Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-855

sasl authentication type error due to Json format

    Details

      Description

      The documentation states :

      The password should be an encoded sequence of UTF-8 bytes

      Thus the SaslAuthenticationHandler expects to receive a byte[] type var.

      However, using gremlin-server with GraphSonMessageSerializer, if I send the payload with the sasl argument (say \x00stephen\x00password) in response to a gremlin-server 407 authentication challenge, I will get the following error:

      java.lang.ClassCastException: java.lang.String cannot be cast to [B
      	at org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:74)
      

      This seems "normal" in that Json does not support any binary dataType and the sasl argument will automatically be converted to String.

      I quickly tested a correction locally by changing this line to :

      final String saslString = (String) requestMessage.getArgs().get(Tokens.ARGS_SASL);
      final byte[] saslResponse = saslString.getBytes(Charset.forName("UTF-8"));

      This is clearly a breaking change, but it solved the Json issue.

      If you have any ideas on the way you want to go with this (or If I'm totally doing something wrong) let me know. I could probably make a PR for this.

        Attachments

          Activity

            People

            • Assignee:
              spmallette stephen mallette
              Reporter:
              dmill Dylan Millikin
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: