[jira] [Closed] (QPID-8677) [Broker-J] IllegalConfigurationException when deleting misconfigured port

Fri, 28 Feb 2025 00:52:00 -0800 


     [ 
https://issues.apache.org/jira/browse/QPID-8677?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomas Vavricka closed QPID-8677.
--------------------------------

> [Broker-J] IllegalConfigurationException when deleting misconfigured port
> -------------------------------------------------------------------------
>
>                 Key: QPID-8677
>                 URL: https://issues.apache.org/jira/browse/QPID-8677
>             Project: Qpid
>          Issue Type: Bug
>          Components: Broker-J
>    Affects Versions: qpid-java-broker-9.2.0
>            Reporter: Daniil Kirilyuk
>            Priority: Minor
>             Fix For: qpid-java-broker-9.2.1
>
>
> Following exception was observed in broker log when deleting a port:
> {noformat}
> 2024-04-18T12:44:23,633Z INFO  [qtp598169654-115] (q.m.a.allowed) - 
> [mng:N/A(admin@/127.0.0.1:34350)] ACL-1001 : Allowed : Access Management 
> ObjectProperties[]
> 2024-04-18T12:44:23,637Z INFO  [qtp598169654-115] (q.m.a.allowed) - 
> [mng:N/A(admin@/127.0.0.1:34350)] ACL-1001 : Allowed : Configure Broker 
> ObjectProperties[, delete port 'https']
> 2024-04-18T12:44:23,638Z INFO  [qtp598169654-115] (q.m.p.delete) - 
> [mng:N/A(admin@/127.0.0.1:34350)] PRT-1006 : Delete "HTTP" : https
> 2024-04-18T12:44:23,639Z INFO  [qtp598169654-115] 
> (o.a.q.s.m.p.ManagementException) - IllegalConfigurationException processing 
> request /api/v9.0/port/https from user '/127.0.0.1:34350/admin': Can't create 
> port which requests SSL client certificates but has no trust store configured.
> 2024-04-18T12:44:23,639Z ERROR [qtp598169654-115] 
> (o.a.q.s.m.p.s.r.RestServlet) - Error when executing DELETE request
> org.apache.qpid.server.management.plugin.ManagementException: Can't create 
> port which requests SSL client certificates but has no trust store configured.
>         at 
> org.apache.qpid.server.management.plugin.ManagementException.createUnprocessableManagementException(ManagementException.java:108)
>         at 
> org.apache.qpid.server.management.plugin.ManagementException.toManagementException(ManagementException.java:211)
>         at 
> org.apache.qpid.server.management.plugin.controller.latest.LatestManagementController.delete(LatestManagementController.java:301)
>         at 
> org.apache.qpid.server.management.plugin.controller.AbstractManagementController.handleDelete(AbstractManagementController.java:109)
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.RestServlet.doDelete(RestServlet.java:179)
>         at 
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doDelete(AbstractServlet.java:208)
>         at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:526)
>         at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587)
>         at 
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
>         at 
> org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.lambda$doFilterChainAs$1(AuthenticationCheckFilter.java:155)
>         at java.base/java.security.AccessController.doPrivileged(Native 
> Method)
>         at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
>         at 
> org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.doFilterChainAs(AuthenticationCheckFilter.java:153)
>         at 
> org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter.doFilter(AuthenticationCheckFilter.java:123)
>         at 
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
>         at 
> org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:63)
>         at 
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
>         at 
> org.apache.qpid.server.management.plugin.filter.MethodFilter.doFilter(MethodFilter.java:67)
>         at 
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
>         at 
> org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:314)
>         at 
> org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:267)
>         at 
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
>         at 
> org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:59)
>         at 
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
>         at 
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
>         at 
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
>         at 
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1580)
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
>         at 
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1381)
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
>         at 
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
>         at 
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1553)
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
>         at 
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1303)
>         at 
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
>         at 
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
>         at org.eclipse.jetty.server.Server.handle(Server.java:563)
>         at 
> org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
>         at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
>         at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
>         at 
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287)
>         at 
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
>         at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
>         at 
> org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
>         at 
> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
>         at 
> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
>         at 
> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
>         at 
> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
>         at 
> org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
>         at 
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
>         at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
>         at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
>         at 
> org.apache.qpid.server.bytebuffer.QpidByteBufferFactory.lambda$createQpidByteBufferTrackingThreadFactory$0(QpidByteBufferFactory.java:464)
>         at java.base/java.lang.Thread.run(Thread.java:829)
> Caused by: 
> org.apache.qpid.server.configuration.IllegalConfigurationException: Can't 
> create port which requests SSL client certificates but has no trust store 
> configured.
>         at 
> org.apache.qpid.server.model.port.AbstractPort.validateChange(AbstractPort.java:332)
>         at 
> org.apache.qpid.server.model.port.HttpPortImpl.validateChange(HttpPortImpl.java:205)
>         at 
> org.apache.qpid.server.model.AbstractConfiguredObject.deleteWithChecks(AbstractConfiguredObject.java:2200)
>         at 
> org.apache.qpid.server.model.AbstractConfiguredObject.deleteAsync(AbstractConfiguredObject.java:2169)
>         at 
> org.apache.qpid.server.model.AbstractConfiguredObject.delete(AbstractConfiguredObject.java:2088)
>         at 
> org.apache.qpid.server.management.plugin.controller.latest.LatestManagementController.delete(LatestManagementController.java:295)
>         ... 57 common frames omitted
> {noformat}
> When a port is deleted, validateChange() call performs the checks of all port 
> parameters including the SSL settings. When part of the SSL configuration 
> becomes corrupted, port becomes undeletable. To prevent this situatio checks 
> are performed only if the fields to be checked were changed (method 
> validateChange has a set of attribute names which where changed).



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to