Do you see this during development? Or in production? Either way i'm guessing you have not set `securityManager.rememberMeManager.cipherKey` property, for development this is fine, for a pro server, if not set, the rememberme will change on restart. http://shiro.apache.org/configuration.html#Configuration-ByteArrayValues
We could probably improve the error message a bit, please open a bug for this. On Tue, Aug 16, 2016 at 3:01 PM, [email protected] < [email protected]> wrote: > Shiro 1.3.0 > Jetty9.3.10 or Tomcat7 & 8 > Servlet based webapp > Using authc (Form based Auth) > > Occasionally on login I get a nasty stackTrace like the following. I need > help figuring out why. I am not doing anything with Cryptology myself. > This is down in the Shiro code. I am using the box stock > FormAuthenticationFilter. This doesn't happen everytime, and doesn't > appear > to cause any known issues with my app, but the nasty log message is not > good. Any suggestions? > > [qtp1136503323-30] WARN org.apache.shiro.mgt.DefaultSecurityManager - > Delegate RememberMeManager instance of type [org.apache > .shiro.web.mgt.CookieRememberMeManager] threw an exception during > getRememberedPrincipals(). > org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with > cipher instance [javax.crypto.Cipher@32d3ab59]. > at > org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462) > at > org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445) > at > org.apache.shiro.crypto.JcaCipherService.decrypt( > JcaCipherService.java:390) > at > org.apache.shiro.crypto.JcaCipherService.decrypt( > JcaCipherService.java:382) > at > org.apache.shiro.mgt.AbstractRememberMeManager.decrypt( > AbstractRememberMeManager.java:479) > at > org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals( > AbstractRememberMeManager.java:419) > at > org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals( > AbstractRememberMeManager.java:386) > at > org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity( > DefaultSecurityManager.java:604) > at > org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals( > DefaultSecurityManager.java:492) > at > org.apache.shiro.mgt.DefaultSecurityManager.createSubject( > DefaultSecurityManager.java:342) > at > org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) > at > org.apache.shiro.web.subject.WebSubject$Builder. > buildWebSubject(WebSubject.java:148) > at > org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject( > AbstractShiroFilter.java:292) > at > org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal( > AbstractShiroFilter.java:359) > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter( > OncePerRequestFilter.java:125) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain. > doFilter(ServletHandler.java:1668) > at > org.apache.logging.log4j.web.Log4jServletFilter.doFilter( > Log4jServletFilter.java:71) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain. > doFilter(ServletHandler.java:1676) > at > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) > at > org.eclipse.jetty.server.handler.ScopedHandler.handle( > ScopedHandler.java:143) > at > org.eclipse.jetty.security.SecurityHandler.handle( > SecurityHandler.java:548) > at > org.eclipse.jetty.server.session.SessionHandler. > doHandle(SessionHandler.java:226) > at > org.eclipse.jetty.server.handler.ContextHandler. > doHandle(ContextHandler.java:1180) > at > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) > at > org.eclipse.jetty.server.session.SessionHandler. > doScope(SessionHandler.java:185) > at > org.eclipse.jetty.server.handler.ContextHandler. > doScope(ContextHandler.java:1112) > at > org.eclipse.jetty.server.handler.ScopedHandler.handle( > ScopedHandler.java:141) > at > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle( > ContextHandlerCollection.java:213) > at > org.eclipse.jetty.server.handler.HandlerCollection. > handle(HandlerCollection.java:119) > at > org.eclipse.jetty.server.handler.HandlerWrapper.handle( > HandlerWrapper.java:134) > at org.eclipse.jetty.server.Server.handle(Server.java:524) > at org.eclipse.jetty.server.HttpChannel.handle( > HttpChannel.java:319) > at > org.eclipse.jetty.server.HttpConnection.onFillable( > HttpConnection.java:253) > at > org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded( > AbstractConnection.java:273) > at org.eclipse.jetty.io.FillInterest.fillable( > FillInterest.java:95) > at > org.eclipse.jetty.io.SelectChannelEndPoint$2.run( > SelectChannelEndPoint.java:93) > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume. > executeProduceConsume(ExecuteProduceConsume.java:303) > > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume. > produceConsume(ExecuteProduceConsume.java:148) > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run( > ExecuteProduceConsume.java:136) > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob( > QueuedThreadPool.java:671) > at > org.eclipse.jetty.util.thread.QueuedThreadPool$2.run( > QueuedThreadPool.java:589) > at java.lang.Thread.run(Thread.java:745) > Caused by: javax.crypto.BadPaddingException: Given final block not > properly > padded > at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:966) > at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824) > at > com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436) > at javax.crypto.Cipher.doFinal(Cipher.java:2165) > at > org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459) > ... 41 more > > > Shiro.ini file contents: > > # > ============================================================ > ================= > # Shiro INI configuration > # > # > ============================================================ > ================= > > #----------- > # Main > # ---------- > [main] > > authc.loginUrl = /pre-auth/authentication/login.html > authc.successUrl = /index.html > logout.redirectUrl = /pre-auth/authentication/login.html > > myRealm = com.test.auth.VnfMgrCustomRealm > > cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager > securityManager.cacheManager = $cacheManager > > securityManager.realms = $myRealm > > sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager > > # Use the configured native session manager: > securityManager.sessionManager = $sessionManager > > cookie = org.apache.shiro.web.servlet.SimpleCookie > cookie.name = mgr.cookie > cookie.path = / > sessionManager.sessionIdCookie = $cookie > > # > ------------------------------------------------------------ > ----------------- > # URLS - followed by Filter Chains. > # > ------------------------------------------------------------ > ----------------- > [urls] > /v1/sbc/** = anon > /v1/vnfs/** = anon > /logout = logout > /pre-auth/authentication/img/favicon/favicon.ico = anon > /pre-auth/authentication/ajax/** = anon > /pre-auth/authentication/css/** = anon > /pre-auth/authentication/data/** = anon > /pre-auth/authentication/design-resources/** = anon > /pre-auth/authentication/fonts/** = anon > /pre-auth/authentication/img/** = anon > /pre-auth/authentication/js/** = anon > /pre-auth/authentication/php/** = anon > /pre-auth/authentication/sound/** = anon > /pre-auth/authentication/xml/** = anon > /** = authc > > > > > -- > View this message in context: http://shiro-user.582556.n2. > nabble.com/CryptoException-tp7581223.html > Sent from the Shiro User mailing list archive at Nabble.com. >
