Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: 0.8.0.Final
Component/s: None
Labels:
None

Docs QE Status:
NEW
QE Status:
NEW

Working on ~~RHBPMS-473~~, I noticed that UF is swallowing security exceptions in the following way:

An exception caught in JAASAuthenticationService.login is rethrown: https://github.com/uberfire/uberfire/blob/master/uberfire-backend/uberfire-backend-server/src/main/java/org/uberfire/backend/server/security/JAASAuthenticationService.java#L78-L80 -> ok
The calling class, however, just silently discards this exception: https://github.com/uberfire/uberfire/blob/master/uberfire-backend/uberfire-backend-server/src/main/java/org/uberfire/backend/server/security/IOServiceSecuritySetup.java#L87-L89

This makes debugging login issues unnecessarily hard.

For reference, here is the full stack trace (after I added e.printStackTrace() into the JAASAuthenticationService.login method:

13:51:01,471 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.as.security.remoting.RemotingLoginModule
13:51:01,472 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:794)
13:51:01,472 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
13:51:01,472 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
13:51:01,472 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
13:51:01,472 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at java.security.AccessController.doPrivileged(Native Method)
13:51:01,473 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
13:51:01,473 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
13:51:01,473 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at org.uberfire.backend.server.security.JAASAuthenticationService.login(JAASAuthenticationService.java:76)
13:51:01,473 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at org.uberfire.backend.server.security.IOServiceSecuritySetup$2.authenticate(IOServiceSecuritySetup.java:101)
13:51:01,473 ERROR [stderr] (sshd-SshServer[416a86dc]-nio2-thread-3) 	at org.uberfire.java.nio.fs.jgit.daemon.ssh.GitSSHService$2.authenticate(GitSSHService.java:98)

relates to

RHBPMS-473 Git + SSH Cloning of Business Central Git Repository Fails if Java Security Manager is Enabled

Closed

Assignee:: Alexandre Porcelli

Reporter:: Martin Weiler (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2016/10/13 8:41 AM

Updated:: 2022/09/09 7:08 AM

Resolved:: 2016/10/14 3:15 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates