good to know, we will fix that On Thu, Aug 18, 2016 at 10:44 AM, Rob Young <[email protected]> wrote:
> :) To be honest, it would have probably not been too hard to sort out... > I just have a huge task list so I had been putting it off. This really got > to the heart of the matter and sorted me out! > > OH, if you specify a cipher key of an incorrect length, you will get a big > stack trace when shiro tries to create a remember me key. Buried within > the stack is a message saying it. At first I had no idea why it failed, > but the details are all there in the stack trace. I ran into this, the > test hex key in the shiro docs is of the incorrect length, I had created a > new key of a correct length. > > On Thu, Aug 18, 2016 at 10:38 AM, Brian Demers <[email protected]> > wrote: > >> Glad to hear it!, and thanks for letting us know because this further >> confirms we need a better error message. >> >> >> On Thu, Aug 18, 2016 at 9:45 AM, Rob Young <[email protected]> wrote: >> >>> Hi Brian, I just wanted to say thanks, I had been meaning to deal with >>> this in my application, fixed because of your email here! >>> >>> On Wed, Aug 17, 2016 at 11:13 AM, Brian Demers <[email protected]> >>> wrote: >>> >>>> Do you see this during development? Or in production? >>>> >>>> Either way i'm guessing you have not set >>>> `securityManager.rememberMeManager.cipherKey` >>>> property, for development this is fine, for a pro server, if not set, the >>>> rememberme will change on restart. >>>> http://shiro.apache.org/configuration.html#Configuration-Byt >>>> eArrayValues >>>> >>>> We could probably improve the error message a bit, please open a bug >>>> for this. >>>> >>>> On Tue, Aug 16, 2016 at 3:01 PM, [email protected] < >>>> [email protected]> wrote: >>>> >>>>> Shiro 1.3.0 >>>>> Jetty9.3.10 or Tomcat7 & 8 >>>>> Servlet based webapp >>>>> Using authc (Form based Auth) >>>>> >>>>> Occasionally on login I get a nasty stackTrace like the following. I >>>>> need >>>>> help figuring out why. I am not doing anything with Cryptology myself. >>>>> This is down in the Shiro code. I am using the box stock >>>>> FormAuthenticationFilter. This doesn't happen everytime, and doesn't >>>>> appear >>>>> to cause any known issues with my app, but the nasty log message is not >>>>> good. Any suggestions? >>>>> >>>>> [qtp1136503323-30] WARN org.apache.shiro.mgt.DefaultSecurityManager - >>>>> Delegate RememberMeManager instance of type [org.apache >>>>> .shiro.web.mgt.CookieRememberMeManager] threw an exception during >>>>> getRememberedPrincipals(). >>>>> org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' >>>>> with >>>>> cipher instance [javax.crypto.Cipher@32d3ab59]. >>>>> at >>>>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>>>> ice.java:462) >>>>> at >>>>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>>>> ice.java:445) >>>>> at >>>>> org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherSe >>>>> rvice.java:390) >>>>> at >>>>> org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherSe >>>>> rvice.java:382) >>>>> at >>>>> org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(Abstr >>>>> actRememberMeManager.java:479) >>>>> at >>>>> org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesT >>>>> oPrincipals(AbstractRememberMeManager.java:419) >>>>> at >>>>> org.apache.shiro.mgt.AbstractRememberMeManager.getRemembered >>>>> Principals(AbstractRememberMeManager.java:386) >>>>> at >>>>> org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIde >>>>> ntity(DefaultSecurityManager.java:604) >>>>> at >>>>> org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipal >>>>> s(DefaultSecurityManager.java:492) >>>>> at >>>>> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(De >>>>> faultSecurityManager.java:342) >>>>> at >>>>> org.apache.shiro.subject.Subject$Builder.buildSubject(Subjec >>>>> t.java:846) >>>>> at >>>>> org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubj >>>>> ect(WebSubject.java:148) >>>>> at >>>>> org.apache.shiro.web.servlet.AbstractShiroFilter.createSubje >>>>> ct(AbstractShiroFilter.java:292) >>>>> at >>>>> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInt >>>>> ernal(AbstractShiroFilter.java:359) >>>>> at >>>>> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(O >>>>> ncePerRequestFilter.java:125) >>>>> at >>>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilte >>>>> r(ServletHandler.java:1668) >>>>> at >>>>> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log >>>>> 4jServletFilter.java:71) >>>>> at >>>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilte >>>>> r(ServletHandler.java:1676) >>>>> at >>>>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHan >>>>> dler.java:581) >>>>> at >>>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(Scoped >>>>> Handler.java:143) >>>>> at >>>>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHa >>>>> ndler.java:548) >>>>> at >>>>> org.eclipse.jetty.server.session.SessionHandler.doHandle(Ses >>>>> sionHandler.java:226) >>>>> at >>>>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(Con >>>>> textHandler.java:1180) >>>>> at >>>>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHand >>>>> ler.java:511) >>>>> at >>>>> org.eclipse.jetty.server.session.SessionHandler.doScope(Sess >>>>> ionHandler.java:185) >>>>> at >>>>> org.eclipse.jetty.server.handler.ContextHandler.doScope(Cont >>>>> extHandler.java:1112) >>>>> at >>>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(Scoped >>>>> Handler.java:141) >>>>> at >>>>> org.eclipse.jetty.server.handler.ContextHandlerCollection.ha >>>>> ndle(ContextHandlerCollection.java:213) >>>>> at >>>>> org.eclipse.jetty.server.handler.HandlerCollection.handle(Ha >>>>> ndlerCollection.java:119) >>>>> at >>>>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(Handl >>>>> erWrapper.java:134) >>>>> at org.eclipse.jetty.server.Server.handle(Server.java:524) >>>>> at org.eclipse.jetty.server.HttpC >>>>> hannel.handle(HttpChannel.java:319) >>>>> at >>>>> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConne >>>>> ction.java:253) >>>>> at >>>>> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeed >>>>> ed(AbstractConnection.java:273) >>>>> at org.eclipse.jetty.io.FillInter >>>>> est.fillable(FillInterest.java:95) >>>>> at >>>>> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChann >>>>> elEndPoint.java:93) >>>>> at >>>>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>>>> .executeProduceConsume(ExecuteProduceConsume.java:303) >>>>> >>>>> at >>>>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>>>> .produceConsume(ExecuteProduceConsume.java:148) >>>>> at >>>>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume >>>>> .run(ExecuteProduceConsume.java:136) >>>>> at >>>>> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(Queued >>>>> ThreadPool.java:671) >>>>> at >>>>> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedT >>>>> hreadPool.java:589) >>>>> at java.lang.Thread.run(Thread.java:745) >>>>> Caused by: javax.crypto.BadPaddingException: Given final block not >>>>> properly >>>>> padded >>>>> at com.sun.crypto.provider.Cipher >>>>> Core.doFinal(CipherCore.java:966) >>>>> at com.sun.crypto.provider.Cipher >>>>> Core.doFinal(CipherCore.java:824) >>>>> at >>>>> com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436) >>>>> at javax.crypto.Cipher.doFinal(Cipher.java:2165) >>>>> at >>>>> org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherServ >>>>> ice.java:459) >>>>> ... 41 more >>>>> >>>>> >>>>> Shiro.ini file contents: >>>>> >>>>> # >>>>> ============================================================ >>>>> ================= >>>>> # Shiro INI configuration >>>>> # >>>>> # >>>>> ============================================================ >>>>> ================= >>>>> >>>>> #----------- >>>>> # Main >>>>> # ---------- >>>>> [main] >>>>> >>>>> authc.loginUrl = /pre-auth/authentication/login.html >>>>> authc.successUrl = /index.html >>>>> logout.redirectUrl = /pre-auth/authentication/login.html >>>>> >>>>> myRealm = com.test.auth.VnfMgrCustomRealm >>>>> >>>>> cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager >>>>> securityManager.cacheManager = $cacheManager >>>>> >>>>> securityManager.realms = $myRealm >>>>> >>>>> sessionManager = org.apache.shiro.web.session.m >>>>> gt.DefaultWebSessionManager >>>>> >>>>> # Use the configured native session manager: >>>>> securityManager.sessionManager = $sessionManager >>>>> >>>>> cookie = org.apache.shiro.web.servlet.SimpleCookie >>>>> cookie.name = mgr.cookie >>>>> cookie.path = / >>>>> sessionManager.sessionIdCookie = $cookie >>>>> >>>>> # >>>>> ------------------------------------------------------------ >>>>> ----------------- >>>>> # URLS - followed by Filter Chains. >>>>> # >>>>> ------------------------------------------------------------ >>>>> ----------------- >>>>> [urls] >>>>> /v1/sbc/** = anon >>>>> /v1/vnfs/** = anon >>>>> /logout = logout >>>>> /pre-auth/authentication/img/favicon/favicon.ico = anon >>>>> /pre-auth/authentication/ajax/** = anon >>>>> /pre-auth/authentication/css/** = anon >>>>> /pre-auth/authentication/data/** = anon >>>>> /pre-auth/authentication/design-resources/** = anon >>>>> /pre-auth/authentication/fonts/** = anon >>>>> /pre-auth/authentication/img/** = anon >>>>> /pre-auth/authentication/js/** = anon >>>>> /pre-auth/authentication/php/** = anon >>>>> /pre-auth/authentication/sound/** = anon >>>>> /pre-auth/authentication/xml/** = anon >>>>> /** = authc >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> View this message in context: http://shiro-user.582556.n2.na >>>>> bble.com/CryptoException-tp7581223.html >>>>> Sent from the Shiro User mailing list archive at Nabble.com. >>>>> >>>> >>>> >>> >> >
