Uploaded image for project: 'JIRA Software Server (including JIRA Agile)'
  1. JIRA Software Server (including JIRA Agile)
  2. JSWSERVER-11131

Anonymous Access Generates IllegalArgumentException: clauseValues is empty

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Low
    • Resolution: Support Request
    • Affects Version/s: 6.5.0
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Environment:

      JIRA v6.3.4

      Description

      When JIRA is configured to allow anonymous browsing of projects and then that "projects permission" is removed, PCs (eg devices being used for wallboards) that are continuing to attempt to access Agile gadgets and Reports will receive HTTP 500 errors, with the JIRA system log filling up with exceptions

      I'm guessing that this is a cookie persistence problem because the exceptions are easy to reproduce if one views (say) a burndown report and then log out and try the URL again. BUT... if you log out and then switch to a "new private window" before accessing the URL anonymously then there are no errors... simply a redirect to the JIRA login screen.

      For me, a single wallboard PC has generated 100 MBs of exceptions in the space of 24 hours (the exceptions also appear in atlassian-greenhopper.log).

      Access logs entries:

      xxx.xxx.xxx.xxx 443x269849x2 - [30/Aug/2014:07:23:37 +0100] "GET /rest/greenhopper/1.0/rapid/charts/scopechangeburndownchart.json?rapidViewId=13&sprintId=183&_=1409379817444 HTTP/1.1" 500 21330 35 "http://foo.bar.com/plugins/servlet/gadgets/ifr?container=atlassian&mid=15360&country=UK&lang=en&view=wallboard&st=atlassian%3A3efH767Smx14zetR5yidpibmo5EALNSM8nx%2FYjTDQXPVvnrXr3RmtJ33OSn%2BciYoiVlTOUX57B6gQy6OJDZbbXzWmUg4Q0yRqGM%2Bcofr4oHS31MkvoZbJNqM0Ho7ifbw1BxPxqTjeEFtHAR4RcB%2FVn6Bm56GO%2BdzMod0A0JSdVD846ax60usRu6%2FbsOP3PqQr84Tnx4Z0t%2B1lFO7h%2F2%2BaifF%2BEjEZMF%2Bf1w3NDFnDHomXhMUqFMVtooQqTXdifYBpPquTRkJ%2FOLs3xSeP%2FcinYIy5tk52sgGXFQtazGCIeG%2FdTBt&up_isConfigured=true&up_rapidViewId=13&up_showRapidViewName=false&up_sprintId=auto&up_showSprintName=true&up_refresh=60&url=http%3A%2F%2Ffoo.bar.com%2Frest%2Fgadgets%2F1.0%2Fg%2Fcom.pyxis.greenhopper.jira%3Agreenhopper-gadget-sprint-burndown%2Fgadgets%2Fgreenhopper-sprint-burndown.xml&libs=auth-refresh" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" "dbhm39"
      xxx.xxx.xxx.xxx 443x269848x2 - [30/Aug/2014:07:23:37 +0100] "GET /rest/greenhopper/1.0/gadgets/sprints/health?rapidViewId=13&sprintId=183&_=1409379817301 HTTP/1.1" 500 21464 197 "http://foo.bar.com/plugins/servlet/gadgets/ifr?container=atlassian&mid=15370&country=UK&lang=en&view=wallboard&st=atlassian%3AX6GJ7ftluWf89Lwmk5NJXnHByZ2fgxnOOl0b%2FS5pltrBUGYsbqtVvaEYIvj9XYAl6S24miwAmdmW6LWk1lCztOzSj1gHLHm2BBnAojwdL18FHUcd2i3bj63%2B7eFCqQueIcXDrgGkn5SwATy4ERJJENKzZ8gj8Q0AAwWTjitEtoeis0wNTVemEXMLao292wkxhmtRuza%2FaaI2DffaCXs5FvUkhCs%2B418ZdrvZe9waavO3S1OOFImCBeqBnlsO5sJXModElIeIsnMl4cWAB4%2BtGFWgxrok9mpAEQsq0AflpK9KqidY&up_isConfigured=true&up_rapidViewId=13&up_showRapidViewName=true&up_sprintId=auto&up_showSprintName=true&up_showAssignees=false&up_refresh=60&url=http%3A%2F%2Ffoo.bar.com%2Frest%2Fgadgets%2F1.0%2Fg%2Fcom.pyxis.greenhopper.jira%3Agreenhopper-gadget-sprint-health%2Fgadgets%2Fgreenhopper-sprint-health.xml&libs=auth-refresh" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" "dbhm39"
      

      Exception from atlassian-jira.log:

