karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Freeman Fang (JIRA)" <j...@apache.org>
Subject [jira] [Work started] (KARAF-3269) ssh into karaf as user with no roles throws exception and user shell stays frozen
Date Thu, 09 Oct 2014 08:45:34 GMT

     [ https://issues.apache.org/jira/browse/KARAF-3269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Work on KARAF-3269 started by Freeman Fang.
-------------------------------------------
> ssh into karaf as user with no roles throws exception and user shell stays frozen
> ---------------------------------------------------------------------------------
>
>                 Key: KARAF-3269
>                 URL: https://issues.apache.org/jira/browse/KARAF-3269
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>    Affects Versions: 2.4.0, 3.0.1
>            Reporter: Freeman Fang
>            Assignee: Freeman Fang
>
> for an instance, I have edit etc/users.properties, add a user with password, but no roles
specified like
> test=test
> than I use ssh client to login like
> ./client -a 8101 -u test -p test
> I get this shell frozen with output like
> {code}
> Logging in as test
> 348 [sshd-SshClient[57c93cf5]-nio2-thread-2] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier
- Server at [/0.0.0.0:8101, DSA, f2:ea:61:7f:1d:a8:6a:3b:c7:a1:c2:2f:8a:89:6b:fa] presented
unverified {} key: {}
> {code}
> Ctrl+C doesn't work and I have to use "kill -9", and I can see the exception in log like
> {code}
> 2014-10-09 16:20:49,112 | WARN  | Thread-21        | ShellFactoryImpl               
 | 31 - org.apache.karaf.shell.ssh - 2.4.1.SNAPSHOT | Unable to start shell
> java.lang.SecurityException: Current user has no associated roles.
> 	at org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.<init>(SecuredCommandProcessorImpl.java:63)
> 	at org.apache.karaf.shell.security.impl.SecCommandProcessorImpl.createSession(SecCommandProcessorImpl.java:38)
> 	at Proxy51945d09_6857_4247_b023_1823bcb917b7.createSession(Unknown Source)
> 	at org.apache.karaf.shell.console.jline.Console.<init>(Console.java:106)
> 	at org.apache.karaf.shell.ssh.ShellFactoryImpl$ShellImpl$1.runConsole(ShellFactoryImpl.java:140)[31:org.apache.karaf.shell.ssh:2.4.1.SNAPSHOT]
> 	at org.apache.karaf.shell.ssh.ShellFactoryImpl$ShellImpl$1$1.run(ShellFactoryImpl.java:125)
> 	at java.security.AccessController.doPrivileged(Native Method)[:1.7.0_07]
> 	at org.apache.karaf.jaas.modules.JaasHelper.doAs(JaasHelper.java:47)[16:org.apache.karaf.jaas.modules:2.4.1.SNAPSHOT]
> 	at org.apache.karaf.shell.ssh.ShellFactoryImpl$ShellImpl$1.run(ShellFactoryImpl.java:123)[31:org.apache.karaf.shell.ssh:2.4.1.SNAPSHOT]
> {code}
> Ssh client should tell user, that he has not enough permissions or some meaningfull message.
frozen shell is not nice for user anyway.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message