[Bug] RememberMe does not Remember me after deletion of SessionCookie #1048
Milestone
Comments
lprimak
added a commit
that referenced
this issue
Sep 3, 2023
#1048: Solved base64 problem with remember me cookie.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Search before asking
Environment
Wildfly 26
Shiro version
2.0.0-alpha-3
What was the actual outcome?
I had to login in again and an exception was logged in the server log (see below)
What was the expected outcome?
I still was logged in.
How to reproduce
Be sure the value of the remembe-me cookie in (Firefox) ends with a '='.
Debug logs
2023-08-24 20:22:20,144 WARN [org.apache.shiro.web.mgt.CookieRememberMeManager] (default task-1) Unable to decode existing base64 encoded entity: [rjzNp+Fy9WOpFkE4fz9giXYNJISADfyWcE7ys6JqH1hoeO072R+svonp2E/t/FgwbfkAsX/jNQhBQ3OfWFuGHqXTFK4skVDcMB230OiJLjIdDA51W3YzAxZtaN1tQDbI1rQtChs4tH1Gyf8GBPfKLpXERpweRw4jT5ppUZVkoSt+eKNAWj0BOY/PSuABXDPm2nAfF6de1uQJnMNoxrCsC5vMFWGQ7f7UDsvS6iaQUXi02y7Gj2FbC+73gBiZBmX13Y3O5KWHe0XNtdm8W3M+dvUtYwzpEYrH1jUHqKKfbJtP1WViF1CCN+GgYqiUmco3kxvAFxw5WAN5lP4j7R8nzyivU0EwVb7x+2Fhve6y4B6w6fCbD0JIgjMk2IZZzyvyhKSK7NAfuKHf8rtTE2Gln8+TdTeRSZAwgx4FSl0jcpOgik+cMAMpiVC5NlQ+jxWCPbNUHKdM+7xxht+cqBtJgp8ZNgC5olhEmTgjYuRFmf0bKETJrFvnnX/DkwzJ/OAESsxtjCJF6nb0h61BlPvsyIMBqxnotWhvP8a7hYYrSRN6IwdsveD96VE1hkvwPSpvmYt5GHSG7VOxI9s1KoSkQDYg5s/9DTKgblnVCHkoYeNFfmK0nuxaixRNfPydXI4/BVESGFy8S0VZE2WHni3KIELu+7prZ3Qz7RRAXPOBRtAUREHG8jKvoMFEcSqDIg92UQ7xmjE7EoBPji4ESv9GzRdL8ZtScRXAekWwoOCSCa3qwXCYkvPp4C1k7C6VusthOaMvj4E===].: java.lang.IllegalArgumentException: Input byte array has incorrect ending byte at 776
at java.base/java.util.Base64$Decoder.decode0(Base64.java:771)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at deployment.aliassen-web-23.01.war//org.apache.shiro.lang.codec.Base64.decode(Base64.java:104)
at deployment.aliassen-web-23.01.war//org.apache.shiro.lang.codec.Base64.decode(Base64.java:94)
at deployment.aliassen-web-23.01.war//org.apache.shiro.web.mgt.CookieRememberMeManager.getRememberedSerializedIdentity(CookieRememberMeManager.java:224)
at deployment.aliassen-web-23.01.war//org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:394)
at deployment.aliassen-web-23.01.war//org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:613)
at deployment.aliassen-web-23.01.war//org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:501)
at deployment.aliassen-web-23.01.war//org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:347)
at deployment.aliassen-web-23.01.war//org.apache.shiro.ee.filters.ShiroFilter$WrappedSecurityManager.createSubject(ShiroFilter.java:167)
at deployment.aliassen-web-23.01.war//org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:845)
at deployment.aliassen-web-23.01.war//org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
at deployment.aliassen-web-23.01.war//org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:300)
at deployment.aliassen-web-23.01.war//org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:367)
at deployment.aliassen-web-23.01.war//org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:154)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at [email protected]//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at [email protected]//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at [email protected]//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at [email protected]//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
at [email protected]//org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
at [email protected]//org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
at [email protected]//org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
at [email protected]//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)
at [email protected]//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at [email protected]//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
at [email protected]//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at [email protected]//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at [email protected]//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
at [email protected]//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100)
at [email protected]//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
at [email protected]//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:852)
at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at [email protected]//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1282)
at java.base/java.lang.Thread.run(Thread.java:834)
The text was updated successfully, but these errors were encountered: