You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "Dylan Millikin (JIRA)" <ji...@apache.org> on 2015/09/25 06:56:04 UTC
[jira] [Created] (TINKERPOP3-855) sasl authentication type error
due to Json format
Dylan Millikin created TINKERPOP3-855:
-----------------------------------------
Summary: sasl authentication type error due to Json format
Key: TINKERPOP3-855
URL: https://issues.apache.org/jira/browse/TINKERPOP3-855
Project: TinkerPop 3
Issue Type: Bug
Components: server
Affects Versions: 3.0.1-incubating
Reporter: Dylan Millikin
Assignee: stephen mallette
The documentation states :
{quote}The password should be an encoded sequence of UTF-8 bytes{quote}
Thus the {{SaslAuthenticationHandler}} expects to receive a {{byte[]}} type var.
However, using gremlin-server with {{GraphSonMessageSerializer}}, if I send the payload with the sasl argument (say {{\x00stephen\x00password}}) in response to a gremlin-server {{407}} authentication challenge, I will get the following error:
{code}
java.lang.ClassCastException: java.lang.String cannot be cast to [B
at org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:74)
{code}
This seems "normal" in that Json does not support any binary dataType and the sasl argument will automatically be converted to {{String}}.
I quickly tested a correction locally by changing [this line|https://github.com/apache/incubator-tinkerpop/blob/tp30/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/handler/SaslAuthenticationHandler.java#L74] to :
{code}
final String saslString = new String(requestMessage.getArgs().get(Tokens.ARGS_SASL));
final byte[] saslResponse = saslString.getBytes(Charset.forName("UTF-8"));{code}
And this seems to work (though clearly not the cleanest because of the potential roundtrip). I haven't run the full test suit but I would expect this to pass as it shouldn't be BC breaking.
If you have any other ideas (or If I'm totally doing something wrong) let me know. I could probably make a PR for this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)