Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-2553

Exception when evaluating policy against invalid URL

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Expired
    • Affects Version/s: 11.0.0
    • Fix Version/s: None
    • Component/s: entitlements, policy
    • Labels:
    • Rank:
      1|hznxsv:

      Description

      OpenAM is throwing a StringIndexOutOfBoundsException when given some bad urls to evaluate.

      For example with the Policy http://*fqdn.example.com:90/context?params loaded, when evaluating this compared to http://par?rotfqdn.example.com.:190//acontext?paramsanythingAtTheEnd the exception below can be seen in the Policy debug log at error level.

      amPolicy:06/12/2013 11:29:33:680 AM BST: Thread[http-bio-8080-exec-32,5,main]
      ERROR: PolicyRequestHandler: Evaluation error
      java.lang.StringIndexOutOfBoundsException: String index out of range: -2
      at java.lang.String.substring(String.java:1937)
      at com.sun.identity.entitlement.URLResourceName.canonicalize(URLResourceName.java:169)
      at com.sun.identity.policy.PolicyEvaluator.padEnvParameters(PolicyEvaluator.java:544)
      at com.sun.identity.policy.PolicyEvaluator.getResourceResultsE(PolicyEvaluator.java:1426)
      at com.sun.identity.policy.PolicyEvaluator.getResourceResults(PolicyEvaluator.java:1390)
      at com.sun.identity.policy.remote.PolicyRequestHandler.processPolicyRequest(PolicyRequestHandler.java:420)
      at com.sun.identity.policy.remote.PolicyRequestHandler.processPolicyServiceRequest(PolicyRequestHandler.java:229)
      at com.sun.identity.policy.remote.PolicyRequestHandler.processRequest(PolicyRequestHandler.java:184)
      at com.sun.identity.policy.remote.PolicyRequestHandler.process(PolicyRequestHandler.java:126)
      at com.iplanet.services.comm.server.PLLRequestServlet.handleRequest(PLLRequestServlet.java:183)
      at com.iplanet.services.comm.server.PLLRequestServlet.doPost(PLLRequestServlet.java:136)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
      at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001)
      at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
      at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
      at java.lang.Thread.run(Thread.java:680)

        Attachments

          Activity

            People

            • Assignee:
              apforrest Andrew Forrest
              Reporter:
              samdrew Sam Drew
              QA Assignee:
              Sam Drew
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: