You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Kalle Korhonen (JIRA)" <ji...@apache.org> on 2010/10/12 03:01:33 UTC
[jira] Resolved: (SHIRO-183) Unable to correctly extract the
Initialization Vector or ciphertext
[ https://issues.apache.org/jira/browse/SHIRO-183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kalle Korhonen resolved SHIRO-183.
----------------------------------
Resolution: Fixed
I believe the root cause of the issue is that Max-Age attribute wasn't written at all (instead it was using non-standard Expires). Added and using both now, other checks left in place as well.
> Unable to correctly extract the Initialization Vector or ciphertext
> -------------------------------------------------------------------
>
> Key: SHIRO-183
> URL: https://issues.apache.org/jira/browse/SHIRO-183
> Project: Shiro
> Issue Type: Bug
> Components: Subject
> Affects Versions: 1.0.0
> Environment: GNU/Linux Debian Lenny, Java 1.6
> Reporter: RynekMedyczny.pl
> Assignee: Kalle Korhonen
> Priority: Trivial
> Fix For: 1.1.0
>
> Attachments: shiro.ini
>
>
> I obtain following exception while entering the secure page:
> [java] 101637 [http-8080-1] WARN org.apache.shiro.mgt.DefaultSecurityManager - Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during getRememberedPrincipals().
> [java] org.apache.shiro.crypto.CryptoException: Unable to correctly extract the Initialization Vector or ciphertext.
> [java] at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:381)
> [java] at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:491)
> [java] at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:431)
> [java] at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:398)
> [java] at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:567)
> [java] at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:434)
> [java] at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:335)
> [java] at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
> [java] at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:149)
> [java] at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:202)
> [java] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:269)
> [java] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
> [java] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> [java] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> [java] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> [java] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> [java] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> [java] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> [java] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> [java] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
> [java] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852)
> [java] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
> [java] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
> [java] at java.lang.Thread.run(Thread.java:619)
> [java] Caused by: java.lang.ArrayIndexOutOfBoundsException
> [java] at java.lang.System.arraycopy(Native Method)
> [java] at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:373)
> [java] ... 23 more
> Of course I have set the "securityManager.rememberMeManager.cipherKey" in shiro.ini but it did not help.
> kind regards.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.