You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@archiva.apache.org by "Olivier Lamy (*$^¨%`£ JIRA)" <ji...@apache.org> on 2015/11/30 07:05:11 UTC
[jira] [Updated] (MRM-1901) Change Password via Edit Details button
not working
[ https://issues.apache.org/jira/browse/MRM-1901?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olivier Lamy (*$^¨%`£) updated MRM-1901:
----------------------------------------
Fix Version/s: 2.2.1
> Change Password via Edit Details button not working
> ---------------------------------------------------
>
> Key: MRM-1901
> URL: https://issues.apache.org/jira/browse/MRM-1901
> Project: Archiva
> Issue Type: Bug
> Components: Users/Security
> Affects Versions: 2.2.0
> Environment: Centos 7.0.1406, Apache Derby, Database User Manager, Database Rbac Manager
> Reporter: Jasvinder Bahra
> Labels: security
> Fix For: 2.2.1
>
>
> After logging into our Archiva instance, I can click on the Edit Details button to change the password. I enter the existing password and the new password (twice) and click the OK button. The dialog remains on screen with no indication of what has happened. After a while, I closed by web browser window and opened a new one - I then attempted to login with the new password, only to find that the password change had not occurred.
> After an investigation, I found that the change password dialog was making a POST to "/restServices/redbackServices/userService/updateMe", which was failing with a 500 Internal Server Error. The stack trace follows...
> {quote}
> java.lang.RuntimeException: org.apache.cxf.interceptor.Fault: fromIndex(0) > toIndex(-1)
> at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:371)
> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
> at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
> at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
> at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
> at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
> at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
> at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
> at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
> at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
> at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
> at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
> at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
> at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: org.apache.cxf.interceptor.Fault: fromIndex(0) > toIndex(-1)
> at org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:163)
> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:129)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:200)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> ... 39 more
> Caused by: java.lang.IllegalArgumentException: fromIndex(0) > toIndex(-1)
> at java.util.ArrayList.subListRangeCheck(ArrayList.java:964)
> at java.util.ArrayList.subList(ArrayList.java:954)
> at org.apache.archiva.redback.policy.DefaultUserSecurityPolicy.extensionChangePassword(DefaultUserSecurityPolicy.java:317)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:343)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:327)
> at org.apache.archiva.web.security.ArchivaConfigurableUsersManager.updateUser(ArchivaConfigurableUsersManager.java:392)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateUser(DefaultUserService.java:386)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateMe(DefaultUserService.java:367)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
> ... 44 more
> </pre>
> <h3>Caused by:</h3><pre>org.apache.cxf.interceptor.Fault: fromIndex(0) > toIndex(-1)
> at org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:163)
> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:129)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:200)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
> at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
> at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
> at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
> at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
> at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
> at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
> at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
> at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
> at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
> at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
> at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
> at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalArgumentException: fromIndex(0) > toIndex(-1)
> at java.util.ArrayList.subListRangeCheck(ArrayList.java:964)
> at java.util.ArrayList.subList(ArrayList.java:954)
> at org.apache.archiva.redback.policy.DefaultUserSecurityPolicy.extensionChangePassword(DefaultUserSecurityPolicy.java:317)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:343)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:327)
> at org.apache.archiva.web.security.ArchivaConfigurableUsersManager.updateUser(ArchivaConfigurableUsersManager.java:392)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateUser(DefaultUserService.java:386)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateMe(DefaultUserService.java:367)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
> ... 44 more
> </pre>
> <h3>Caused by:</h3><pre>java.lang.IllegalArgumentException: fromIndex(0) > toIndex(-1)
> at java.util.ArrayList.subListRangeCheck(ArrayList.java:964)
> at java.util.ArrayList.subList(ArrayList.java:954)
> at org.apache.archiva.redback.policy.DefaultUserSecurityPolicy.extensionChangePassword(DefaultUserSecurityPolicy.java:317)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:343)
> at org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:327)
> at org.apache.archiva.web.security.ArchivaConfigurableUsersManager.updateUser(ArchivaConfigurableUsersManager.java:392)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateUser(DefaultUserService.java:386)
> at org.apache.archiva.redback.rest.services.DefaultUserService.updateMe(DefaultUserService.java:367)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:200)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
> at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
> at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
> at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
> at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
> at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
> at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
> at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
> at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
> at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
> at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
> at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
> at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
> at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
> at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> at java.lang.Thread.run(Thread.java:745)
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)