      2014-08-30 07:23:37,165 http-bio-8080-exec-539 ERROR anonymous 443x269848x2 dbhm39 172.30.17.200,127.0.0.1 /rest/greenhopper/1.0/gadgets/sprints/health [atlassian.greenhopper.gadget.SprintHealthResource] Unable to complete GreenHopper REST method 
      java.lang.IllegalArgumentException: clauseValues is empty
      	at com.atlassian.jira.util.dbc.Assertions.not(Assertions.java:186)
      	at com.atlassian.jira.jql.builder.DefaultJqlClauseBuilder.addStringCondition(DefaultJqlClauseBuilder.java:928)
      	at com.atlassian.jira.jql.builder.DefaultJqlClauseBuilder.issue(DefaultJqlClauseBuilder.java:595)
      	at com.atlassian.greenhopper.service.timetracking.TimeTrackingHistoryServiceImpl.getTimeTrackingHistory(TimeTrackingHistoryServiceImpl.java:44)
      	at com.atlassian.greenhopper.web.rapid.chart.SprintBurndownModelFactory.getScopeChangeModelDataForSprint(SprintBurndownModelFactory.java:225)
      	at com.atlassian.greenhopper.web.rapid.chart.SprintBurndownModelFactory.getScopeChangeBurndownModel(SprintBurndownModelFactory.java:140)
      	at com.atlassian.greenhopper.web.rapid.chart.SprintBurndownModelFactory.getScopeChangeBurndownModel(SprintBurndownModelFactory.java:129)
      	at com.atlassian.greenhopper.service.sprint.health.SprintHealthServiceImpl.collectSprintMetrics(SprintHealthServiceImpl.java:144)
      	at com.atlassian.greenhopper.service.sprint.health.SprintHealthServiceImpl.getSprintHealth(SprintHealthServiceImpl.java:93)
      	at com.atlassian.greenhopper.gadget.SprintHealthResource$1.call(SprintHealthResource.java:65)
      	at com.atlassian.greenhopper.gadget.SprintHealthResource$1.call(SprintHealthResource.java:58)
      	at com.atlassian.greenhopper.web.util.RestCall.response(RestCall.java:42)
      	at com.atlassian.greenhopper.web.AbstractResource.createResponse(AbstractResource.java:100)
      	at com.atlassian.greenhopper.web.AbstractResource.response(AbstractResource.java:81)
      	at com.atlassian.greenhopper.gadget.SprintHealthResource.getSprintHealth(SprintHealthResource.java:57)  <+2> (DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:483)  <+18> (DispatchProviderHelper.java:234) (DispatchProviderHelper.java:100) (DefaultMethodInvocation.java:61) (ExpandInterceptor.java:38) (DefaultMethodInvocation.java:61) (DispatchProviderHelper.java:132) (DispatchProviderHelper.java:230) (ResourceJavaMethodDispatcher.java:75) (HttpMethodRule.java:288) (ResourceClassRule.java:108) (RightHandPathRule.java:147) (RootResourceClassesRule.java:84) (WebApplicationImpl.java:1469) (WebApplicationImpl.java:1400) (WebApplicationImpl.java:1349) (WebApplicationImpl.java:1339) (WebComponent.java:416) (ServletContainer.java:537)
      	at com.atlassian.plugins.rest.module.RestDelegatingServletFilter$JerseyOsgiServletContainer.doFilter(RestDelegatingServletFilter.java:178)  <+1> (ServletContainer.java:795)
      	at com.atlassian.plugins.rest.module.RestDelegatingServletFilter.doFilter(RestDelegatingServletFilter.java:73)  <+16> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70) (RestServletUtilsUpdaterFilter.java:26) (RestServletUtilsUpdaterFilter.java:40) (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70) (ContextFilter.java:25) (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.mywork.client.filter.ServingRequestsFilter.doFilter(ServingRequestsFilter.java:37)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.plugins.cors.CorsFilter.doFilter(CorsFilter.java:65)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFixupFilter.doFilter(PrettyUrlsSiteMeshFixupFilter.java:36)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsDispatcherFilter.doFilter(PrettyUrlsDispatcherFilter.java:60)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFilter.doFilter(PrettyUrlsSiteMeshFilter.java:92)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsMatcherFilter.doFilter(PrettyUrlsMatcherFilter.java:56)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:36)  <+18> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (AccessLogFilter.java:103) (AccessLogFilter.java:87) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (XsrfTokenAdditionRequestFilter.java:54) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (ChainedFilterStepRunner.java:87) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:61)  <+22> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (SecurityFilter.java:237) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (TrustedApplicationsFilter.java:100) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (BaseLoginFilter.java:172) (JiraLoginFilter.java:70) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:70) (OAuthFilter.java:69) (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.plugins.rest.module.servlet.RestSeraphFilter.doFilter(RestSeraphFilter.java:40)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:61)  <+9> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (AbstractJohnsonFilter.java:71) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208)
      	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
      	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
      	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)  <+10> (UrlRewriteFilter.java:394) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (GzipFilter.java:88) (GzipFilter.java:59) (JiraGzipFilter.java:55) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:70)
      	at com.atlassian.analytics.client.filter.JiraAnalyticsFilter.doFilter(JiraAnalyticsFilter.java:41)  <+4> (AbstractHttpFilter.java:31) (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:61)  <+3> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:70)
      	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:202)
      	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:180)
      	at net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:85)
      	at net.bull.javamelody.JiraMonitoringFilter.doFilter(JiraMonitoringFilter.java:104)  <+41> (DelegatingPluginFilter.java:78) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (ChainedFilterStepRunner.java:87) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (AbstractCachingFilter.java:33) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (AbstractEncodingFilter.java:41) (AbstractHttpFilter.java:31) (PathMatchingEncodingFilter.java:45) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (JiraStartupChecklistFilter.java:79) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (MultipartBoundaryCheckFilter.java:41) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (ChainedFilterStepRunner.java:87) (JiraFirstFilter.java:60) (ApplicationFilterChain.java:241) (ApplicationFilterChain.java:208) (StandardWrapperValve.java:220) (StandardContextValve.java:122) (AuthenticatorBase.java:501) (StandardHostValve.java:171) (ErrorReportValve.java:103) (StandardEngineValve.java:116) (AccessLogValve.java:950) (RemoteIpValve.java:683) (CoyoteAdapter.java:408) (AbstractHttp11Processor.java:1070) (AbstractProtocol.java:611) (JIoEndpoint.java:316)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Last commented:
                  3 years, 50 weeks, 3 days ago