Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: 1.5.1
    • Fix Version/s: None
    • Component/s: wicket
    • Labels:
      None
    • Environment:
      Mac OSX 10.7.2
      java version "1.6.0_26"
      Java(TM) SE Runtime Environment (build 1.6.0_26-b03-383-11A511)
      Java HotSpot(TM) 64-Bit Server VM (build 20.1-b02-383, mixed mode)

      Description

      CryptoMapper throws the following exception (see attached QuickStart):

      ERROR - AbstractCrypt              - Error decoding text: style.css
      java.lang.RuntimeException: Unable to decrypt the text '�ܥy�,'
      	at org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:150)
      	at org.apache.wicket.util.crypt.AbstractCrypt.decryptUrlSafe(AbstractCrypt.java:66)
      	at org.apache.wicket.request.mapper.CryptoMapper.decryptUrl(CryptoMapper.java:159)
      	at org.apache.wicket.request.mapper.CryptoMapper.mapRequest(CryptoMapper.java:102)
      	at org.apache.wicket.request.mapper.CompoundRequestMapper.mapRequest(CompoundRequestMapper.java:130)
      	at org.apache.wicket.request.cycle.RequestCycle.resolveRequestHandler(RequestCycle.java:179)
      	at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:204)
      	at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:251)
      	at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:162)
      	at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:218)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
      	at org.eclipse.jetty.server.Server.handle(Server.java:349)
      	at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
      	at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904)
      	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565)
      	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217)
      	at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50)
      	at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
      	at java.lang.Thread.run(Thread.java:680)
      Caused by: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
      	at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
      	at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
      	at com.sun.crypto.provider.SunJCE_ab.b(DashoA13*..)
      	at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(DashoA13*..)
      	at javax.crypto.Cipher.doFinal(DashoA13*..)
      	at org.apache.wicket.util.crypt.SunJceCrypt.crypt(SunJceCrypt.java:94)
      	at org.apache.wicket.util.crypt.AbstractCrypt.decryptByteArray(AbstractCrypt.java:146)
      	... 30 more
      ERROR - CryptoMapper               - Error decrypting URL
      java.lang.IllegalArgumentException: Argument 'url' may not be null.
      	at org.apache.wicket.util.lang.Args.notNull(Args.java:39)
      	at org.apache.wicket.request.Url.parse(Url.java:127)
      	at org.apache.wicket.request.mapper.CryptoMapper.decryptUrl(CryptoMapper.java:160)
      	at org.apache.wicket.request.mapper.CryptoMapper.mapRequest(CryptoMapper.java:102)
      	at org.apache.wicket.request.mapper.CompoundRequestMapper.mapRequest(CompoundRequestMapper.java:130)
      	at org.apache.wicket.request.cycle.RequestCycle.resolveRequestHandler(RequestCycle.java:179)
      	at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:204)
      	at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:251)
      	at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:162)
      	at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:218)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
      	at org.eclipse.jetty.server.Server.handle(Server.java:349)
      	at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
      	at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904)
      	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565)
      	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217)
      	at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50)
      	at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
      	at java.lang.Thread.run(Thread.java:680)
      
      

        Issue Links

          Activity

          Hide
          Sven Meier added a comment -

          See further investigation in WICKET-4140

          Show
          Sven Meier added a comment - See further investigation in WICKET-4140
          Hide
          Tom Götz added a comment - - edited

          But as stated in WICKET-4140, when "Home" is mounted after the CryptoMapper, then AJAX links eg in AjaxTabbedPanel are not encrypted on that page, so for me this is a lose-lose situation currently. I need all links (also AJAX) encrypted (customer demand) which blocks me from upgrading to 1.5.x currently ...

