Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-20175

Cannot update Basic Auth Endpoint Details in APS Activiti App

    Details

    • Bug Priority:
      Category 2
    • ACT Numbers:

      00981768

    • Premier Customer:
      Yes

      Description

      Issue Summary

      Once the Basic Authentication details for endpoints are created successfully in the Identity Management -> Tenants -> Endpoints -> Basic Auths section, the details such as Name, Username & Password cannot be updated in the User Interface. Clicking on Save in "Edit Basic Auth configuration" dialog results in HTTP 500 error. Looks like it is related to Sprint Security library.

      Steps to reproduce

      1) Create a Basic auth endpoint in Identity Management -> Tenants -> Endpoints -> Basic Auths in Activiti App UI
      2) ENDPOINT_BASIC_AUTH database table has a new entry added for this endpoint.
      3) Update the endpoint details such as Name/Username/Password in the "Edit Basic Auth configuration" dialog and click Save.

      4) Details are not updated in the selected endpoint section. Also, checking the  ENDPOINT_BASIC_AUTH table it still has the old data.
      5) Check the browser console and it will report HTTP 500 error. Detailed error message is as below.

      HTTP Status 500 - The request was rejected because the URL was not normalized.
      type Exception report

      message The request was rejected because the URL was not normalized.
      description The server encountered an internal error that prevented it from fulfilling this request.
      exception

      org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL was not normalized.
      org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:123)
      org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:193)
      org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
      org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
      org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
      org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
      org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108)
      org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
      org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
      org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
      org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

      note The full stack trace of the root cause is available in the Apache Tomcat/8.0.36 logs.

      Expected behaviour
      Endpoint authentication details are updated in the UI and also in the ENDPOINT_BASIC_AUTH table

      Current behaviour
      Updating the endpoint authentication details fails in the UI and the details are not update in the DB table

      Workaround
      When using the REST API - http://localhost:8080/activiti-app/api-explorer.html#!/admin-endpoints/updateBasicAuthConfigurationUsingPUT the Basic Auth endpoint details can be updated without any issues.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                djohnson Doug Johnson
                Reporter:
                kmani Karthick Mani
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: