Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0046520Openbravo ERPA. Platformpublic2021-05-05 16:382021-05-17 10:14
Reportershuehner 
Assigned Toalostale 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionPR21Q3Fixed in VersionPR21Q3 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0046520: junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement)
DescriptionThis junit test fails when application is deployed on tomcat 9.x but only for the specific datasource AccountTreeMovement.
It shows 4 failures as four RoleTypes are tested for each dataSource.

Problem is the test triggering the following error on tomcat 9.x:
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Error parsing HTTP request header
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Steps To ReproduceDeploy application with tomcat 9.x
ant run.test -Dtest=org.openbravo.test.datasource.DataSourceSecurity

Check result*.xml file in src/ folder for the result of the test run
Proposed SolutionFix the invalid request target (values in url) to be valid.

Additional Information
TagsNo tags attached.
Relationships
depends on backport 0046567PR21Q1.2 closed alostale junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement) 
depends on backport 0046568PR20Q4.4 closed alostale junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement) 
depends on backport 0046579PR21Q2 closed alostale junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement) 
blocks design defect 0046518 closed Triage Platform Base Support Tomcat 9 
Attached Filesdiff tmp.diff (1,224) 2021-05-05 16:41
https://issues.openbravo.com/file_download.php?file_id=15652&type=bug
Issue History
Date ModifiedUsernameFieldChange
2021-05-05 16:38shuehnerNew Issue
2021-05-05 16:38shuehnerAssigned To => platform
2021-05-05 16:38shuehnerOBNetwork customer => No
2021-05-05 16:38shuehnerModules => Core
2021-05-05 16:38shuehnerTriggers an Emergency Pack => No
2021-05-05 16:40shuehnerNote Added: 0127835
2021-05-05 16:41shuehnerFile Added: tmp.diff
2021-05-05 16:42shuehnerNote Added: 0127836
2021-05-05 16:42shuehnerRelationship addedblocks 0046518
2021-05-05 16:43shuehnerTarget Version => PR21Q3
2021-05-07 08:11alostaleAssigned Toplatform => alostale
2021-05-07 08:11alostaleStatusnew => scheduled
2021-05-07 11:30alostaleRelationship addeddepends on 0046579
2021-05-11 10:36hgbotMerge Request Status => open
2021-05-11 10:36hgbotNote Added: 0127985
2021-05-17 10:14hgbotMerge Request Statusopen => approved
2021-05-17 10:14hgbotResolutionopen => fixed
2021-05-17 10:14hgbotStatusscheduled => closed
2021-05-17 10:14hgbotNote Added: 0128198
2021-05-17 10:14hgbotFixed in Version => PR21Q3
2021-05-17 10:14hgbotNote Added: 0128199

Notes
(0127835)
shuehner   
2021-05-05 16:40   
Problem can also be reproduced by directly using curl for the url:
http://localhost:8080/openbravo/org.openbravo.service.datasource/D2F94DC86DEC48D69E4BFCE59DC670CF?_skinVersion=Default&_create=true&Constants_FIELDSEPARATOR=$&_new=true&_contextUrl=http://localhost:8080/openbravo&Constants_IDENTIFIER=_identifier&_startRow=0&_endRow=200&referencedTableId=188&parentRecordId=56E65CF592BD4DAF8A8A879810646266&tabId=132&_selectedProperties=['searchKey','name','elementLevel','accountType','showValueCondition','summaryLevel']&@FinancialMgmtElement.client@=23C59575B9CF467C9620760EB255B389&@FinancialMgmtElement.id@=56E65CF592BD4DAF8A8A879810646266&@FinancialMgmtElement.organization@=B843C30461EA4501935CB1D125C9C25A&@FinancialMgmtElement.type@=A&@FinancialMgmtElementValue.organization@=B843C30461EA4501935CB1D125C9C25A&@FinancialMgmtElementValue.client@=23C59575B9CF467C9620760EB255B389&@FinancialMgmtElementValue.accountingElement@=56E65CF592BD4DAF8A8A879810646266&@FinancialMgmtElementValue.id@=A45B7570F9BE4A69A3BF53CFEBB29FC0&dropIndex=2&nextNodeId=FF30CF29CE614360AF85020438BFE328&isc_dataFormat=json&prevNodeId=C3FE5804602E481FAEDCA5D4D71B6CF [^]
It shows:
curl: (3) bad range specification in URL position 372:

As first test just properly encoding the [ and ] values in the url avoid the problems.
Patch for testing is attached to this issue. However probably the whole URL should be properly URL-encoded.
(0127836)
shuehner   
2021-05-05 16:42   
Note that probably we need to back-patch that not only to open releases but maybe more (to cover any codeline wanted to be tested in CI (i.e. customer branches) assuming we want to switch all CI over to new stack having only tomcat)
(0127985)
hgbot   
2021-05-11 10:36   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/358 [^]
(0128198)
hgbot   
2021-05-17 10:14   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/358 [^]
(0128199)
hgbot   
2021-05-17 10:14   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 2af65c29fdfb7f3b24a3d11f954354e8b238a861
Author: Asier Lostalé <asier.lostale@openbravo.com>
Date: 2021-05-17T08:14:30+00:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/2af65c29fdfb7f3b24a3d11f954354e8b238a861 [^]

fixes BUG-46520: DataSourceSecurity fails on Tomcat9

fetchShouldBeAllowedOnlyIfRoleIsGranted test was creating an invalid
request by adding some parameters with special characters and not
ecoding them. Tomcat 9 is stricter parsing URLs than previous version,
not allowing this case.

Fixed by removing those parameters that were causing problems as they
were not ncessary.

---
M src-test/src/org/openbravo/test/datasource/DataSourceSecurity.java
---