          Show
          Tom Götz added a comment - - edited But as stated in WICKET-4140 , when "Home" is mounted after the CryptoMapper, then AJAX links eg in AjaxTabbedPanel are not encrypted on that page, so for me this is a lose-lose situation currently. I need all links (also AJAX) encrypted (customer demand) which blocks me from upgrading to 1.5.x currently ...
          Hide
          Martin Grigorov added a comment -

          I think you should mount "Home" after the setup of CryptoMapper. This way it will be used as entry point to your application.
          Most of the time this is '/' (the default home mount point) but since you want different mount point for your home page then you need to make it available (not encrypted).

          Show
          Martin Grigorov added a comment - I think you should mount "Home" after the setup of CryptoMapper. This way it will be used as entry point to your application. Most of the time this is '/' (the default home mount point) but since you want different mount point for your home page then you need to make it available (not encrypted).
          Hide
          Tom Götz added a comment - - edited

          I have the feeling that this error occures because CryptoMapper tries to decrypt "Home", which he shouldn't ... (not debugged yet, just a gut feeling).

          Show
          Tom Götz added a comment - - edited I have the feeling that this error occures because CryptoMapper tries to decrypt "Home", which he shouldn't ... (not debugged yet, just a gut feeling).
          Hide
          Tom Götz added a comment -

          The defect in my opinion is (as already stated in WICKET-4140): when using CryptoMapper it is no longer possible to access mounted pages by the URL.

          In Application#init():

          mountPage("Home", HomePage.class);
          setRootRequestMapper(new CryptoMapper(getRootRequestMapper(), this));

          Now try to access localhost:8080/Home ---> 404 and exceptions beeing thrown.

          Show
          Tom Götz added a comment - The defect in my opinion is (as already stated in WICKET-4140 ): when using CryptoMapper it is no longer possible to access mounted pages by the URL. In Application#init(): mountPage("Home", HomePage.class); setRootRequestMapper(new CryptoMapper(getRootRequestMapper(), this)); Now try to access localhost:8080/Home ---> 404 and exceptions beeing thrown.
          Hide
          Sven Meier added a comment -

          Note that these exceptions are catched and logged in CryptoMapper. Are you complaining about excessive logging or an actual defect? Thanks.

          Show
          Sven Meier added a comment - Note that these exceptions are catched and logged in CryptoMapper. Are you complaining about excessive logging or an actual defect? Thanks.
          Hide
          Tom Götz added a comment -

          Ok, but this is not yet the cause of the exception beeing thrown, is it?

          Show
          Tom Götz added a comment - Ok, but this is not yet the cause of the exception beeing thrown, is it?
          Hide
          Sven Meier added a comment -

          Note that the default key of SunJceCrypt ("WiCkEt-CrYpT") is different from that used when Wicket is started ("WiCkEt-FRAMEwork"). This is why s1 is null in your test.

          Show
          Sven Meier added a comment - Note that the default key of SunJceCrypt ("WiCkEt-CrYpT") is different from that used when Wicket is started ("WiCkEt-FRAMEwork"). This is why s1 is null in your test.
          Hide
          Tom Götz added a comment -

          Very easy to test:

          SunJceCrypt crypt = new SunJceCrypt();
          String s1 = crypt.decryptUrlSafe("fJYHb5uKsGk"); // segment generated by CrytoMapper
          assertNotNull(s1);
          String s2 = crypt.decryptUrlSafe("Home");
          assertNotNull(s2);

          Show
          Tom Götz added a comment - Very easy to test: SunJceCrypt crypt = new SunJceCrypt(); String s1 = crypt.decryptUrlSafe("fJYHb5uKsGk"); // segment generated by CrytoMapper assertNotNull(s1); String s2 = crypt.decryptUrlSafe("Home"); assertNotNull(s2);
          Hide
          Tom Götz added a comment -

          I debugged this a bit: the exception is thrown in org.apache.wicket.util.crypt.SunJceCrypt, line 94 (Wicket 1.5.1).

          Show
          Tom Götz added a comment - I debugged this a bit: the exception is thrown in org.apache.wicket.util.crypt.SunJceCrypt, line 94 (Wicket 1.5.1).

            People

            • Assignee:
              Sven Meier
              Reporter:
              Tom Götz
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development