shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Les Hazlewood (JIRA)" <>
Subject [jira] Commented: (SHIRO-183) Unable to correctly extract the Initialization Vector or ciphertext
Date Fri, 16 Jul 2010 08:40:50 GMT


Les Hazlewood commented on SHIRO-183:

Those are two good questions, and ones that we could address in the form of adding them as
new features to the codebase :)

Thanks so much for verifying that the cleared cookies solved this problem - that confirms
my assumptions in my first comment above.  We can now use this information as the basis for
implementing the two changes you recommended.

We'll use this issue to implement those two changes.



> Unable to correctly extract the Initialization Vector or ciphertext
> -------------------------------------------------------------------
>                 Key: SHIRO-183
>                 URL:
>             Project: Shiro
>          Issue Type: Bug
>          Components: Subject
>    Affects Versions: 1.0.0
>         Environment: GNU/Linux Debian Lenny, Java 1.6
>            Reporter:
> I obtain following exception while entering the secure page:
>   [java] 101637 [http-8080-1] WARN org.apache.shiro.mgt.DefaultSecurityManager - Delegate
RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw
an exception during getRememberedPrincipals().
>      [java] org.apache.shiro.crypto.CryptoException: Unable to correctly extract the
Initialization Vector or ciphertext.
>      [java] 	at org.apache.shiro.crypto.JcaCipherService.decrypt(
>      [java] 	at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(
>      [java] 	at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(
>      [java] 	at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(
>      [java] 	at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(
>      [java] 	at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(
>      [java] 	at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(
>      [java] 	at org.apache.shiro.subject.Subject$Builder.buildSubject(
>      [java] 	at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(
>      [java] 	at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(
>      [java] 	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(
>      [java] 	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(
>      [java] 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
>      [java] 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(
>      [java] 	at org.apache.catalina.core.StandardWrapperValve.invoke(
>      [java] 	at org.apache.catalina.core.StandardContextValve.invoke(
>      [java] 	at org.apache.catalina.core.StandardHostValve.invoke(
>      [java] 	at org.apache.catalina.valves.ErrorReportValve.invoke(
>      [java] 	at org.apache.catalina.core.StandardEngineValve.invoke(
>      [java] 	at org.apache.catalina.connector.CoyoteAdapter.service(
>      [java] 	at org.apache.coyote.http11.Http11Processor.process(
>      [java] 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(
>      [java] 	at$
>      [java] 	at
>      [java] Caused by: java.lang.ArrayIndexOutOfBoundsException
>      [java] 	at java.lang.System.arraycopy(Native Method)
>      [java] 	at org.apache.shiro.crypto.JcaCipherService.decrypt(
>      [java] 	... 23 more
> Of course I have set the "securityManager.rememberMeManager.cipherKey" in shiro.ini but
it did not help.
> kind regards.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message