Details
-
Bug
-
Resolution: Done
-
Major
-
None
-
None
Description
I realise this is an invalid regex pattern (but valid glob), but should handle it better. Suggest you do try to compile the regex in javascript to see if it breaks (or perhaps lone * as special case).
* Connection #0 to host localhost left intact java.util.regex.PatternSyntaxException: Dangling meta character '*' near index 0 * ^ at java.util.regex.Pattern.error(Pattern.java:1924) at java.util.regex.Pattern.sequence(Pattern.java:2090) at java.util.regex.Pattern.expr(Pattern.java:1964) at java.util.regex.Pattern.compile(Pattern.java:1665) at java.util.regex.Pattern.<init>(Pattern.java:1337) at java.util.regex.Pattern.compile(Pattern.java:1022) at java.util.regex.Pattern.matches(Pattern.java:1128) at java.lang.String.matches(String.java:2063) at io.apiman.gateway.engine.policies.AuthorizationPolicy.isAuthorized(AuthorizationPolicy.java:111) at io.apiman.gateway.engine.policies.AuthorizationPolicy.doApply(AuthorizationPolicy.java:82) at io.apiman.gateway.engine.policies.AuthorizationPolicy.doApply(AuthorizationPolicy.java:45) at io.apiman.gateway.engine.policies.AbstractMappedPolicy.apply(AbstractMappedPolicy.java:67) at io.apiman.gateway.engine.policy.RequestChain.applyPolicy(RequestChain.java:65) at io.apiman.gateway.engine.policy.Chain.doApply(Chain.java:148) at io.apiman.plugins.keycloak_oauth_policy.KeycloakOauthPolicy.doApply(KeycloakOauthPolicy.java:114) at io.apiman.plugins.keycloak_oauth_policy.KeycloakOauthPolicy.doApply(KeycloakOauthPolicy.java:46) at io.apiman.gateway.engine.policies.AbstractMappedPolicy.apply(AbstractMappedPolicy.java:67) at io.apiman.gateway.engine.policy.RequestChain.applyPolicy(RequestChain.java:65) at io.apiman.gateway.engine.policy.Chain.doApply(Chain.java:148) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$2.handle(ServiceRequestExecutorImpl.java:239) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$2.handle(ServiceRequestExecutorImpl.java:193) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$5.handle(ServiceRequestExecutorImpl.java:382) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$5.handle(ServiceRequestExecutorImpl.java:352) at io.apiman.gateway.engine.policy.PolicyFactoryImpl.loadPolicy(PolicyFactoryImpl.java:81) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.loadPolicies(ServiceRequestExecutorImpl.java:352) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.access$1400(ServiceRequestExecutorImpl.java:75) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:261) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:247) at io.apiman.gateway.engine.impl.InMemoryRegistry.getService(InMemoryRegistry.java:196) at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.execute(ServiceRequestExecutorImpl.java:246) at io.apiman.gateway.platforms.servlet.GatewayServlet.doAction(GatewayServlet.java:234) at io.apiman.gateway.platforms.servlet.GatewayServlet.doGet(GatewayServlet.java:80) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:744)