something _similar_ happens in my logs.
ERROR 2008-11-17 14:16:49,170 [http-8080-Processor17] Invalid URL
org.apache.wicket.WicketRuntimeException: Unable to decrypt the text
'[EMAIL PROTECTED]'
at
org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:145)
at
org.apache.wicket.util.crypt.AbstractCrypt.decryptUrlSafe(AbstractCrypt.java:67)
at
org.apache.wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decodeURL(CryptedUrlWebRequestCodingStrategy.java:256)
at
org.apache.wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decode(CryptedUrlWebRequestCodingStrategy.java:98)
at org.apache.wicket.Request.getRequestParameters(Request.java:172)
at org.apache.wicket.RequestCycle.step(RequestCycle.java:1227)
at org.apache.wicket.RequestCycle.steps(RequestCycle.java:1347)
at org.apache.wicket.RequestCycle.request(RequestCycle.java:497)
at
org.apache.wicket.protocol.http.WicketFilter.doGet(WicketFilter.java:420)
(...)
Caused by: javax.crypto.BadPaddingException: Given final block not
properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_ab.b(DashoA13*..)
at
com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at org.apache.wicket.util.crypt.SunJceCrypt.crypt(SunJceCrypt.java:101)
at
org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:141)
... 27 more
but apparently doesn't cause any trouble in the app (eg. no visible
stacktrace or expired page). so i'm just curious.
in this app wicket is 1.4-SNAPSHOT (august 26) (because of a
dependency). will try to switch to rc1 see what i get.
> I already changed the handling of that in trunk so that now a page expired
> is thrown when that happens.
johan when did you exactly change that? does it also impact my issue?
thanks
francisco
On Mon, Nov 17, 2008 at 10:39 AM, Johan Compagner <[EMAIL PROTECTED]> wrote:
> i guess this is because we now use sessionid as the seed for the encryption
> of the urls
>
> So when a session times out and that user makes another request to it we
> cant decrypt it anymore because
> another seed is used.
>
> I already changed the handling of that in trunk so that now a page expired
> is thrown when that happens.
>
>
> On Mon, Nov 17, 2008 at 5:21 AM, Andrew Berman <[EMAIL PROTECTED]> wrote:
>
>> I upgraded from 1.3.4 to 1.3.5 and now I am seeing this error all over the
>> place in my log files..
>>
>> [ERROR] 21:44:24 CryptedUrlWebRequestCodingStrategy - Invalid URL:
>>
>> foo/?x=kSQEmQImbZiH47lvkBIVh0gnXDVDx7-UQqHufLUVx5IVu10xEJYI8UXQ2B0gQCTDdAzJ7rUByXI
>> org.apache.wicket.WicketRuntimeException: Unable to decrypt the text
>> '�$^D�^B&m���o�^R^U�H'\5Cǿ�B��|�^Uǒ^U�]1^P�^H�E��^] @$�t^L��^A�r'
>> at
>>
>> org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:145)
>> at
>>
>> org.apache.wicket.util.crypt.AbstractCrypt.decryptUrlSafe(AbstractCrypt.java:67)
>> at
>>
>> org.apache.wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decodeURL(CryptedUrlWebRequestCodingStrategy.java:250)
>> at
>>
>> org.apache.wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy.decode(CryptedUrlWebRequestCodingStrategy.java:98)
>> at org.apache.wicket.Request.getRequestParameters(Request.java:171)
>> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1233)
>> at org.apache.wicket.RequestCycle.steps(RequestCycle.java:1353)
>> at org.apache.wicket.RequestCycle.request(RequestCycle.java:493)
>> at
>> org.apache.wicket.protocol.http.WicketFilter.doGet(WicketFilter.java:355)
>> at
>> org.apache.wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:124)
>>
>> Anyone have any ideas what in the world is causing the jibberish? I am
>> using JDK 6 and Wicket 1.3.5.
>>
>> Thanks,
>>
>> Andrew
>>
>
