Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AC Debugger throwing an error instead of logging the exception #50

Open
Kjames5269 opened this issue Dec 24, 2018 · 1 comment
Open

AC Debugger throwing an error instead of logging the exception #50

Kjames5269 opened this issue Dec 24, 2018 · 1 comment

Comments

@Kjames5269
Copy link

Description

Running the AC Debugger with the following flags: -c -r -w

AC Debugger: =======================================================================
AC Debugger: AN ERROR OCCURRED WHILE ATTEMPTING TO ANALYZE THE SECURITY EXCEPTION,
AC Debugger: A DOMAIN IN THE CURRENT ACCESS CONTROL CONTEXT (INDEX: 1) CANNOT
AC Debugger: BE CORRELATED TO ONE COMPUTED FROM THE STACK (INDEX: 1)
AC Debugger: PLEASE REPORT AN ISSUE WITH THE FOLLOWING INFORMATION AND INSTRUCTIONS
AC Debugger: ON HOW TO REPRODUCE IT
AC Debugger: =======================================================================
AC Debugger: PERMISSION:
AC Debugger:     java.io.FilePermission "${ddf.home.perm}etc${/}ws-security${/}server${/}signature.properties", "read"
AC Debugger: LOCAL 'i' VARIABLE: 14
AC Debugger: CURRENT DOMAIN: security-servlet-session-expiry >instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32708)>
AC Debugger: ACCESS CONTROL CONTEXT:
AC Debugger:   org.eclipse.jetty.util <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32694)>
AC Debugger:   org.ops4j.pax.web.pax-web-jetty <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32695)>
AC Debugger:   org.ops4j.pax.web.pax-web-runtime <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32696)>
AC Debugger:   org.ops4j.pax.web.pax-web-extender-war <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32697)>
AC Debugger:   bundle-0 <instance of java.security.ProtectionDomain(id=32698)>
AC Debugger:   bundle-0 <instance of java.security.ProtectionDomain(id=32699)>
AC Debugger:   security-core-api <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32700)>
AC Debugger:   security-core-api <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32701)>
AC Debugger:   security-sts-realm <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32702)>
AC Debugger:   com.google.guava <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32703)>
AC Debugger:   org.apache.shiro.core <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32704)>
AC Debugger:   bundle-0 <instance of java.security.ProtectionDomain(id=32705)>
AC Debugger:   security-core-services <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32706)>
AC Debugger:   session-management-impl <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32707)>
AC Debugger:   *security-servlet-session-expiry <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32708)>
AC Debugger:   org.apache.cxf.cxf-core <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32709)>
AC Debugger:   org.apache.cxf.cxf-rt-frontend-jaxrs <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32710)>
AC Debugger:   org.apache.cxf.cxf-rt-transports-http <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32711)>
AC Debugger:   javax.servlet-api <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32712)>
AC Debugger:   org.eclipse.jetty.servlet <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32713)>
AC Debugger:   platform-paxweb-jettyconfig <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32714)>
AC Debugger:   org.eclipse.jetty.websocket.server <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32715)>
AC Debugger:   org.eclipse.jetty.server <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32716)>
AC Debugger:   org.eclipse.jetty.security <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32717)>
AC Debugger:   org.eclipse.jetty.io <instance of org.eclipse.osgi.internal.loader.ModuleClassLoader$GenerationProtectionDomain(id=32718)>
AC Debugger: COMPUTED CONTEXT:
AC Debugger:   bundle-0
AC Debugger:   security-core-api
AC Debugger:   security-sts-realm
AC Debugger:   com.google.guava
AC Debugger:   org.apache.shiro.core
AC Debugger:   security-core-services
AC Debugger:   session-management-impl
AC Debugger:   *security-servlet-session-expiry
AC Debugger:   org.apache.cxf.cxf-core
AC Debugger:   org.apache.cxf.cxf-rt-frontend-jaxrs
AC Debugger:   org.apache.cxf.cxf-rt-transports-http
AC Debugger:   javax.servlet-api
AC Debugger:   org.eclipse.jetty.servlet
AC Debugger:   platform-paxweb-jettyconfig
AC Debugger:   org.eclipse.jetty.websocket.server
AC Debugger:   org.ops4j.pax.web.pax-web-jetty
AC Debugger:   org.eclipse.jetty.server
AC Debugger:   org.eclipse.jetty.security
AC Debugger:   org.eclipse.jetty.io
AC Debugger:   org.eclipse.jetty.util
AC Debugger: STACK:
AC Debugger:   at bundle-0(java.security.AccessControlContext:472) <instance of java.security.AccessControlContext(id=32690)>
AC Debugger:   at bundle-0(java.security.AccessController:884) <class of java.security.AccessController>
AC Debugger:   at bundle-0(java.lang.SecurityManager:549) <instance of net.sourceforge.prograde.sm.ProGradeJSM(id=33025)>
AC Debugger:   at bundle-0(java.lang.SecurityManager:888) <instance of net.sourceforge.prograde.sm.ProGradeJSM(id=33025)>
AC Debugger:   at bundle-0(java.io.File:814) <instance of java.io.File(id=33027)>
AC Debugger:   at security-core-api(org.codice.ddf.platform.util.properties.PropertiesLoader:234) <class of org.codice.ddf.platform.util.properties.PropertiesLoader>
