Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Issue Details[ Jump to Notes ]

[ Issue History ] [ Print ]

ID

0046568

Type

Category

Severity

Reproducibility

Date Submitted

Last Update

backport

[Openbravo ERP] A. Platform

minor

have not tried

2021-05-05 16:38

2021-05-17 10:15

Reporter

shuehner

View Status

public

Assigned To

alostale

Priority

normal

Resolution

fixed

Fixed in Version

PR20Q4.4

Status

closed

Fix in branch

Fixed in SCM revision

Projection

none

ETA

none

Target Version

PR20Q4.4

OS

Any

Database

Any

Java version

OS Version

Database version

Ant version

Product Version

SCM revision

Review Assigned To

Web browser

Modules

Core

Regression level

Regression date

Regression introduced in release

Regression introduced by commit

Triggers an Emergency Pack

No

Summary

0046568: junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement)

Description

This junit test fails when application is deployed on tomcat 9.x but only for the specific datasource AccountTreeMovement.
It shows 4 failures as four RoleTypes are tested for each dataSource.

Problem is the test triggering the following error on tomcat 9.x:
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Error parsing HTTP request header
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
May 05 12:27:36 ip-172-31-9-130 tomcat9[2709]: java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Steps To Reproduce

Deploy application with tomcat 9.x
ant run.test -Dtest=org.openbravo.test.datasource.DataSourceSecurity

Check result*.xml file in src/ folder for the result of the test run

Proposed Solution

Fix the invalid request target (values in url) to be valid.

Tags

No tags attached.

Relationships [ Relation Graph ] [ Dependency Graph ]

blocks

defect

PR21Q3

closed

junit DataSourceSecurity.fetchShouldBeAllowedOnlyIfRoleIsGranted fails on Tomcat9 (only for Datasource: AccountTreeMovement)

Notes
(0128169) hgbot (developer) 2021-05-17 08:07	Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/363 [^]

(0128202) hgbot (developer) 2021-05-17 10:15	Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/openbravo [^] Changeset: 181ff893d2bea4bee99b3a5e68c4e7d200d2eacc Author: Asier Lostalé <asier.lostale@openbravo.com> Date: 2021-05-17T08:05:28+02:00 URL: https://gitlab.com/openbravo/product/openbravo/-/commit/181ff893d2bea4bee99b3a5e68c4e7d200d2eacc [^] fixes BUG-46568: DataSourceSecurity fails on Tomcat9 fetchShouldBeAllowedOnlyIfRoleIsGranted test was creating an invalid request by adding some parameters with special characters and not ecoding them. Tomcat 9 is stricter parsing URLs than previous version, not allowing this case. Fixed by removing those parameters that were causing problems as they were not ncessary. --- M src-test/src/org/openbravo/test/datasource/DataSourceSecurity.java ---

(0128203) hgbot (developer) 2021-05-17 10:15	Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/363 [^]

Issue History
Date Modified	Username	Field	Change
2021-05-07 08:11	alostale	Type	defect => backport
2021-05-07 08:11	alostale	Target Version	PR21Q3 => PR20Q4.4
2021-05-17 08:07	hgbot	Note Added: 0128169
2021-05-17 10:15	hgbot	Resolution	open => fixed
2021-05-17 10:15	hgbot	Status	scheduled => closed
2021-05-17 10:15	hgbot	Fixed in Version	=> PR20Q4.4
2021-05-17 10:15	hgbot	Note Added: 0128202
2021-05-17 10:15	hgbot	Note Added: 0128203

Copyright © 2000 - 2009 MantisBT Group