Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.9.2
-
None
Description
Steps to reproduce.
1) Install confluence 2.9.2 and crucible 1.6.5
2) Setup trusted apps to crucible (specify a "IP address Matches as 10.0.100.123)
3) Install the confluence crucible plugin https://maven.atlassian.com/contrib/com/atlassian/confluence/plugins/crucible/confluence-crucible-plugin/1.6/confluence-crucible-plugin-1.6.jar via the admin > plugins
4) In crucible create a confluence repository (via the plugin in crucible)
5) Try and create a review using the confluence repository, you will get the following:
Failed to create input stream: Server returned HTTP response code: 500 for URL: http://localhost:8080/rpc/xmlrpc
Looking at the confluence logs, you see
2008-12-16 16:28:15,937 ERROR [http-8080-Processor6] [[Standalone].[localhost].[/].[xmlrpc]] invoke Servlet.service() for servlet xmlrpc threw exception java.lang.ClassCastException: com.atlassian.confluence.security.trust.TrustedApplicationIpRestriction at com.atlassian.security.auth.trustedapps.DefaultIPMatcher.<init>(DefaultIPMatcher.java:66) at com.atlassian.confluence.security.trust.seraph.SeraphTrustedApplicationIntegration.getIpMatcher(SeraphTrustedApplicationIntegration.java:42) at com.atlassian.confluence.security.trust.seraph.SeraphTrustedApplicationIntegration.getTrustedApplication(SeraphTrustedApplicationIntegration.java:25) at sun.reflect.GeneratedMethodAccessor453.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:304) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy63.getTrustedApplication(Unknown Source) at com.atlassian.seraph.filter.TrustedApplicationsFilter$AuthenticatorImpl.authenticate(TrustedApplicationsFilter.java:441) at com.atlassian.seraph.filter.TrustedApplicationsFilter.authenticate(TrustedApplicationsFilter.java:133) at com.atlassian.seraph.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:110) at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:28) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:35) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:94) at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:64) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) at java.lang.Thread.run(Thread.java:595)
If you go back to Administration > Trusted Applications (within confluence) and remove the "IP Address Matches" and leave it blank, you cannot reproduce the issue.