I deployed an existing Maven project in my Tomcat Server on Windows7 environment. I'm using tomcat7 , spring-security-core 3.1.0 .
However, everytime I'm logging in my webapp, I received an error
java.lang.IllegalArgumentException: Non-hex character in input
The code is working perfectly fine in Linux environment. So I was thinking it's because I'm using windows7 in my local environment. When I look into the internet I saw that's it's a encoding issue between linux and windows.
I tried setting up
JAVA_TOOL_OPTIONS -Dfile.encoding=UTF8
but haven't succeeded. Please help me out. Thanks in advance!
Most likely, when you login, events happen is such order:
Spring selects an entity from DB by username.
Spring must check inputted password for match with stored encoded password.
To check for a match, Spring uses PasswordEncoder, which you have most likely configured.
Your password encoder expects that stored encoded password is a hexidecimal char sequence (previously encoded by this PasswordEncoder). Thus, it tries to decode CharSequence into byte[], but fails (source).
The solution is to persist users with previously encoded password, e.g. by BCryptPasswordEncoder.
Answer Alex Derkach is right for me!
In my case i have DB with straight store password(develop) looks like User=roor, psw=root.
So when i comment(delete) .passwordEncoder(new StandardPasswordEncoder("53c433t")); ! its work
!!But is wrong, password must be stored in encrypted form!!!
A possible reason for this is mixing password encoders. There're different implementations of PasswordEncoder. And, for example, if you use SymmetricPasswordEncoder for encoding and StandardPasswordEncoder for decoding you may get this exception.
Related
I have been trying to use the java jdk to Couchbase. sdk v 3.2.3
However I find it strange that the examples provided never supply any password while connecting. Also I created a read-only user, and I see that the there is nowhere to provide the user-name while opening a bucket from a cluster, you only provide the password. I tried using the password for the admin and for the read-only user that I created. But it would fail with couchbase.client.java.error.InvalidPasswordException: Passwords for bucket "myBucket" do not match. It is the same password that I use when I login to the admin console, yet this password doesnot work. Only the empty password works.
I am confused and don't get the hang of it?
Anybody knows about this?
My aim was to create a read-only user and use this user credentials to only read data from couchbase for a specific module which is only supposed to read data.
At this moment, there is no read only data access to a bucket in Couchbase. Stay tuned as there will be lots of security changes in the coming versions of Couchbase.
I am trying to write a file to HDFS cluster from My windows machine but getting following error
org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.AccessControlException):
Permission denied: user=..., access=WRITE ,
inode="/user/hadoop/Hadoop_File.txt":hdfs:hdfs:-rw-r--r--
In my hadoop configuration
hadoop.security.auth_to_local is set to DEFAULT
hadoop.security.authentication is set to SIMPLE
if i mention user name as "hdfs" by doing
System.setProperty("HADOOP_USER_NAME", "hdfs");
everything works fine .
but if the policy is simple it means no authentication it should allow any user to create file
Help me in understanding why this is happening
I got the answer :) you have to configure dfs.permissions.enable = false ,it was true in my case once it is turned off ,it doesn't complains for any user used
Simple authentication in Hadoop means you don't need to prove who you are, for example with a password or token, but you still need to say who you are. Whichever user you assert yourself to be, Hadoop will believe you and adopt user name for the operation you request.
There are still permissions in place on HDFS (you can see that with hdfs:hdfs:-rw-r--r-- in your message above), so you need to assert yourself to be a user who has the necessary permissions for your operation, which is what you did with System.setProperty("HADOOP_USER_NAME", "hdfs");
The short version is, identity is not the same as authentication :)
I am trying to configure it so that Karaf can access a Nexus Sonatype Server using a password which contains special characters.
I found the link here: https://ops4j1.jira.com/wiki/display/paxurl/Mvn+Protocol#MvnProtocol-repositories which specifies the need to use the format of http://user:password#host in the org.ops4j.pax.url.mvn.repositories portion of the configs. When I tried to use, say, an '#' in the password, I ran into the issue of it not being able to interpret this. So for instance:
http://user:p#ssword#host.example.com would complain about "unknown host" ssword#host.example.com.
I tried encoding the password. So I'd end up with my URL being http://user:p%40ssword#host.example.com. This would throw the following trace:
org.sonatype.aether.resolution.ArtifactResolutionException: Could not transfer artifact org.apache.felix:org.apache.felix.metatype:jar:1.0.8 from/to repository (http://user:p%40ssword#host.example.com/nexus/content/repositories/): Access denied to: http://host.example.com/nexus/content/repositories/bla/bla/bla.xml
For the record I tried adding a back slash before the '#' symbol and encoding the full URL to no avail. I am curious if anyone has any idea how I can get this to take passwords containing special characters?
I just upgraded to the latest axis2/rampart version and encounter a strange behavior when providing a webservice which requires username-passwort authentification.
up to now, I implemented my own passwordcallback-handler which handled WSPasswordCallbacks of type WSPasswordCallback.USERNAME_TOKEN_UNKNOWN. I looked up the provided user in the DB and checked the given password.
in the latest version, the passwordcallback-usage always seems to be WSPasswordCallback.USERNAME_TOKEN where I have to provide the password for the given user - but I'm not able to provide the password, because I don't store the passwords plaintext.
do I have to write my own org.apache.ws.security.validate.UsernameTokenValidator? where do I have to register it?
I wrote a summary here on Stackoverflow of my encounter with this problem, and the workarounds I've found to this, read it here.
One of my colleague in QA team reported a bug to me, the bug said that can't change password to lowercase, otherwise login was rejected,using number or uppercase was all fine. The login system was implemented using acegi 1.0 (now called Spring Security).
This was a very strange bug,changing password is done by encrypting the user input string into MD5 string, I implemented this without using anything related acegi, I don't if the is the origin cause of the problem.
When the login is rejected, through debugging, I find that, the user input is converted into uppercase by acegi when passing to the acegi comparing logic. At first, I didn't believe this, when I checkout the acegi source and debugging with it, I find it does convert both username and password to uppercase (source code line 121), Can you tell me why it does this? This can cause password encoding mismatch!
Thanks matt, some guy in my team chose the Siteminder implementation of Acegi, which was the cause of this problem.