Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Issue Details[ Jump to Notes ]

[ Issue History ] [ Print ]

ID

0046567

Type

Category

Severity

Reproducibility

Date Submitted

Last Update

backport

[Openbravo ERP] A. Platform

minor

have not tried

2021-05-05 16:38

2021-05-17 10:16

Reporter

shuehner

View Status

public

Assigned To

alostale

Priority

normal

Resolution

fixed

Fixed in Version

PR21Q1.2

Status

closed

Fix in branch

Fixed in SCM revision

Projection

none

ETA

none

Target Version

PR21Q1.2

OS

Any

Database

Any

Java version

OS Version

Database version

Ant version

Product Version

SCM revision

Merge Request Status

approved

Review Assigned To

OBNetwork customer

No

Web browser

Modules

Core

Support ticket

Regression level

Regression date

Regression introduced in release

Regression introduced by commit

Triggers an Emergency Pack

No

Summary

0046567: junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement)

Description

This junit test fails when application is deployed on tomcat 9.x but only for the specific datasource AccountTreeMovement.
It shows 4 failures as four RoleTypes are tested for each dataSource.

Problem is the test triggering the following error on tomcat 9.x:
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Error parsing HTTP request header
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Steps To Reproduce

Deploy application with tomcat 9.x
ant run.test -Dtest=org.openbravo.test.datasource.DataSourceSecurity

Check result*.xml file in src/ folder for the result of the test run

Proposed Solution

Fix the invalid request target (values in url) to be valid.

Tags

No tags attached.

Relationships [ Relation Graph ] [ Dependency Graph ]

blocks

defect

PR21Q3

closed

junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement)

Notes
(0128168) hgbot (developer) 2021-05-17 08:03	Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/362 [^]

(0128204) hgbot (developer) 2021-05-17 10:16	Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/362 [^]

(0128205) hgbot (developer) 2021-05-17 10:16	Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/openbravo [^] Changeset: 21f7703ff61f7527c36d97f4b147cdff8019e4d2 Author: Asier Lostalé <asier.lostale@openbravo.com> Date: 2021-05-17T08:01:58+02:00 URL: https://gitlab.com/openbravo/product/openbravo/-/commit/21f7703ff61f7527c36d97f4b147cdff8019e4d2 [^] fixes BUG-46567: DataSourceSecurity fails on Tomcat9 fetchShouldBeAllowedOnlyIfRoleIsGranted test was creating an invalid request by adding some parameters with special characters and not ecoding them. Tomcat 9 is stricter parsing URLs than previous version, not allowing this case. Fixed by removing those parameters that were causing problems as they were not ncessary. --- M src-test/src/org/openbravo/test/datasource/DataSourceSecurity.java ---

Issue History
Date Modified	Username	Field	Change
2021-05-07 08:11	alostale	Type	defect => backport
2021-05-07 08:11	alostale	Target Version	PR21Q3 => PR21Q1.2
2021-05-07 11:30	alostale	Issue cloned	0046579
2021-05-17 08:03	hgbot	Merge Request Status	=> open
2021-05-17 08:03	hgbot	Note Added: 0128168
2021-05-17 10:16	hgbot	Merge Request Status	open => approved
2021-05-17 10:16	hgbot	Resolution	open => fixed
2021-05-17 10:16	hgbot	Status	scheduled => closed
2021-05-17 10:16	hgbot	Note Added: 0128204
2021-05-17 10:16	hgbot	Fixed in Version	=> PR21Q1.2
2021-05-17 10:16	hgbot	Note Added: 0128205

Copyright © 2000 - 2009 MantisBT Group