AC Debugger:   at security-core-api(org.codice.ddf.platform.util.properties.PropertiesLoader$$Lambda$1123.208141702.apply(java.lang.Object, java.lang.Object)+8) <instance of org.codice.ddf.platform.util.properties.PropertiesLoader$$Lambda$1123.208141702(id=33028)>
AC Debugger:   at security-core-api(org.codice.ddf.platform.util.properties.PropertiesLoader:138) <instance of org.codice.ddf.platform.util.properties.PropertiesLoader(id=33029)>
AC Debugger:   at security-core-api(ddf.security.PropertiesLoader:47) <class of ddf.security.PropertiesLoader>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm:318) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm:382) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm:250) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm$$Lambda$1627.1264017369.call()+12) <instance of ddf.security.realm.sts.AbstractStsRealm$$Lambda$1627.1264017369(id=33031)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$LocalManualCache$1:4904) <instance of com.google.common.cache.LocalCache$LocalManualCache$1(id=33032)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$LoadingValueReference:3628) <instance of com.google.common.cache.LocalCache$LoadingValueReference(id=33033)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$Segment:2336) <instance of com.google.common.cache.LocalCache$Segment(id=33034)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$Segment:2295) <instance of com.google.common.cache.LocalCache$Segment(id=33034)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$Segment:2208) <instance of com.google.common.cache.LocalCache$Segment(id=33034)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache:4053) <instance of com.google.common.cache.LocalCache(id=33035)>
AC Debugger:   at com.google.guava(com.google.common.cache.LocalCache$LocalManualCache:4899) <instance of com.google.common.cache.LocalCache$LocalManualCache(id=33036)>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm:245) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at security-sts-realm(ddf.security.realm.sts.AbstractStsRealm:174) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at org.apache.shiro.core(org.apache.shiro.realm.AuthenticatingRealm:571) <instance of ddf.security.realm.sts.StsRealm(id=33030)>
AC Debugger:   at bundle-0(Proxy9cd4f7ee_6888_435f_a3a8_2334d41d480e.getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)+58) <instance of Proxy9cd4f7ee_6888_435f_a3a8_2334d41d480e(id=33037)>
AC Debugger:   at org.apache.shiro.core(org.apache.shiro.authc.pam.ModularRealmAuthenticator:219) <instance of org.apache.shiro.authc.pam.ModularRealmAuthenticator(id=33039)>
AC Debugger:   at org.apache.shiro.core(org.apache.shiro.authc.pam.ModularRealmAuthenticator:269) <instance of org.apache.shiro.authc.pam.ModularRealmAuthenticator(id=33039)>
AC Debugger:   at org.apache.shiro.core(org.apache.shiro.authc.AbstractAuthenticator:198) <instance of org.apache.shiro.authc.pam.ModularRealmAuthenticator(id=33039)>
AC Debugger:   at org.apache.shiro.core(org.apache.shiro.mgt.AuthenticatingSecurityManager:106) <instance of org.apache.shiro.mgt.DefaultSecurityManager(id=33040)>
AC Debugger:   at security-core-services(ddf.security.service.impl.SecurityManagerImpl:95) <instance of ddf.security.service.impl.SecurityManagerImpl(id=33041)>
AC Debugger:   at security-core-services(ddf.security.service.impl.SecurityManagerImpl:72) <instance of ddf.security.service.impl.SecurityManagerImpl(id=33041)>
AC Debugger:   at bundle-0(Proxyead7e43a_d2bc_4c97_9087_b9a0c4bc39cc.getSubject(java.lang.Object)+58) <instance of Proxyead7e43a_d2bc_4c97_9087_b9a0c4bc39cc(id=33042)>
AC Debugger:   at session-management-impl(org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl:118) <instance of org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl(id=33043)>
AC Debugger:   at session-management-impl(org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl:75) <instance of org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl(id=33043)>
AC Debugger:   at session-management-impl(org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl$$Lambda$1626.1713190353.accept(java.lang.Object)+20) <instance of org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl$$Lambda$1626.1713190353(id=33044)>
AC Debugger:   at bundle-0(java.util.concurrent.ConcurrentHashMap$KeySetView:4649) <instance of java.util.concurrent.ConcurrentHashMap$KeySetView(id=33045)>
AC Debugger:   at bundle-0(java.util.Collections$UnmodifiableCollection:1080) <instance of java.util.Collections$UnmodifiableSet(id=33047)>
AC Debugger:   at session-management-impl(org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl:72) <instance of org.codice.ddf.security.session.management.impl.SessionManagementServiceImpl(id=33043)>
AC Debugger:   at bundle-0(Proxy69654c2d_f470_447b_a512_580fd27869b0.getRenewal(javax.servlet.http.HttpServletRequest)+58) <instance of Proxy69654c2d_f470_447b_a512_580fd27869b0(id=33049)>
AC Debugger:   at *security-servlet-session-expiry(org.codice.ddf.security.servlet.expiry.SessionManagementEndpoint:43) <instance of org.codice.ddf.security.servlet.expiry.SessionManagementEndpoint(id=33050)>
AC Debugger:   at bundle-0(sun.reflect.NativeMethodAccessorImpl.invoke0(java.lang.reflect.Method, java.lang.Object, java.lang.Object[])+-1) <class of sun.reflect.NativeMethodAccessorImpl>
