Details
-
Bug
-
Resolution: Fixed
-
Low
-
2.7
-
None
Description
When a local JIRA user authenticates from FishEye to JIRA, the following response is returned from JIRA:
2013-12-07 22:57:50,898 DEBUG [qtp16566588-223 ] httpclient.wire.content Wire-wire - << "<user expand="attributes" name="jira.test"><link href="http://jira.acme.com/rest/usermanagement/1/user?username=jira.test" rel="self"/><first-name>Jira</first-name><last-name>Test</last-name><display-name>Jira Test</display-name><email>jira.test@acme.com</email><password><link href="http://jira.acme.com/rest/usermanagement/1/user/password?username=jira.test" rel="edit"/></password><key>1:acd45554-6bef-4231-9ec5-ebdcbb299a43</key><active>true</active><attributes><link href="http://jira.acme.com/rest/usermanagement/1/user/attribute?username=jira.test" rel="self"/></attributes></user>"
However when the user configures JIRA to use LDAP to store users, the following (invalid) response is returned:
2013-12-07 22:41:53,581 DEBUG [qtp16566588-196 ] httpclient.wire.content Wire-wire - << "<user expand="attributes" name="jira.test"><link href="http://jira.acme.com/rest/usermanagement/1/user?username=jira.test" rel="self"/><first-name>Jira</first-name><last-name>Test</last-name><display-name>Jira Test</display-name><email>jira.test@acme.com</email><password><link href="http://jira.acme.com/rest/usermanagement/1/user/password?username=jira.test" rel="edit"/></password><key>10100:[0xe][0x6]c[0xef][0xbf][0xbd]&IYK[0xef][0xbf][0xbd]Fn[0xef][0xbf][0xbd][0xef][0xbf][0xbd]e[0xef][0xbf][0xbd][0xef][0xbf][0xbd]</key><active>true</active><attributes><link href="http://jira.acme.com/rest/usermanagement/1/user/attribute?username=jira.test" rel="self"/></attributes></user>"
Which causes FishEye to barf when trying to parse the XML:
An invalid XML character (Unicode: 0xe) was found in the element content of the document.]
2013-12-07 22:41:53,581 ERROR [qtp16566588-196 ] fisheye DefaultUserManager-getOrImportUser - Could not authenticate user "jira.test" com.cenqua.fisheye.user.AuthenticationException: Problem communicating with Crowd at com.cenqua.fisheye.user.crowd.CrowdAuth.authenticate(CrowdAuth.java:261) at com.cenqua.fisheye.user.DefaultUserManager.getOrImportUser(DefaultUserManager.java:611) at com.cenqua.fisheye.user.DefaultUserManager.loginWithSanitizedUserName(DefaultUserManager.java:428) at com.cenqua.fisheye.user.DefaultUserManager.login(DefaultUserManager.java:402) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:196) at com.sun.proxy.$Proxy44.login(Unknown Source) at com.cenqua.fisheye.web.LoginServlet.login(LoginServlet.java:115) at com.cenqua.fisheye.web.LoginServlet.doLogin(LoginServlet.java:74) at com.cenqua.fisheye.web.LoginServlet.doGet(LoginServlet.java:60) [....] - with linked exception: [org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 460; An invalid XML character (Unicode: 0xe) was found in the element content of the document.] at javax.xml.bind.JAXB.unmarshal(JAXB.java:226) at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:349) at com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateUser(RestCrowdClient.java:115) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:235) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:225)
The invalid XML appears to be:
<key>10100:[0xe][0x6]c[0xef][0xbf][0xbd]&IYK[0xef][0xbf][0xbd]Fn[0xef][0xbf][0xbd][0xef][0xbf][0xbd]e[0xef][0xbf][0xbd][0xef][0xbf][0xbd]</key>
This element, when using local user storage in JIRA, is:
<key>1:acd45554-6bef-4231-9ec5-ebdcbb299a43</key>
Attachments
Issue Links
- causes
-
CWD-3935 Directory sync after upgrade from 2.7.1 to 2.7.2 results in delete+add of users instead of update if externalId contains XML unsafe characters
- Closed
-
CWD-3864 User renames are often not detected in Novell eDirectory because Crowd does not handle arbitrary attribute values
- Long Term Backlog
- is cloned from
-
JRASERVER-36220 JIRA Connecting to Open LDAP which proxies to Active Directory Returns Invalid XML Document When an Embedded Crowd Auth Request Is Made
- Closed
- relates to
-
CWD-3740 Directory syncronisation fails due to user's full name contain invalid character
- Short Term Backlog
- was cloned as
-
BSERV-4497 Stash connected to JIRA or Crowd results in an invalid XML character
- Closed