Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-108

Improve error messages returned to client when Trusted Application requests are invalid

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Medium
    • 0.35
    • 0.34
    • None
    • true

    Description

      Currently, if a Trusted Application request fails validation for any reason, a generic "Invalid Certificate" error is returned to the client. This is extremely unhelpful in diagnosing the problem.

      Proposing the following improvements:

      Failure Current Message to client Proposed message to client Current JIRA Log
      Application is not a Trusted Application Unrecognized application: appId Unrecognized/Unauthorized application: appId ???
      Application Public Key does not correctly decrypt public key* Invalid certificate Public Key does not match registered key for application: appId [atlassian.seraph.filter.TrustedApplicationsFilter] Failed to login trusted application: me due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException: me cause: java.lang.NumberFormatException: For input string: "k??D?[?4??2?,??A??<"
      Request Secret Key does not correctly decrypt certificate** Invalid certificate Error decrypting request, please see logs for details [atlassian.seraph.filter.TrustedApplicationsFilter] Failed to login trusted application: me due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException: me cause: java.lang.NumberFormatException: For input string: "?[???%<????_}"
      Request IP Address does not match allowed IP addresses Invalid Certificate Trusted Application request not allowed from IP address: 192.168.0.132 [atlassian.seraph.filter.TrustedApplicationsFilter] Failed to login trusted application: me due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException: me cause: com.atlassian.security.auth.trustedapps.InvalidRemoteAddressException: 192.168.0.132
      Request X-Forwarded-For Address does not match allowed IP addresses Invalid Certificate Trusted Application request not allowed from X-Forwarded-For IP address: 192.168.0.132 [atlassian.seraph.filter.TrustedApplicationsFilter] Failed to login trusted application: me due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException: me cause: com.atlassian.security.auth.trustedapps.InvalidRemoteAddressException: 192.168.0.132
      Request to unauthorised URL Invalid Certificate Trusted Application request not allowed to access URL: /jira/secure/DeleteProject.jspa [atlassian.seraph.filter.TrustedApplicationsFilter] Failed to login trusted application: me due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException: me cause: com.atlassian.security.auth.trustedapps.InvalidRequestUrlException: /jira/secure/DeleteProject.jspa?id=10001

      Attachments

        Activity

          People

            jed Jed Wesley-Smith (Inactive)
            jed Jed Wesley-Smith (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              16 years, 14 weeks, 3 days ago