[jira] [Updated] (SHIRO-615) Refine error message for incorrectly configured rememberMe cipherKey

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Updated] (SHIRO-615) Refine error message for incorrectly configured rememberMe cipherKey

JIRA jira@apache.org

     [ https://issues.apache.org/jira/browse/SHIRO-615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rob Young updated SHIRO-615:
----------------------------
    Description:
Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.

h4. Sample Error
{code}
ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
java.lang.IllegalArgumentException: Odd number of characters.
        at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
{code}

  was:
Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.

{code}
14:53:50.464 [admin-listener(11)] ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
java.lang.IllegalArgumentException: Odd number of characters.
        at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
        at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
{code}


> Refine error message for incorrectly configured rememberMe cipherKey
> --------------------------------------------------------------------
>
>                 Key: SHIRO-615
>                 URL: https://issues.apache.org/jira/browse/SHIRO-615
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Rob Young
>            Priority: Minor
>
> Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.
> h4. Sample Error
> {code}
> ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
> java.lang.IllegalArgumentException: Odd number of characters.
> at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
> at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
> at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
> at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)