You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alex Rudyy (JIRA)" <ji...@apache.org> on 2016/10/03 14:40:20 UTC
[jira] [Created] (QPID-7444) [Java Broker] 500 http status code is
returned on attempt to start SASL negotiation using SASL mechanism not
supported by authentication provider
Alex Rudyy created QPID-7444:
--------------------------------
Summary: [Java Broker] 500 http status code is returned on attempt to start SASL negotiation using SASL mechanism not supported by authentication provider
Key: QPID-7444
URL: https://issues.apache.org/jira/browse/QPID-7444
Project: Qpid
Issue Type: Task
Components: Java Broker
Affects Versions: qpid-java-6.0.4, qpid-java-6.0.3, qpid-java-6.0.2, qpid-java-6.0.1, qpid-java-6.0
Reporter: Alex Rudyy
When http client attempts to start SASL negotiation using mechanism which is unsupported by authentication provider, 500 http status code is returned by the broker which is used to report a server error.
It seems that server should return 403 http status code in this case.
The exception reported into broker log is below
{noformat}
2016-09-23 10:29:25,806 INFO [HttpManagement-HTTP-251] (o.a.q.s.m.p.f.ExceptionHandlingFilter) - Exception in servlet '/service/sasl' : javax.security.sasl.SaslException: Unsupported mechanism: CRAM-MD5.
Supported mechanisms: [SCRAM-SHA-256]
2016-09-23 10:29:25,813 WARN [HttpManagement-HTTP-251] (o.e.j.s.ServletHandler) - /service/sasl
org.apache.qpid.server.util.ConnectionScopedRuntimeException: javax.security.sasl.SaslException: Unsupported mechanism: CRAM-MD5.
Supported mechanisms: [SCRAM-SHA-256]
at org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:245) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:117) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595) ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668) ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:70) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247) ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210) ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467) ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501) [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429) [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.Server.handle(Server.java:370) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) [jetty-http-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696) [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53) [jetty-io-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.17.v20150415.jar:8.1.17.v20150415]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_77]
Caused by: javax.security.sasl.SaslException: Unsupported mechanism: CRAM-MD5.
Supported mechanisms: [SCRAM-SHA-256]
at org.apache.qpid.server.security.SubjectCreator.createSaslServer(SubjectCreator.java:102) ~[qpid-broker-core-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:133) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:123) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:119) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
at java.security.AccessController.doPrivileged(Native Method) ~[na:1.8.0_77]
at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_77]
at org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:220) ~[qpid-broker-plugins-management-http-6.1.0-SNAPSHOT.jar:6.1.0-SNAPSHOT]
... 36 common frames omitted
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org