Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-229

Authorization request fails if server is using a proxy to redirect from https -> http (WeDeploy)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Master
    • Fix Version/s: 7.2.0 GA1
    • Component/s: None
    • Labels:
      None

      Description

      2018-10-15 19:18:50.782 WARN [http-nio-8080-exec-10][AbstractOAuthService:88] Unsecure HTTP, Transport Layer Security is recommended
2018-10-15 19:18:50.800 WARN [http-nio-8080-exec-10][WebApplicationExceptionMapper:88] javax.ws.rs.BadRequestException: HTTP 400 Bad Request_	at org.apache.cxf.jaxrs.utils.SpecExceptions.toBadRequestException(SpecExceptions.java:84)_	at org.apache.cxf.jaxrs.utils.ExceptionUtils.toBadRequestException(ExceptionUtils.java:119)_	at org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService.completeAuthorization(RedirectionBasedGrantService.java:356)_	at org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService.authorizeDecisionForm(RedirectionBasedGrantService.java:117)_	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)_	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)_	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)_	at java.lang.reflect.Method.invoke(Method.java:498)_	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)_	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)_	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:192)_	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:103)_	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)_	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)_	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)_	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)_	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)_	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)_	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)_	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)_	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)_	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)_	at org.eclipse.equinox.http.servlet.internal.registration.EndpointRegistration.service(EndpointRegistration.java:153)_	at org.eclipse.equinox.http.servlet.internal.servlet.ResponseStateHandler.processRequest(ResponseStateHandler.java:62)_	at org.eclipse.equinox.http.servlet.internal.context.DispatchTargets.doDispatch(DispatchTargets.java:118)_	at org.eclipse.equinox.http.servlet.internal.HttpServiceRuntimeImpl.doDispatch(HttpServiceRuntimeImpl.java:373)_	at org.eclipse.equinox.http.servlet.internal.servlet.ProxyServlet.service(ProxyServlet.java:70)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)_	at com.liferay.portal.module.framework.ModuleFrameworkServletAdapter.service(ModuleFrameworkServletAdapter.java:51)_	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:119)_	at com.liferay.portal.servlet.filters.password.modified.PasswordModifiedFilter.processFilter(PasswordModifiedFilter.java:57)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)_at com.liferay.portal.sharepoint.SharepointFilter.processFilter(SharepointFilter.java:88)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter.java:144)_	at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.processFilter(VirtualHostFilter.java:263)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)_	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)_	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)_	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389)_	at com.liferay.portal.servlet.filters.urlrewrite.UrlRewriteFilter.processFilter(UrlRewriteFilter.java:65)_	at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:49)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDoFilter(InvokerFilterChain.java:207)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:112)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:168)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.processDirectCallFilter(InvokerFilterChain.java:188)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilterChain.doFilter(InvokerFilterChain.java:96)_	at com.liferay.portal.kernel.servlet.filters.invoker.InvokerFilter.doFilter(InvokerFilter.java:101)_	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)_	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)_	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)_	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)_	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)_	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)_	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)_	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)_	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)_	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)_	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)_	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:764)_	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1388)_	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)_	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)_	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)_	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)_	at java.lang.Thread.run(Thread.java:748)_ [Sanitized]

        Attachments

          Activity

            People

            Assignee:
            michael.saechang Michael Saechang
            Reporter:
            shinn.lok Shinn Lok (Inactive)
            Participants of an Issue:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Packages

                Version Package
                7.2.0 GA1