Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-4284

HotRod digest-md5 auth provides wrong callback

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.0.0.Beta1
    • None
    • Server
    • None

    Description

      HotRod DIGEST-MD5 auth fails with 

      ERROR [org.infinispan.server.hotrod.HotRodDecoder] (HotRodServerWorker-12) ISPN005009: Unexpected error before any request parameters read: io.netty.handler.codec.DecoderException: or
g.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
        at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:417) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:141) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at org.infinispan.server.core.AbstractProtocolDecoder.channelRead(AbstractProtocolDecoder.scala:470) [infinispan.jar:7.0.0-SNAPSHOT]
        at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:341) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:327) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:494) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:461) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:378) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:350) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform call16:23:08,225 WARN  [Codec20] (main) ISPN004005: Error received from the server: io.net
ty.handler.codec.DecoderException: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callba
ck.UnsupportedCallbackException]
back to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
        at org.infinispan.server.hotrod.HotRodDecoder.createServerException(HotRodDecoder.scala:193) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:117) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.decode(AbstractProtocolDecoder.scala:58) [infinispan.jar:7.0.0-SNAPSHOT]
        at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:362) [netty-all-4.0.18.Final.jar:4.0.18.Final]
        ... 12 more
Caused by: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
        at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:600) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
        at org.jboss.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.java:253) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
        at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:214) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:139) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:147) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:95) [infinispan.jar:7.0.0-SNAPSHOT]
        ... 14 more
Caused by: javax.security.auth.callback.UnsupportedCallbackException
        at org.jboss.as.domain.management.security.PropertiesCallbackHandler.handle(PropertiesCallbackHandler.java:164) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
        at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:168) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
        at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$RealmAuthorizingCallbackHandler.handle(EndpointServerAuthenticationProvider.java:74) [infinispan-server-endpoints-7.0.0-
SNAPSHOT.jar:7.0.0-SNAPSHOT]
        at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:594) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
        ... 19 more

      Instead of DigestHashCallback is provided PasswordCallback whichi results into above UnsupportedCallbackException if password is not stored in plain on server.

      Attachments

        Activity

          People

            ttarrant@redhat.com Tristan Tarrant
            vjuranek@redhat.com Vojtech Juranek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: