]
Galder Zamarreño updated ISPN-4284:
-----------------------------------
Status: Resolved (was: Pull Request Sent)
Fix Version/s: 7.0.0.Beta1
Resolution: Done
HotRod digest-md5 auth provides wrong callback
----------------------------------------------
Key: ISPN-4284
URL:
https://issues.jboss.org/browse/ISPN-4284
Project: Infinispan
Issue Type: Bug
Components: Server
Reporter: Vojtech Juranek
Assignee: Tristan Tarrant
Fix For: 7.0.0.Beta1
HotRod DIGEST-MD5 auth fails with
{noformat}
ERROR [org.infinispan.server.hotrod.HotRodDecoder] (HotRodServerWorker-12) ISPN005009:
Unexpected error before any request parameters read:
io.netty.handler.codec.DecoderException: or
g.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException:
DIGEST-MD5: Cannot perform callback to acquire password [Caused by
javax.security.auth.callback.UnsupportedCallbackException]
at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:417)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:141)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
org.infinispan.server.core.AbstractProtocolDecoder.channelRead(AbstractProtocolDecoder.scala:470)
[infinispan.jar:7.0.0-SNAPSHOT]
at
io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:341)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:327)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:116)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:494)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:461)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:378)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:350)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at
io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.infinispan.server.hotrod.HotRodException:
javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform call16:23:08,225 WARN
[Codec20] (main) ISPN004005: Error received from the server:
io.net
ty.handler.codec.DecoderException: org.infinispan.server.hotrod.HotRodException:
javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password
[Caused by javax.security.auth.callba
ck.UnsupportedCallbackException]
back to acquire password [Caused by
javax.security.auth.callback.UnsupportedCallbackException]
at
org.infinispan.server.hotrod.HotRodDecoder.createServerException(HotRodDecoder.scala:193)
[infinispan.jar:7.0.0-SNAPSHOT]
at
org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:117)
[infinispan.jar:7.0.0-SNAPSHOT]
at
org.infinispan.server.core.AbstractProtocolDecoder.decode(AbstractProtocolDecoder.scala:58)
[infinispan.jar:7.0.0-SNAPSHOT]
at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:362)
[netty-all-4.0.18.Final.jar:4.0.18.Final]
... 12 more
Caused by: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to
acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
at
org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:600)
[jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
at
org.jboss.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.java:253)
[jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:214)
[infinispan.jar:7.0.0-SNAPSHOT]
at
org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:139)
[infinispan.jar:7.0.0-SNAPSHOT]
at
org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:147)
[infinispan.jar:7.0.0-SNAPSHOT]
at
org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:95)
[infinispan.jar:7.0.0-SNAPSHOT]
... 14 more
Caused by: javax.security.auth.callback.UnsupportedCallbackException
at
org.jboss.as.domain.management.security.PropertiesCallbackHandler.handle(PropertiesCallbackHandler.java:164)
[jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
at
org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:168)
[jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
at
org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$RealmAuthorizingCallbackHandler.handle(EndpointServerAuthenticationProvider.java:74)
[infinispan-server-endpoints-7.0.0-
SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:594)
[jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
... 19 more
{noformat}
Instead of {{DigestHashCallback}} is provided {{PasswordCallback}} whichi results into
above {{UnsupportedCallbackException}} if password is not stored in plain on server.