Details
-
Bug
-
Resolution: Fixed
-
Highest
-
5.4, 5.3.4
-
None
Description
Since Confluence 5.4 we are getting this stacktrace in the log when trying to load an image from the current Confluence instance in our Scroll Exporters:
2013-12-16 10:36:21,251 ERROR [http-1990-7] [[Standalone].[localhost].[/confluence].[noop]] log Servlet.service() for servlet noop threw exception java.lang.UnsupportedOperationException: Not implemented at com.atlassian.security.auth.trustedapps.DefaultCurrentApplication.verifySignature(DefaultCurrentApplication.java:66) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationFilterAuthenticator.authenticate(TrustedApplicationFilterAuthenticator.java:165) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.authenticate(TrustedApplicationsFilter.java:115) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:97) <cut off here> 2013-12-16 10:36:21,253 INFO [http-1990-7] [atlassian.confluence.status.SystemErrorInformationLogger] writeToLog Request Unique ID : e30493f1-07ff-4f95-9957-87726e4c3c6c -------------------------- JVM Stats -------------------------- allocatedHeap = 581435392 availablePermGen = 324870256 usedMemory = 361487816 totalMemory = 581435392 freeMemory = 219947576 maxPermGen = 536870912 usedPermGen = 212000656 freeMemoryInMegabytes = 209 freeAllocatedHeap = 219947576 availableHeap = 1508516408 usedMemoryInMegabytes = 344 maxHeap = 1870004224 usedHeap = 361487816 totalMemoryInMegabytes = 554 -------------------------- Request Information -------------------------- URL: http://localhost:1990/confluence/500page.jsp Scheme: http Server: localhost Port: 1990 URI: /confluence/500page.jsp Context Path: /confluence Servlet Path: /500page.jsp Path Info: null Query String: null -------------------------- Attributes -------------------------- javax.servlet.forward.request_uri: /confluence/s/en_GB-1988229788/4726/ae47f2be84292af5a42aed58ebcd4cb49e436f6e.1/_/images/icons/profilepics/default.png javax.servlet.forward.context_path: /confluence javax.servlet.forward.servlet_path: /s javax.servlet.forward.path_info: /500page.jsp os_securityfilter_already_filtered: true atlassian.core.seraph.original.url: /500page.jsp javax.servlet.error.status_code: 500 javax.servlet.error.servlet_name: noop com.atlassian.gzipfilter.GzipFilter_already_filtered: true loginfilter.already.filtered: true Confluence-Request-Time: 1387186581247 javax.servlet.error.message: com.opensymphony.sitemesh.APPLIED_ONCE: true com.atlassian.core.filters.HeaderSanitisingFilter_already_filtered: true __cleanup_recursion_counter: 0 com.atlassian.confluence.web.filter.validateparam.RequestParamValidationFilter_already_filtered: true javax.servlet.error.exception: java.lang.UnsupportedOperationException: Not implemented javax.servlet.error.request_uri: /confluence/s/en_GB-1988229788/4726/ae47f2be84292af5a42aed58ebcd4cb49e436f6e.1/_/images/icons/profilepics/default.png -------------------------- Parameters -------------------------- caused by: java.lang.UnsupportedOperationException: Not implemented at com.atlassian.security.auth.trustedapps.DefaultCurrentApplication.verifySignature(DefaultCurrentApplication.java:66)
For our Scroll Exporters we are using the Trusted Applications infrastructure to authenticate our image loading requests with a trusted apps token. That's the only way for us to export image effects since those are added on the fly by a servlet filter.
I guess the method not being implemented will break any other attempt to access the current instance using a trusted apps token as well.