[OAUTH2-229] Authorization request fails if server is using a proxy to redirect from https -> http (WeDeploy) - Liferay Issues

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: Master
Fix Version/s: Master
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/64183

Description

2018-10-15 19:18:50.782 WARN [http-nio-8080-exec-10][AbstractOAuthService:88] Unsecure HTTP, Transport Layer Security is recommended
2018-10-15 19:18:50.800 WARN [http-nio-8080-exec-10][WebApplicationExceptionMapper:88] javax.ws.rs.BadRequestException: HTTP 400 Bad Request_	at org.apache.cxf.jaxrs.utils.SpecExceptions.toBadRequestException(SpecExceptions.java:84)_	at org.apache.cxf.jaxrs.utils.ExceptionUtils.toBadRequestException(ExceptionUtils.java:119)_	at org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService.completeAuthorization(RedirectionBasedGrantService.java:356)_	at org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService.authorizeDecisionForm(RedirectionBasedGrantService.java:117)_	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)_	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)_	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)_	at java.lang.reflect.Method.invoke(Method.java:498)_	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)_	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)_	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:192)_	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:103)_	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)_	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)_	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)_	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)_	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)_	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)_	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)_	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)_	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)_	at org.eclipse.equinox.http.servlet.internal.registration.EndpointRegistration.service(EndpointRegistration.java:153)_	at org.eclipse.equinox.http.servlet.internal.servlet.ResponseStateHandler.processRequest(ResponseStateHandler.java:62)_	at org.eclipse.equinox.http.servlet.internal.context.DispatchTargets.doDispatch(DispatchTargets.java:118)_	at org.eclipse.equinox.http.servlet.internal.HttpServiceRuntimeImpl.doDispatch(HttpServiceRuntimeImpl.java:373)_	at org.eclipse.equinox.http.servlet.internal.servlet.ProxyServlet.service(ProxyServlet.java:70)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)_	at com.liferay.portal.module.framework.ModuleFrameworkServletAdapter.service(ModuleFrameworkServletAdapter.java:51)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:119)_	at com.liferay.portal.servlet.filters.password.modified.PasswordModifiedFilter.processFilter(PasswordModifiedFilter.java:57)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)_at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:88)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)_	at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:263)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)_	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)_	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)_	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389)_	at com.liferay.portal.servlet.filters.urlrewrite.UrlRewriteFilter.processFilter(UrlRewriteFilter.java:65)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:101)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)_	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)_	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)_	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)_	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)_	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)_	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)_	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)_	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)_	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:764)_	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1388)_	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)_	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)_	at java.lang.Thread.run(Thread.java:748)_ [Sanitized]

Attachments

Activity

People

Assignee:

Michael Saechang

Reporter:

Shinn Lok

Participants of an Issue:

Michael Saechang, Shinn Lok

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

15/Oct/18 12:20 PM

Updated:

16/Nov/18 9:53 AM

Resolved:

15/Oct/18 12:42 PM

Packages

Version	Package
Master