Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11413

XUI does not load if the parameters are not properly ordered

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 13.5.0, 13.5.2
    • Fix Version/s: None
    • Component/s: XUI
    • Labels:

      Description

      Bug description

      If the URL parameters are not ordered properly (fragmented parameter not being last) the XUI hangs.

      How to reproduce the issue

      1. Access a URL such as: http://openam.example.com:8080/openam/XUI/#login/?service=bla
      Expected behaviour

      XUI loads and presents the login screen.

      Current behaviour

      XUI hangs with "Loading..." message.

      {CoreSystem}

      and

      {org.forgerock.http.HttpApplication}

      debug logs show the same exception:

      org.forgerock.http.HttpApplication:07/19/2017 08:35:26:917 AM BST: Thread[http-nio-8080-exec-7,5,main]: TransactionId[3c8cf024-b806-4e60-bf1e-0a4e01bbee36-756]
      ERROR: RuntimeException caught
      java.lang.IllegalArgumentException: fromIndex(4) > toIndex(3)
              at java.util.ArrayList.subListRangeCheck(ArrayList.java:1006)
              at java.util.ArrayList.subList(ArrayList.java:996)
              at java.util.Collections$UnmodifiableRandomAccessList.subList(Collections.java:1400)
              at org.forgerock.http.routing.RouteMatchers.getRemainingRequestUri(RouteMatchers.java:157)
              at org.forgerock.http.routing.RouteMatchers$RequestUriRouteMatcher.evaluate(RouteMatchers.java:127)
              at org.forgerock.http.routing.RouteMatchers$RequestUriRouteMatcher.evaluate(RouteMatchers.java:117)
              at org.forgerock.services.routing.AbstractRouter.getBestRoute(AbstractRouter.java:182)
              at org.forgerock.http.routing.Router.handle(Router.java:90)
              at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:86)
              at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:56)
              at org.forgerock.http.routing.Router.handle(Router.java:92)
              at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:64)
              at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:56)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:220)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework.access$400(AuthenticationFramework.java:65)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework$3.apply(AuthenticationFramework.java:212)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework$3.apply(AuthenticationFramework.java:205)
              at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:255)
              at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:244)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:168)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework.access$100(AuthenticationFramework.java:65)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework$1.apply(AuthenticationFramework.java:155)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework$1.apply(AuthenticationFramework.java:152)
              at org.forgerock.util.promise.PromiseImpl$7.handleStateChange(PromiseImpl.java:485)
              at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:567)
              at org.forgerock.util.promise.PromiseImpl.addOrFireListener(PromiseImpl.java:555)
              at org.forgerock.util.promise.PromiseImpl.thenAsync(PromiseImpl.java:477)
              at org.forgerock.util.promise.PromiseImpl.thenAsync(PromiseImpl.java:468)
              at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:146)
              at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:96)
              at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:56)
              at org.forgerock.openam.http.HandlerProvider.handle(HandlerProvider.java:50)
              at org.forgerock.openam.http.HttpRoute$3.handle(HttpRoute.java:142)
              at org.forgerock.http.routing.Router.handle(Router.java:92)
              at org.forgerock.openam.http.OpenAMHttpApplication$1.filter(OpenAMHttpApplication.java:60)
              at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:56)
              at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:60)
              at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:56)
              at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:225)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
              at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
              at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
              at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:111)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
              at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:51)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:108)
              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
              at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
              at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
              at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
              at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)
              at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
              at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
              at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
              at java.lang.Thread.run(Thread.java:745)
      

      Work around

      Code analysis

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              n4al Nemanja Lukic
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: