gkaechelin Posted April 9, 2012 Share Posted April 9, 2012 The first time I log into JS server (using my LDAP credentials) after a server reboot, I get the exception below. If I refresh my page everythign *seems* to be OK. Anyone know what this exception is all about? Is it benign and can I get rid of it or address the issue it is complaining about? Thanks for you insight.GusCode:****************************************************** Owasp.CsrfGuard Properties** Logger: com.jaspersoft.jasperserver.api.security.JSCsrfLogger* NewTokenLandingPage: /jasperserver-pro/login.html* PRNG: SHA1PRNG* SessionKey: JASPER_CSRF_SESSION_KEY* TokenLength: 96* TokenName: JASPER_CSRF_TOKEN* Ajax: true* Rotate: true* TokenPerPage: true* Action: org.owasp.csrfguard.action.Rotate* Action: org.owasp.csrfguard.action.Redirect* Parameter: Page = /jasperserver-pro/login.html* Action: org.owasp.csrfguard.action.Log* Parameter: Message = potential cross-site request forgery (CSRF) attack thwarted (user:%user%, ip:%remote_ip%, uri:%request_uri%, error:%exception_message%)*****************************************************15:07:27,381 INFO [sTDOUT] 2012-04-09 15:07:27,380 WARN LoggerListener,http-0.0.0.0-8081-1:60 - Authentication event InteractiveAuthenticationSuccessEvent: admin; details: com.jaspersoft.jasperserver.multipleTenancy.MTWebAuthenticationDetails@2eb76: RemoteIpAddress: 127.0.0.1; SessionId: 1D8C5A01E2A7E78792C1EA3F12F209A615:07:27,389 INFO [sTDOUT] 2012-04-09 15:07:27,388 WARN UserAuthorityServiceImpl,http-0.0.0.0-8081-1:823 - Created new external user: admin15:07:27,416 INFO [sTDOUT] 2012-04-09 15:07:27,415 WARN MTUserAuthorityServiceImpl,http-0.0.0.0-8081-1:630 - Created new external role: ROLE_WLCREPORTUSER with tenant: organization_115:07:27,436 INFO [sTDOUT] 2012-04-09 15:07:27,435 WARN MTUserAuthorityServiceImpl,http-0.0.0.0-8081-1:630 - Created new external role: ROLE_WLCSUPERUSER with tenant: organization_115:07:27,447 INFO [sTDOUT] 2012-04-09 15:07:27,446 WARN MTUserAuthorityServiceImpl,http-0.0.0.0-8081-1:630 - Created new external role: ROLE_WLCADMIN with tenant: organization_115:07:27,459 INFO [sTDOUT] 2012-04-09 15:07:27,459 WARN MTUserAuthorityServiceImpl,http-0.0.0.0-8081-1:630 - Created new external role: ROLE_WLCUSER with tenant: organization_115:07:27,471 INFO [sTDOUT] 2012-04-09 15:07:27,470 WARN UserAuthorityServiceImpl,http-0.0.0.0-8081-1:872 - Added following external roles to: adminROLE_WLCUSERROLE_WLCSUPERUSERROLE_WLCREPORTUSERROLE_WLCADMIN15:07:27,479 INFO [sTDOUT] 2012-04-09 15:07:27,478 WARN UserAuthorityServiceImpl,http-0.0.0.0-8081-1:901 - Added following new default internal roles to: adminROLE_USER15:07:27,480 INFO [sTDOUT] 2012-04-09 15:07:27,479 WARN UserAuthorityServiceImpl,http-0.0.0.0-8081-1:908 - Updated user: admin. Roles are now:ROLE_WLCSUPERUSERROLE_WLCUSERROLE_USERROLE_WLCREPORTUSERROLE_WLCADMIN15:07:27,494 ERROR [sTDERR] java.lang.NumberFormatException: For input string: "D9 0x31"15:07:27,494 ERROR [sTDERR] at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)15:07:27,494 ERROR [sTDERR] at java.lang.Integer.parseInt(Integer.java:458)15:07:27,494 ERROR [sTDERR] at java.lang.Integer.valueOf(Integer.java:528)15:07:27,494 ERROR [sTDERR] at java.lang.Integer.decode(Integer.java:958)15:07:27,494 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.common.service.impl.Cipherer.setKeyBytes(Cipherer.java:229)15:07:27,494 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.common.service.impl.PasswordCipherer.initCipherer(PasswordCipherer.java:110)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.common.service.impl.PasswordCipherer.getInstance(PasswordCipherer.java:96)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.user.domain.impl.hibernate.RepoUser.copyFromClient(RepoUser.java:291)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.updatePersistentUser(UserAuthorityServiceImpl.java:251)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.multipleTenancy.MTUserAuthorityServiceImpl.updatePersistentUser(MTUserAuthorityServiceImpl.java:473)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.putUser(UserAuthorityServiceImpl.java:243)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.user.service.impl.UserAuthorityServiceImpl.alignInternalAndExternalUser(UserAuthorityServiceImpl.java:912)15:07:27,495 ERROR [sTDERR] at com.jaspersoft.jasperserver.multipleTenancy.MTUserAuthorityServiceImpl.maintainInternalUser(MTUserAuthorityServiceImpl.java:610)15:07:27,495 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)15:07:27,495 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)15:07:27,495 ERROR [sTDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)15:07:27,495 ERROR [sTDERR] at java.lang.reflect.Method.invoke(Method.java:597)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)15:07:27,495 ERROR [sTDERR] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)15:07:27,495 