issue in > > > PropertyValidator#createUnresolvablePropertyMessage(FormComponent<>) > > > * [WICKET-5812] - AtmosphereBehavior wrongly sets Ajax base url to > '.' > > > > > > ** Improvement > > > > > > * [WICKET-4703] - StringResourceModel should provide an > > > overridable getString(Component) method > > > * [WICKET-5746] - Fire an event once all JS event listeners are > > registered > > > * [WICKET-5753] - It is impossible to determine the form > > > submitting component's inputName when AjaxFormSubmitBehavior is used > > > * [WICKET-5754] - (String)ResourceModel's defaultValue could be an > > > IModel<String> > > > * [WICKET-5756] - Allow to use custom ciphers when using SunJceCrypt > > class > > > * [WICKET-5758] - Portuguese translation > > > * [WICKET-5760] - Add constructor (String, Serializable, String) > > > to AttributeAppender > > > * [WICKET-5775] - Replace the session upon successful signin for > > > better support for Session Fixation > > > * [WICKET-5776] - Add information about the component when it fail > > > in detach phase > > > * [WICKET-5778] - Pass the IModifiable to the IChangeListener in > > > ModificationWatcher > > > * [WICKET-5780] - Add a resource reference for > ContextRelativeResource > > > * [WICKET-5794] - Make DefaultExceptionMapper extensible > > > * [WICKET-5797] - Convenience method to call setResponsePage with > > > forward option > > > * [WICKET-5799] - Add rel=prev/next in PagingNavigator.html > > > * [WICKET-5802] - HTML Import > > > * [WICKET-5806] - Wicket.Log should log (at least errors) in the > > > browser console even when Wicket Ajax Debug window is disabled > > > > > > ** New Feature > > > > > > * [WICKET-5771] - Ability to escape resource bundle messages added > > > with wicket:message > > > > > > ** Task > > > > > > * [WICKET-5791] - Update JQuery to 1.11.2 and 2.1.3 > > > > > > -- > WBR > Maxim aka solomax >
