Glad to hear it!, and thanks for letting us know because this further confirms we need a better error message.
On Thu, Aug 18, 2016 at 9:45 AM, Rob Young <[email protected]> wrote: > Hi Brian, I just wanted to say thanks, I had been meaning to deal with > this in my application, fixed because of your email here! > > On Wed, Aug 17, 2016 at 11:13 AM, Brian Demers <[email protected]> > wrote: > >> Do you see this during development? Or in production? >> >> Either way i'm guessing you have not set >> `securityManager.rememberMeManager.cipherKey` >> property, for development this is fine, for a pro server, if not set, the >> rememberme will change on restart. >> http://shiro.apache.org/configuration.html#Configuration-ByteArrayValues >> >> We could probably improve the error message a bit, please open a bug for >> this. >> >> On Tue, Aug 16, 2016 at 3:01 PM, [email protected] < >> [email protected]> wrote: >> >>> Shiro 1.3.0 >>> Jetty9.3.10 or Tomcat7 & 8 >>> Servlet based webapp >>> Using authc (Form based Auth) >>> >>> Occasionally on login I get a nasty stackTrace like the following. I >>> need >>> help figuring out why. I am not doing anything with Cryptology myself. >>> This is down in the Shiro code. I am using the box stock >>> FormAuthenticationFilter. This doesn't happen everytime, and doesn't >>> appear >>> to cause any known issues with my app, but the nasty log message is not >>> good. Any suggestions? >>> >>> [qtp1136503323-30] WARN org.apache.shiro.mgt.DefaultSecurityManager - >>> Delegate RememberMeManager instance of type [org.apache >>> .shiro.web.mgt.CookieRememberMeManager] threw an exception during >>> getRememberedPrincipals(). >>> org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' >>> with >>> cipher instance [javax.crypto.Cipher@32d3ab59]. >>> at >>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>> ice.java:462) >>> at >>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>> ice.java:445) >>> at >>> org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherSe >>> rvice.java:390) >>> at >>> org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherSe >>> rvice.java:382) >>> at >>> org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(Abstr >>> actRememberMeManager.java:479) >>> at >>> org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesT >>> oPrincipals(AbstractRememberMeManager.java:419) >>> at >>> org.apache.shiro.mgt.AbstractRememberMeManager.getRemembered >>> Principals(AbstractRememberMeManager.java:386) >>> at >>> org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIde >>> ntity(DefaultSecurityManager.java:604) >>> at >>> org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipal >>> s(DefaultSecurityManager.java:492) >>> at >>> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(De >>> faultSecurityManager.java:342) >>> at >>> org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) >>> at >>> org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubj >>> ect(WebSubject.java:148) >>> at >>> org.apache.shiro.web.servlet.AbstractShiroFilter.createSubje >>> ct(AbstractShiroFilter.java:292) >>> at >>> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInt >>> ernal(AbstractShiroFilter.java:359) >>> at >>> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(O >>> ncePerRequestFilter.java:125) >>> at >>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilte >>> r(ServletHandler.java:1668) >>> at >>> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log >>> 4jServletFilter.java:71) >>> at >>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilte >>> r(ServletHandler.java:1676) >>> at >>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHan >>> dler.java:581) >>> at >>> org.eclipse.jetty.server.handler.ScopedHandler.handle(Scoped >>> Handler.java:143) >>> at >>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHa >>> ndler.java:548) >>> at >>> org.eclipse.jetty.server.session.SessionHandler.doHandle(Ses >>> sionHandler.java:226) >>> at >>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(Con >>> textHandler.java:1180) >>> at >>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHand >>> ler.java:511) >>> at >>> org.eclipse.jetty.server.session.SessionHandler.doScope(Sess >>> ionHandler.java:185) >>> at >>> org.eclipse.jetty.server.handler.ContextHandler.doScope(Cont >>> extHandler.java:1112) >>> at >>> org.eclipse.jetty.server.handler.ScopedHandler.handle(Scoped >>> Handler.java:141) >>> at >>> org.eclipse.jetty.server.handler.ContextHandlerCollection.ha >>> ndle(ContextHandlerCollection.java:213) >>> at >>> org.eclipse.jetty.server.handler.HandlerCollection.handle(Ha >>> ndlerCollection.java:119) >>> at >>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(Handl >>> erWrapper.java:134) >>> at org.eclipse.jetty.server.Server.handle(Server.java:524) >>> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java >>> :319) >>> at >>> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConne >>> ction.java:253) >>> at >>> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeed >>> ed(AbstractConnection.java:273) >>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java >>> :95) >>> at >>> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChann >>> elEndPoint.java:93) >>> at >>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>> .executeProduceConsume(ExecuteProduceConsume.java:303) >>> >>> at >>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>> .produceConsume(ExecuteProduceConsume.java:148) >>> at >>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>> .run(ExecuteProduceConsume.java:136) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(Queued >>> ThreadPool.java:671) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedT >>> hreadPool.java:589) >>> at java.lang.Thread.run(Thread.java:745) >>> Caused by: javax.crypto.BadPaddingException: Given final block not >>> properly >>> padded >>> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:9 >>> 66) >>> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:8 >>> 24) >>> at >>> com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436) >>> at javax.crypto.Cipher.doFinal(Cipher.java:2165) >>> at >>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>> ice.java:459) >>> ... 41 more >>> >>> >>> Shiro.ini file contents: >>> >>> # >>> ============================================================ >>> ================= >>> # Shiro INI configuration >>> # >>> # >>> ============================================================ >>> ================= >>> >>> #----------- >>> # Main >>> # ---------- >>> [main] >>> >>> authc.loginUrl = /pre-auth/authentication/login.html >>> authc.successUrl = /index.html >>> logout.redirectUrl = /pre-auth/authentication/login.html >>> >>> myRealm = com.test.auth.VnfMgrCustomRealm >>> >>> cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager >>> securityManager.cacheManager = $cacheManager >>> >>> securityManager.realms = $myRealm >>> >>> sessionManager = org.apache.shiro.web.session.m >>> gt.DefaultWebSessionManager >>> >>> # Use the configured native session manager: >>> securityManager.sessionManager = $sessionManager >>> >>> cookie = org.apache.shiro.web.servlet.SimpleCookie >>> cookie.name = mgr.cookie >>> cookie.path = / >>> sessionManager.sessionIdCookie = $cookie >>> >>> # >>> ------------------------------------------------------------ >>> ----------------- >>> # URLS - followed by Filter Chains. >>> # >>> ------------------------------------------------------------ >>> ----------------- >>> [urls] >>> /v1/sbc/** = anon >>> /v1/vnfs/** = anon >>> /logout = logout >>> /pre-auth/authentication/img/favicon/favicon.ico = anon >>> /pre-auth/authentication/ajax/** = anon >>> /pre-auth/authentication/css/** = anon >>> /pre-auth/authentication/data/** = anon >>> /pre-auth/authentication/design-resources/** = anon >>> /pre-auth/authentication/fonts/** = anon >>> /pre-auth/authentication/img/** = anon >>> /pre-auth/authentication/js/** = anon >>> /pre-auth/authentication/php/** = anon >>> /pre-auth/authentication/sound/** = anon >>> /pre-auth/authentication/xml/** = anon >>> /** = authc >>> >>> >>> >>> >>> -- >>> View this message in context: http://shiro-user.582556.n2.na >>> bble.com/CryptoException-tp7581223.html >>> Sent from the Shiro User mailing list archive at Nabble.com. >>> >> >> >
