Uploaded image for project: 'Hippo CMS'
  1. Hippo CMS
  2. CMS-11423

Error level stacktrace on login with incorrect password

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Top
    • Resolution: Fixed
    • 12.5.0, 12.4.1, 10.2.13, 11.2.9
    • 5.6.0
    • None
    • None
    • Pulsar
    • Platform 190 - HST Tests!

    Description

      On login, when an incorrect password is used a stacktrace is logged.

      No feedback is given that the username/password is incorrect

      Expected: No stacktrace, feedback on login scherm that password is incorrect

       

       [INFO] [talledLocalContainer] 29.08.2018 16:57:37 ERROR http-nio-8080-exec-4 [JcrMap.handleRepositoryException:446] Found session in an invalid unallowed state: not live. Return log in screen[INFO] [talledLocalContainer] 29.08.2018 16:57:37 ERROR http-nio-8080-exec-4 [JcrMap.handleRepositoryException:446] Found session in an invalid unallowed state: not live. Return log in screen[INFO] [talledLocalContainer] 29.08.2018 16:57:37 ERROR http-nio-8080-exec-4 [RepositoryRuntimeExceptionHandlingRequestCycleListener.createRequestHandler:69] Creating RequestHandler for InvalidSessionException: org.hippoecm.frontend.session.InvalidSessionException: Invalid (non-live) session found.[INFO] [talledLocalContainer] org.hippoecm.frontend.session.InvalidSessionException: Invalid (non-live) session found.[INFO] [talledLocalContainer]  at org.hippoecm.frontend.model.map.JcrMap.handleRepositoryException(JcrMap.java:447) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.model.map.JcrMap.get(JcrMap.java:305) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugin.config.impl.JcrPluginConfig.get(JcrPluginConfig.java:446) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugin.config.impl.AbstractPluginDecorator.get(AbstractPluginDecorator.java:114) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugin.config.impl.ClusterConfigDecorator$PluginConfigDecorator.get(ClusterConfigDecorator.java:47) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.model.map.AbstractValueMap.getString(AbstractValueMap.java:120) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.service.render.AbstractRenderService.getVariation(AbstractRenderService.java:318) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.apache.wicket.Component.getVariation(Component.java:1912) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Localizer.getStringIgnoreSettings(Localizer.java:345) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Localizer.getString(Localizer.java:232) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Localizer.getString(Localizer.java:201) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Localizer.getString(Localizer.java:131) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Component.getString(Component.java:1866) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Component.getString(Component.java:1853) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.LoginPanel.getReason(LoginPanel.java:143) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.LoginPanel.loginFailed(LoginPanel.java:137) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.SimpleLoginPlugin$CaptchaForm.loginFailed(SimpleLoginPlugin.java:96) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.LoginPanel$LoginForm.onSubmit(LoginPanel.java:277) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1310) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.markup.html.form.Form.process(Form.java:967) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:789) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:701) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_181][INFO] [talledLocalContainer]  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181][INFO] [talledLocalContainer]  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181][INFO] [talledLocalContainer]  at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181][INFO] [talledLocalContainer]  at org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:243) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:236) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:890) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64) ~[wicket-request-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:261) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:218) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:289) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:259) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:201) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282) [wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.ConcurrentLoginFilter.doFilter(ConcurrentLoginFilter.java:54) [hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) [tomcat-coyote.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) [tomcat-coyote.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1468) [tomcat-coyote.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.31][INFO] [talledLocalContainer]  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181][INFO] [talledLocalContainer]  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181][INFO] [talledLocalContainer]  at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.31][INFO] [talledLocalContainer]  at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181][INFO] [talledLocalContainer] Caused by: javax.jcr.RepositoryException: This session has been closed. See the chained exception for a trace of where the session was closed.[INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.session.SessionState.checkAlive(SessionState.java:150) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.ItemImpl.sanityCheck(ItemImpl.java:101) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.NodeImpl.hasProperty(NodeImpl.java:2456) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.hippoecm.repository.decorating.NodeDecorator.hasProperty(NodeDecorator.java:307) ~[hippo-repository-connector-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.model.map.JcrMap.get(JcrMap.java:267) ~[hippo-cms-api-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  ... 58 more[INFO] [talledLocalContainer] Caused by: java.lang.Exception: Stack trace of  where session-33 was originally closed[INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.session.SessionState.close(SessionState.java:275) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.SessionImpl.logout(SessionImpl.java:987) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.apache.jackrabbit.core.XASessionImpl.logout(XASessionImpl.java:399) ~[jackrabbit-core-2.16.2-h2.jar:2.16.2-h2][INFO] [talledLocalContainer]  at org.hippoecm.repository.jackrabbit.XASessionImpl.logout(XASessionImpl.java:170) ~[hippo-repository-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.repository.decorating.SessionDecorator.logout(SessionDecorator.java:292) ~[hippo-repository-connector-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.repository.impl.SessionDecorator.logout(SessionDecorator.java:331) ~[hippo-repository-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.session.PluginUserSession.resetFallbackSession(PluginUserSession.java:563) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.session.PluginUserSession.onInvalidate(PluginUserSession.java:472) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.apache.wicket.session.HttpSessionStore$SessionBindingListener.valueUnbound(HttpSessionStore.java:471) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1819) ~[catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.session.StandardSession.expire(StandardSession.java:879) ~[catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.session.StandardSession.expire(StandardSession.java:766) ~[catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1266) ~[catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:171) ~[catalina.jar:8.5.31][INFO] [talledLocalContainer]  at org.apache.wicket.session.HttpSessionStore.invalidate(HttpSessionStore.java:188) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Session.destroy(Session.java:526) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.apache.wicket.Session.invalidateNow(Session.java:540) ~[wicket-core-6.29.0.jar:6.29.0][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.LoginPanel.login(LoginPanel.java:98) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.SimpleLoginPlugin$CaptchaForm.login(SimpleLoginPlugin.java:80) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  at org.hippoecm.frontend.plugins.login.LoginPanel$LoginForm.onSubmit(LoginPanel.java:273) ~[hippo-cms-engine-5.5.1-SNAPSHOT.jar:5.5.1-SNAPSHOT][INFO] [talledLocalContainer]  ... 42 more

      Attachments

        Issue Links

          is cloned by

          Bug - A problem which impairs or prevents the functions of the product. CMS-11440 [Backport 12.4] Error level stacktrace on login with incorrect password

          • Top - Should be worked on at this time and be top on the list, required for next intermediate release
          • Closed

          Activity

            People

              Unassigned Unassigned
              abanck Arent-Jan Banck (Inactive)
              Hippo Helpdesk Hippo Helpdesk
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: