Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-855

sasl authentication type error due to Json format

    XMLWordPrintableJSON

Details

    Description

      The documentation states :

      The password should be an encoded sequence of UTF-8 bytes

      Thus the SaslAuthenticationHandler expects to receive a byte[] type var.

      However, using gremlin-server with GraphSonMessageSerializer, if I send the payload with the sasl argument (say \x00stephen\x00password) in response to a gremlin-server 407 authentication challenge, I will get the following error:

      java.lang.ClassCastException: java.lang.String cannot be cast to [B
      	at org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:74)
      

      This seems "normal" in that Json does not support any binary dataType and the sasl argument will automatically be converted to String.

      I quickly tested a correction locally by changing this line to :

      final String saslString = (String) requestMessage.getArgs().get(Tokens.ARGS_SASL);
      final byte[] saslResponse = saslString.getBytes(Charset.forName("UTF-8"));

      This is clearly a breaking change, but it solved the Json issue.

      If you have any ideas on the way you want to go with this (or If I'm totally doing something wrong) let me know. I could probably make a PR for this.

      Attachments

        Activity

          People

            spmallette Stephen Mallette
            dmill Dylan Millikin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: