You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "stephen mallette (JIRA)" <ji...@apache.org> on 2015/09/28 23:34:04 UTC
[jira] [Commented] (TINKERPOP3-855) sasl authentication type error
due to Json format
[ https://issues.apache.org/jira/browse/TINKERPOP3-855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14934083#comment-14934083 ]
stephen mallette commented on TINKERPOP3-855:
---------------------------------------------
Thanks for digging into this one. I needed to dig in myself to make sure I understood what was going on and your description on this issue helped make things easier. You have about half of the solution - the other half is in how to do this without breaking stuff that's working (e.g. gryo and GraphSON with embedded types). Here's how I think you should formulate your pull request:
You suggested replacing this line with your code:
https://github.com/apache/incubator-tinkerpop/blob/ad27fce579a182de3ebf886fdbd85d5960852bdd/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/handler/SaslAuthenticationHandler.java#L76
To go a step further, I think you should test the type of {{ARGS_SASL}} and determine if it is a {{String}} or {{byte[]}} and then use your code or cast to {{byte[]}} accordingly. If it is neither of those options you should send back an error message (use the {{UNAUTHORIZED}} message as an example in the {{SaslAuthenticationHandler}}. I think you should use {{ResponseCode.REQUEST_ERROR_MALFORMED_REQUEST}}.
This work should be based on the tp30 branch that way we get this fix for 3.0.2 which we are preparing for release 10/19.
Does that make sense? Can you submit a pull request in the next few days based on that information?
> sasl authentication type error due to Json format
> -------------------------------------------------
>
> Key: TINKERPOP3-855
> URL: https://issues.apache.org/jira/browse/TINKERPOP3-855
> Project: TinkerPop 3
> Issue Type: Bug
> Components: server
> Affects Versions: 3.0.1-incubating
> Reporter: Dylan Millikin
> Assignee: stephen mallette
> Fix For: 3.1.0-incubating, 3.0.2-incubating
>
>
> The documentation states :
> {quote}The password should be an encoded sequence of UTF-8 bytes{quote}
> Thus the {{SaslAuthenticationHandler}} expects to receive a {{byte[]}} type var.
>
> However, using gremlin-server with {{GraphSonMessageSerializer}}, if I send the payload with the sasl argument (say {{\x00stephen\x00password}}) in response to a gremlin-server {{407}} authentication challenge, I will get the following error:
> {code}
> java.lang.ClassCastException: java.lang.String cannot be cast to [B
> at org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:74)
> {code}
> This seems "normal" in that Json does not support any binary dataType and the sasl argument will automatically be converted to {{String}}.
> I quickly tested a correction locally by changing [this line|https://github.com/apache/incubator-tinkerpop/blob/tp30/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/handler/SaslAuthenticationHandler.java#L74] to :
> {code}
> final String saslString = (String) requestMessage.getArgs().get(Tokens.ARGS_SASL);
> final byte[] saslResponse = saslString.getBytes(Charset.forName("UTF-8"));{code}
> This is clearly a breaking change, but it solved the Json issue.
> If you have any ideas on the way you want to go with this (or If I'm totally doing something wrong) let me know. I could probably make a PR for this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)