ERROR [sTDERR] at $Proxy180.maintainInternalUser(Unknown Source)15:07:27,496 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)15:07:27,496 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)15:07:27,496 ERROR [sTDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)15:07:27,496 ERROR [sTDERR] at java.lang.reflect.Method.invoke(Method.java:597)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)15:07:27,496 ERROR [sTDERR] at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)15:07:27,496 ERROR [sTDERR] at $Proxy181.maintainInternalUser(Unknown Source)15:07:27,496 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)15:07:27,496 ERROR [sTDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)15:07:27,496 ERROR [sTDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)15:07:27,496 ERROR [sTDERR] at java.lang.reflect.Method.invoke(Method.java:597)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)15:07:27,496 ERROR [sTDERR] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)15:07:27,497 ERROR [sTDERR] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)15:07:27,497 ERROR [sTDERR] at $Proxy181.maintainInternalUser(Unknown Source)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:107)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter.doFilter(RequestParameterAuthenticationFilter.java:97)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.multipleTenancy.MTBasicProcessingFilter.doFilterHttp(MTBasicProcessingFilter.java:180)15:07:27,497 ERROR [sTDERR] at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:278)15:07:27,497 ERROR [sTDERR] at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.logging.filter.BasicLoggingFilter.doFilter(BasicLoggingFilter.java:53)15:07:27,497 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,497 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.security.JSCsrfGuardFilter.doFilter(JSCsrfGuardFilter.java:81)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,498 ERROR [sTDERR] at com.jaspersoft.jasperserver.api.security.WebAppSecurityFilter.doFilter(WebAppSecurityFilter.java:83)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,498 ERROR [sTDERR] at com.jaspersoft.jasperserver.war.MultipartRequestWrapperFilter.doFilter(MultipartRequestWrapperFilter.java:90)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,498 ERROR [sTDERR] at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)15:07:27,498 ERROR [sTDERR] at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:188)15:07:27,498 ERROR [sTDERR] at org.springframework.security.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:99)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)15:07:27,498 ERROR [sTDERR] at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:67)15:07:27,498 ERROR [sTDERR] at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)15:07:27,498 ERROR [sTDERR] at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)15:07:27,498 ERROR [sTDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)15:07:27,498 ERROR [sTDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)15:07:27,499 ERROR [sTDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)15:07:27,499 ERROR [sTDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)15:07:27,499 ERROR [sTDERR] at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)15:07:27,499 ERROR [sTDERR] at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)15:07:27,499 ERROR [sTDERR] at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)15:07:27,499 ERROR [sTDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)15:07:27,499 ERROR [sTDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)15:07:27,499 ERROR [sTDERR] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)15:07:27,499 ERROR [sTDERR] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)15:07:27,499 ERROR [sTDERR] at java.lang.Thread.run(Thread.java:662) Link to comment Share on other sites More sharing options...
mikewoinoski Posted April 10, 2012 Share Posted April 10, 2012 It looks like the value that causes the NumberFormatException contains a line break. The value might be the secret key from jasperserver/WEB-INF/applicationContext-security.xml. Check the file and see if there's a newline in the secret key value. The value in my copy of the file looks like this:<property name="secretKey"><value>0xC8 0x43 0x29 0x49 0xAE 0x25 0x2F 0xA1 0xC1 0xF2 0xC8 0xD9 0x31 0x01 0x2C 0x52 0x54 0x0B 0x5E 0xEA 0x9E 0x37 0xA8 0x61</value></property> Link to comment Share on other sites More sharing options...
gkaechelin Posted April 10, 2012 Author Share Posted April 10, 2012 You hit this one square on the head. My editor pretty-print formatted the applicationContext-security.xml and inserted a line break in the secretKey value node. Once I fixed this, no more exception. Thanks for the hand!Gus Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now