AC Debugger:   at bundle-0(sun.reflect.NativeMethodAccessorImpl:62) <instance of sun.reflect.NativeMethodAccessorImpl(id=33052)>
AC Debugger:   at bundle-0(sun.reflect.DelegatingMethodAccessorImpl:43) <instance of sun.reflect.DelegatingMethodAccessorImpl(id=33054)>
AC Debugger:   at bundle-0(java.lang.reflect.Method:498) <instance of java.lang.reflect.Method(id=33055)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.service.invoker.AbstractInvoker:179) <instance of org.apache.cxf.jaxrs.JAXRSInvoker(id=33056)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.service.invoker.AbstractInvoker:96) <instance of org.apache.cxf.jaxrs.JAXRSInvoker(id=33056)>
AC Debugger:   at org.apache.cxf.cxf-rt-frontend-jaxrs(org.apache.cxf.jaxrs.JAXRSInvoker:193) <instance of org.apache.cxf.jaxrs.JAXRSInvoker(id=33056)>
AC Debugger:   at org.apache.cxf.cxf-rt-frontend-jaxrs(org.apache.cxf.jaxrs.JAXRSInvoker:103) <instance of org.apache.cxf.jaxrs.JAXRSInvoker(id=33056)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.interceptor.ServiceInvokerInterceptor$1:59) <instance of org.apache.cxf.interceptor.ServiceInvokerInterceptor$1(id=33057)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.interceptor.ServiceInvokerInterceptor:96) <instance of org.apache.cxf.interceptor.ServiceInvokerInterceptor(id=33058)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.phase.PhaseInterceptorChain:308) <instance of org.apache.cxf.phase.PhaseInterceptorChain(id=33059)>
AC Debugger:   at org.apache.cxf.cxf-core(org.apache.cxf.transport.ChainInitiationObserver:121) <instance of org.apache.cxf.transport.ChainInitiationObserver(id=33060)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.http.AbstractHTTPDestination:267) <instance of org.apache.cxf.transport.servlet.ServletDestination(id=33061)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.ServletController:234) <instance of org.apache.cxf.transport.servlet.ServletController(id=33062)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.ServletController:208) <instance of org.apache.cxf.transport.servlet.ServletController(id=33062)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.ServletController:160) <instance of org.apache.cxf.transport.servlet.ServletController(id=33062)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.CXFNonSpringServlet:216) <instance of org.apache.cxf.transport.servlet.CXFNonSpringServlet(id=33063)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.AbstractHTTPServlet:301) <instance of org.apache.cxf.transport.servlet.CXFNonSpringServlet(id=33063)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.AbstractHTTPServlet:225) <instance of org.apache.cxf.transport.servlet.CXFNonSpringServlet(id=33063)>
AC Debugger:   at javax.servlet-api(javax.servlet.http.HttpServlet:687) <instance of org.apache.cxf.transport.servlet.CXFNonSpringServlet(id=33063)>
AC Debugger:   at org.apache.cxf.cxf-rt-transports-http(org.apache.cxf.transport.servlet.AbstractHTTPServlet:276) <instance of org.apache.cxf.transport.servlet.CXFNonSpringServlet(id=33063)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHolder:865) <instance of org.eclipse.jetty.servlet.ServletHolder(id=33064)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1655) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33065)>
AC Debugger:   at platform-paxweb-jettyconfig(org.codice.ddf.pax.web.jetty.SecurityJavaSubjectFilter:60) <instance of org.codice.ddf.pax.web.jetty.SecurityJavaSubjectFilter(id=33066)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1642) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33067)>
AC Debugger:   at platform-paxweb-jettyconfig(org.codice.ddf.pax.web.jetty.ResponseFilter:96) <instance of org.codice.ddf.pax.web.jetty.ResponseFilter(id=33068)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1642) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33069)>
AC Debugger:   at platform-paxweb-jettyconfig(org.codice.ddf.pax.web.jetty.CsrfFilter:181) <instance of org.codice.ddf.pax.web.jetty.CsrfFilter(id=33070)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1642) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33071)>
AC Debugger:   at platform-paxweb-jettyconfig(org.codice.ddf.pax.web.jetty.ClientInfoFilter:72) <instance of org.codice.ddf.pax.web.jetty.ClientInfoFilter(id=33072)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1642) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33073)>
AC Debugger:   at org.eclipse.jetty.websocket.server(org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter:215) <instance of org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter(id=33074)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler$CachedChain:1642) <instance of org.eclipse.jetty.servlet.ServletHandler$CachedChain(id=33075)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler:533) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler(id=33076)>
AC Debugger:   at org.ops4j.pax.web.pax-web-jetty(org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler:71) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler(id=33076)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:146) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler(id=33076)>
