You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Rob Young (JIRA)" <ji...@apache.org> on 2017/02/23 19:57:44 UTC

[jira] [Updated] (SHIRO-615) Refine error message for incorrectly configured rememberMe cipherKey

     [ https://issues.apache.org/jira/browse/SHIRO-615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rob Young updated SHIRO-615:
----------------------------
    Description: 
Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.

h4. Sample Error
{code}
ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
java.lang.IllegalArgumentException: Odd number of characters.
	at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
{code}

  was:
Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.

{code}
14:53:50.464 [admin-listener(11)] ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
java.lang.IllegalArgumentException: Odd number of characters.
	at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
	at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
{code}


> Refine error message for incorrectly configured rememberMe cipherKey
> --------------------------------------------------------------------
>
>                 Key: SHIRO-615
>                 URL: https://issues.apache.org/jira/browse/SHIRO-615
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Rob Young
>            Priority: Minor
>
> Currently if the shiro configuration key *securityManager.rememberMeManager.cipherKey* is set incorrectly, an error is logged via a stack trace.  Unfortunately, this stack trace and associated error message do not provide much context and could be refined to indicate that the source of the error was the cipherKey.
> h4. Sample Error
> {code}
> ERROR o.a.shiro.web.env.EnvironmentLoader - Shiro environment initialization failed
> java.lang.IllegalArgumentException: Odd number of characters.
> 	at org.apache.shiro.codec.Hex.decode(Hex.java:128) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.codec.Hex.decode(Hex.java:107) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder.toBytes(ReflectionBuilder.java:544) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:711) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder.applySingleProperty(ReflectionBuilder.java:364) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder.applyProperty(ReflectionBuilder.java:325) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder$AssignmentStatement.doExecute(ReflectionBuilder.java:955) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder$Statement.execute(ReflectionBuilder.java:887) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder$BeanConfigurationProcessor.execute(ReflectionBuilder.java:765) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:260) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:167) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:130) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:108) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:94) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47) ~[shiro-core-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203) ~[shiro-web-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99) ~[shiro-web-1.3.2.jar:1.3.2]
> 	at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92) ~[shiro-web-1.3.2.jar:1.3.2]
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)