AbstractRememberMeManager and javax.crypto.IllegalBlockSizeException

Mon, 26 Jan 2009 15:04:52 -0800

I'm having a bit of trouble running Jsecurity (built with revision 736939). I'm using the Grails plugin (updated in my local environment) and running Tomcat 6.
I'm having several issues that I can't completely describe at this point, but I'm seeing the following output in my logs. Is this just a transient issue, or is it problem with the Jsecurity code (or my environment)? 


Are there any 'upgrade' issues related to the rememberMe cookies? (I was 
having trouble logging in until I deleted cookies in my browser.)


Thanks,

Brad



01/26 16:52:04 INFO  org.jsecurity.web.attr.CookieAttribute  - Found 
string value 
[clJgEjFZVuRRN5lCpInkOsawSaKK4hLwegZK/QgR1Thk380v5wL9pA1NZo7QHr7erlnry1vt2AqIyM8Fj2HBCsl1lierxE9EJ1typI2GpgMeG+HmceNdrlN6KGh4AmjLG3zCUPo8E+QzGVs/EO3PIAGyYYtuYbW++oJDr5xfY9DwK4Omq5GijZSSmdpOHiYelPMa1XLwT0D/kNCUm6EVfG6TKwxViNtGdyzknY7abNU7ucw2UWfjFe24hH0SL0hZMXjPQYtMnPl5J5qfjU4EXX1a/Ijn0IKUEk5BmY+ipc6irMI/Rrmumr7XSSncSHq2cpyNbwJBykFX5s/ydB64hbMenS+LhbUvnQBNt8Xkjyc+IrzntDuVGH4IGfnRIAOwDkU6EZPQ4v36wbd8IB3kUFW1/1z6ZvS4jsIgMA3TS2xMjhGB8FWnIAFUoCkjdbD5IIrhYORnMFPMQ/6A+3yPnLCDQ3UIeZ5SB9Ol7a1oMIw] 
from HttpServletRequest Cookie [rememberMe]
01/26 16:52:04 WARN  org.jsecurity.mgt.AbstractRememberMeManager  - 
There was a failure while trying to retrieve remembered principals.  
This could be due to a configuration problem or corrupted principals.  
This could also be due to a recently changed encryption key.  The 
remembered identity will be forgotten and not used for this request.
java.lang.IllegalStateException: Unable to crypt bytes with cipher 
[javax.crypto.cip...@cb577].
       at 
org.jsecurity.crypto.BlowfishCipher.crypt(BlowfishCipher.java:194)
       at 
org.jsecurity.crypto.BlowfishCipher.crypt(BlowfishCipher.java:219)
       at 
org.jsecurity.crypto.BlowfishCipher.decrypt(BlowfishCipher.java:141)
       at 
org.jsecurity.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:251)
       at 
org.jsecurity.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:198)
       at 
org.jsecurity.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:411)
       at 
org.jsecurity.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:212)
       at 
org.jsecurity.mgt.DefaultSecurityManager.getSubject(DefaultSecurityManager.java:426)
       at 
org.jsecurity.mgt.DefaultSecurityManager.getSubject(DefaultSecurityManager.java:433)
       at 
org.jsecurity.web.servlet.JSecurityFilter.doFilterInternal(JSecurityFilter.java:369)
       at 
org.jsecurity.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:183)
       at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at 
org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:65)
       at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
       at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at 
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:96)
       at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
       at 
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
       at 
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
       at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
       at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
       at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
       at 
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
       at 
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)

       at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)

       at 
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
       at 
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)
       at 
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)

       at java.lang.Thread.run(Thread.java:619)

Caused by: javax.crypto.IllegalBlockSizeException: Input length must be 
multiple of 8 when decrypting with padded cipher

       at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
       at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
       at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA13*..)
       at javax.crypto.Cipher.doFinal(DashoA13*..)

       at 
org.jsecurity.crypto.BlowfishCipher.crypt(BlowfishCipher.java:191)

       ... 35 more


























					Reply via email to