AC Debugger:   at org.eclipse.jetty.security(org.eclipse.jetty.security.SecurityHandler:513) <instance of org.eclipse.jetty.security.ConstraintSecurityHandler(id=33077)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.HandlerWrapper:132) <instance of org.eclipse.jetty.server.session.SessionHandler(id=33078)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:257) <instance of org.eclipse.jetty.server.session.SessionHandler(id=33078)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.session.SessionHandler:1595) <instance of org.eclipse.jetty.server.session.SessionHandler(id=33078)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:255) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ContextHandler:1317) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.ops4j.pax.web.pax-web-jetty(org.ops4j.pax.web.service.jetty.internal.HttpServiceContext:293) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:203) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler(id=33076)>
AC Debugger:   at org.eclipse.jetty.servlet(org.eclipse.jetty.servlet.ServletHandler:473) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler(id=33076)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.session.SessionHandler:1564) <instance of org.eclipse.jetty.server.session.SessionHandler(id=33078)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:201) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ContextHandler:1219) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.ScopedHandler:144) <instance of org.ops4j.pax.web.service.jetty.internal.HttpServiceContext(id=33079)>
AC Debugger:   at org.ops4j.pax.web.pax-web-jetty(org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection:80) <instance of org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection(id=33080)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.handler.HandlerWrapper:132) <instance of org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper(id=33081)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.Server:531) <instance of org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper(id=33081)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.HttpChannel:352) <instance of org.eclipse.jetty.server.HttpChannelOverHttp(id=33082)>
AC Debugger:   at org.eclipse.jetty.server(org.eclipse.jetty.server.HttpConnection:260) <instance of org.eclipse.jetty.server.HttpConnection(id=33083)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.AbstractConnection$ReadCallback:281) <instance of org.eclipse.jetty.io.AbstractConnection$ReadCallback(id=33084)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.FillInterest:102) <instance of org.eclipse.jetty.io.AbstractEndPoint$1(id=33085)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.ssl.SslConnection:291) <instance of org.eclipse.jetty.io.ssl.SslConnection(id=33086)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.ssl.SslConnection$3:151) <instance of org.eclipse.jetty.io.ssl.SslConnection$3(id=33087)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.FillInterest:102) <instance of org.eclipse.jetty.io.AbstractEndPoint$1(id=33088)>
AC Debugger:   at org.eclipse.jetty.io(org.eclipse.jetty.io.ChannelEndPoint$2:118) <instance of org.eclipse.jetty.io.ChannelEndPoint$2(id=33089)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.strategy.EatWhatYouKill:333) <instance of org.eclipse.jetty.util.thread.strategy.EatWhatYouKill(id=33090)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.strategy.EatWhatYouKill:310) <instance of org.eclipse.jetty.util.thread.strategy.EatWhatYouKill(id=33090)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.strategy.EatWhatYouKill:168) <instance of org.eclipse.jetty.util.thread.strategy.EatWhatYouKill(id=33090)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.strategy.EatWhatYouKill:126) <instance of org.eclipse.jetty.util.thread.strategy.EatWhatYouKill(id=33090)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread:366) <instance of org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread(id=33091)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.QueuedThreadPool:762) <instance of org.eclipse.jetty.util.thread.QueuedThreadPool(id=33092)>
AC Debugger:   at org.eclipse.jetty.util(org.eclipse.jetty.util.thread.QueuedThreadPool$2:680) <instance of org.eclipse.jetty.util.thread.QueuedThreadPool$2(id=33093)>
AC Debugger:   at bundle-0(java.lang.Thread:748) <instance of java.lang.Thread(name='qtp91134330-515', id=32544)>
AC Debugger: =======================================================================
Exception in thread "pool-2-thread-2" java.lang.InternalError: unable to correlate a domain in the access control context with those computed from the stack : security-core-api
	at org.codice.acdebugger.breakpoints.SecurityCheckInformation.getNextContextDomainIndexNotComputedFromStack(SecurityCheckInformation.java:445)
	at org.codice.acdebugger.breakpoints.SecurityCheckInformation.recomputeFromContext(SecurityCheckInformation.java:455)
	at org.codice.acdebugger.breakpoints.SecurityCheckInformation.recompute(SecurityCheckInformation.java:376)
	at org.codice.acdebugger.breakpoints.SecurityCheckInformation.<init>(SecurityCheckInformation.java:136)
	at org.codice.acdebugger.breakpoints.AccessControlContextCheckProcessor.process(AccessControlContextCheckProcessor.java:117)
	at org.codice.acdebugger.breakpoints.AccessControlContextCheckProcessor.process(AccessControlContextCheckProcessor.java:72)
	at org.codice.acdebugger.impl.BreakpointInfo.process(BreakpointInfo.java:49)
	at org.codice.acdebugger.impl.Debugger$EventSetThread.run(Debugger.java:400)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

Steps to Reproduce

https://codice.atlassian.net/browse/DDF-4416

Expected behavior:

An access control exception to be logged

Actual behavior:

AC Debugger throws a warning

Reproduces how often:

100% of the time

Version

1.8-SNAPSHOT

Additional Information

Any additional information, configuration or data that might be necessary
to reproduce the issue.
@paouelle
Copy link
Collaborator

paouelle commented Jan 8, 2019

The first 6 domains in the access control context comes from the inherited access control context (ACC) on line AccessControlContext.java:572. The rest are from the stack.

The current ACD implementation assumed that combined domains could only appear after all stack domains but that is not the case.

An ACC may have a privileged ACC, if not than the inherited one is retrieved.
If that ACC has a combiner, then it is used and we cannot tell how the domain list can get re-organized. Most will add them after stack domains. But a combiner can change the whole thing by adding and/or removing entries if they want.

If no combiner is associated with the privileged ACC (or inherited ACC), then its domains if any are placed first, followed by stack domains which can be optimized (entries removed if they were already added before).

The implementation should be modified such that we get the pure set of stack domains and if we can find that exact list as is (assuming that entries can be skipped if they were already defined before), then that would be our start of stack domain index. Anything before is assumed to be combined and anything after is also assumed to be combined (as we are doing today). We should keep track of each entry in the computed list if it corresponds to a stack entry as only those can have privileges extended.

Further more, there is a miss-conception that when we are computing solutions and analyzing them, we loose all combined domains when in fact there is no guaranty. We should think about recomputing an actual ACC and recompute the whole thing from there by cleaning the retrieved stack list of domains. This definitely requires a bit more work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paouelle @Kjames5269