[jira] [Work logged] (KNOX-2782) Knox CLI user-auth-test command failure

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-2782?focusedWorklogId=793119&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-793119
 ]

ASF GitHub Bot logged work on KNOX-2782:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 20/Jul/22 09:18
            Start Date: 20/Jul/22 09:18
    Worklog Time Spent: 10m 
      Work Description: smolnar82 opened a new pull request, #610:
URL: https://github.com/apache/knox/pull/610

   ## What changes were proposed in this pull request?
   
   In order to make the `user-auth-test` KnoxCLI command work after the 1.6 
Shiro upgrade, I'd to add the `invalidRequest` filter's object class 
(`org.apache.shiro.web.filter.InvalidRequestFilter`) into the `main` section in 
the generated shiro.ini. Without that change, an error was thrown (see the 
corresponding JIRA).
   
   ## How was this patch tested?
   
   Ran the `GatewayShiroAuthTest` that covers use-cases for Shiro LDAP 
authentication including a valid service URL with a semicolon 
(`;jsessionid=OI24B9ASD7BSSD`).
   Other than this I made sure the `user-auth-test` KnoxCLI command works:
   ```
   $ bin/knoxcli.sh user-auth-test --cluster sandbox --u admin --p 
admin-password --d
   LDAP authentication successful!
   ```
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 793119)
    Remaining Estimate: 0h
            Time Spent: 10m

> Knox CLI user-auth-test command failure
> ---------------------------------------
>
>                 Key: KNOX-2782
>                 URL: https://issues.apache.org/jira/browse/KNOX-2782
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxCLI
>    Affects Versions: 1.6.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> There is an issue with KnoxCLI's {{user-auth-test}} command:
> {noformat}
> bin/knoxcli.sh user-auth-test --cluster sandbox --u admin --p admin-password
> java.lang.IllegalArgumentException: Configuration error. Specified object 
> [invalidRequest] with property [blockSemicolon] without first defining that 
> object's class. Please first specify the class property first, e.g. myObject 
> = fully_qualified_class_name and then define additional properties.
> org.apache.knox.gateway.util.KnoxCLI$LDAPCommand$BadSubjectException: Subject 
> could not be created with Shiro Config at sections=main,urls
> For more information use --d for debug output.
> ERR: Unable to authenticate user: admin {noformat}
> The reason is, that 3 properties are added OOTB to the generated Shiro 
> configuration, under the "{{{}main{}}}" section, as per KNOX-2455
> {noformat}
>     params.putIfAbsent("main.invalidRequest.blockSemicolon", "false");
>     params.putIfAbsent("main.invalidRequest.blockBackslash", "false");
>     params.putIfAbsent("main.invalidRequest.blockNonAscii", "false"); 
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)