Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-18122

[GSS](7.2.z) File upload (multipart) with Picketlink fails with sizes over 20k (using Apache Commons FileUpload)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 7.2.7.CR1, 7.2.7.GA
    • 7.2.2.GA
    • Security
    • None
    • 13
    • +
    • Hide

      Use two attached reproducers (idp.war and reproducer.war) plus IDP and SP security-domains from:
      https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/how_to_set_up_sso_with_saml_v2/index#setting_up_idp

      Also, create a test user with group membership in "user".

      Then visit: http::<hostname:port>/reproducer, login and try to upload a file. A successful file upload will indicate 1 file uploaded, but failed ones show 0 files uploaded.

      Show
      Use two attached reproducers (idp.war and reproducer.war) plus IDP and SP security-domains from: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/how_to_set_up_sso_with_saml_v2/index#setting_up_idp Also, create a test user with group membership in "user". Then visit: http::<hostname:port>/reproducer, login and try to upload a file. A successful file upload will indicate 1 file uploaded, but failed ones show 0 files uploaded.

      This is a followup to JBEAP-17829 - WFLY-12705 - File upload fails with IllegalStateException when PicketLink SSO is enabled

      The patch resolved a portion of the file upload issues, but uploads over a certain size fail (appears to be ~20k but I don't have a precise number).

      This issue occurs only with picketlink security and doing file uploads

      The reproducer shows that the request class differs between successful uploads and unsuccessful uploads:

      Successful calls use SPFormAuthenticationRequestWrapper:
      [cdolphy@styx jboss-eap-7.2]$ 10:52:41,761 INFO [stdout] (default task-2) Class of Request - org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationRequestWrapper
      10:52:41,764 INFO [stdout] (default task-2) item is name=jboss-fileupload-swallowed-exception.txt, StoreLocation=/home/cdolphy/gss/cases/02523510/jboss-eap-7.2/standalone/tmp/reproducer.war/upload_3c1122fc_16ea378ffdc__8000_00000003.tmp, size=9449bytes, isFormField=false, FieldName=fileupload

      But unsuccessful requests use HttpServletRequestImpl:
      10:53:02,818 INFO [stdout] (default task-2) Class of Request - io.undertow.servlet.spec.HttpServletRequestImpl

        1. idp.war
          2 kB
        2. reproducer.war
          149 kB
        3. reproducer.zip
          664 kB

            spyrkob Bartosz Spyrko-Smietanko
            rhn-support-cdolphy Chris Dolphy
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: