[
https://issues.apache.org/jira/browse/QPIDJMS-245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Allan Li updated QPIDJMS-245:
-----------------------------
Description:
In JmsConnectionFactory.java, line 390 - 391, method parseQuery(queryString)
390 Map<String, String> map =
PropertyUtil.parseQuery(this.remoteURI.getQuery());
391 applyURIOptions(map);
Code of line 390 will decode the remoteURI twice, the first time is in
"this.remoteURI.getQuery();", then in method "PropertyUtil.parseQuery"
(PropertyUtil.java, line 200), it will be decoded again.
This double-decode will generate wrong value.
For example, the passed in query string is URL encoded
"jms.password=lBMflBhWkvVy7zamjCN24tCa%2BHn%2FavVwyRltDI%2Fk8kE%3D". (the
example is retrieved from a Azure Service Bus SAS key). After the first
decoding, it gets the right expected value
"lBMflBhWkvVy7zamjCN24tCa+Hn/avVwyRltDI/k8kE=", but if decoded again, it will
become "lBMflBhWkvVy7zamjCN24tCa Hn/avVwyRltDI/k8kE=". Basically the '+' is
decoded to ' '. And this wrong string will be set as connection's password and
it will fail when connecting to target message server due to wrong password.
Using getRawQuery() instead of getQuery() should fix this issue.
was:
In JmsConnectionFactory.java, line 390 - 391, method parseQuery(queryString)
390 Map<String, String> map =
PropertyUtil.parseQuery(this.remoteURI.getQuery());
391 applyURIOptions(map);
Code of line 390 will decode the remoteURI twice, the first time is via
"this.remoteURI.getQuery());", then in method "PropertyUtil.parseQuery"
(PropertyUtil.java, line 200), it will be decode again.
This will generate wrong value.
For example, the passed in query string is URL encoded
"jms.password=lBMflBhWkvVy7zamjCN24tCa%2BHn%2FavVwyRltDI%2Fk8kE%3D". (the
example is retrieved from a Azure Service Bus SAS key). After the first time
decoding, it gets the right expected value
"lBMflBhWkvVy7zamjCN24tCa+Hn/avVwyRltDI/k8kE=", but if decoded again, it will
become "lBMflBhWkvVy7zamjCN24tCa Hn/avVwyRltDI/k8kE=". Basically the '+' is
decoded to ' '. And this wrong string will be set as password and it will fail
when connecting to target message server due to wrong password.
Using getRawQuery() instead of getQuery() should fix this issue.
> Factory connection string in JNDI properties file will be decoded twice
> resulting to unexpected value
> -----------------------------------------------------------------------------------------------------
>
> Key: QPIDJMS-245
> URL: https://issues.apache.org/jira/browse/QPIDJMS-245
> Project: Qpid JMS
> Issue Type: Bug
> Components: qpid-jms-client
> Affects Versions: 0.11.1
> Environment: Any
> Reporter: Allan Li
>
> In JmsConnectionFactory.java, line 390 - 391, method parseQuery(queryString)
> 390 Map<String, String> map =
> PropertyUtil.parseQuery(this.remoteURI.getQuery());
> 391 applyURIOptions(map);
> Code of line 390 will decode the remoteURI twice, the first time is in
> "this.remoteURI.getQuery();", then in method "PropertyUtil.parseQuery"
> (PropertyUtil.java, line 200), it will be decoded again.
> This double-decode will generate wrong value.
> For example, the passed in query string is URL encoded
> "jms.password=lBMflBhWkvVy7zamjCN24tCa%2BHn%2FavVwyRltDI%2Fk8kE%3D". (the
> example is retrieved from a Azure Service Bus SAS key). After the first
> decoding, it gets the right expected value
> "lBMflBhWkvVy7zamjCN24tCa+Hn/avVwyRltDI/k8kE=", but if decoded again, it will
> become "lBMflBhWkvVy7zamjCN24tCa Hn/avVwyRltDI/k8kE=". Basically the '+' is
> decoded to ' '. And this wrong string will be set as connection's password
> and it will fail when connecting to target message server due to wrong
> password.
> Using getRawQuery() instead of getQuery() should fix this issue.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
