Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SHIRO-825] Fixes "IllegalArgumentException: There is no configured chain under the name/key" #309

Merged
merged 2 commits into from
Jul 12, 2021

Conversation

zAlbee
Copy link
Contributor

@zAlbee zAlbee commented Jul 6, 2021

Fixes https://issues.apache.org/jira/browse/SHIRO-825: Trailing slash in URI results in "IllegalArgumentException: There is no configured chain under the name/key"

When the request URI has a trailing slash, but the pattern does not have a trailing slash (or vice versa), it is still supposed to match. However, when they don't match exactly, we enter the else branch where the call to filterChainManager.proxy() has the incorrect parameter! (When they match exactly, the call to filterChainManager.proxy() has the correct parameter -- see line 114).

This seems to be a copy/paste error introduced by commit ab1ea4a#diff-a724e4e5fde47ea6cc29803d5a4581a299b74f09d4ec5ce047e7d3e056116815R129

In Shiro 1.7.0, it didn't have this duplicate code, and it was working correctly.


Following this checklist to help us incorporate your contribution quickly and easily:

  • Make sure there is a JIRA issue filed
    for the change (usually before you start working on it). Trivial changes like typos do not
    require a JIRA issue. Your pull request should address just this issue, without pulling in other changes.
  • Each commit in the pull request should have a meaningful subject line and body.
  • Format the pull request title like [SHIRO-XXX] - Fixes bug in SessionManager,
    where you replace SHIRO-XXX with the appropriate JIRA issue. Best practice
    is to use the JIRA issue title in the pull request title and in the first line of the commit message.
  • Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
  • Run mvn clean install apache-rat:check to make sure basic checks pass. A more thorough check will be performed on your pull request automatically.
  • If you have a group of commits related to the same change, please squash your commits into one and force push your branch using git rebase -i.

Trivial changes like typos do not require a JIRA issue (javadoc, comments...).
In this case, just format the pull request title like (DOC) - Add javadoc in SessionManager.

If this is your first contribution, you have to read the Contribution Guidelines

If your pull request is about ~20 lines of code you don't need to sign an Individual Contributor License Agreement
if you are unsure please ask on the developers list.

To make clear that you license your contribution under the Apache License Version 2.0, January 2004
you have to acknowledge this by using the following check-box.

This was causing "java.lang.IllegalArgumentException: There is no configured chain under the name/key"
@bdemers
Copy link
Member

bdemers commented Jul 6, 2021

Thanks @zAlbee!

We need a test case for this, I can add it, but I have a few follow up questions I'll post in SHIRO-825

@bdemers
Copy link
Member

bdemers commented Jul 6, 2021

Test added :)

We need to backport this fix to 1.x, once this gets another set of eyes, I can backport it

@bdemers bdemers requested a review from bmarwell July 6, 2021 20:37
* Test asserting <a href="https://issues.apache.org/jira/browse/SHIRO-825">SHIRO-825<a/>.
*/
@Test
public void testGetChainWhenPathEndsWithSlash() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I verified that this test passes in Shiro 1.7.0 and fails in 1.7.1 (without the fix). Thanks!

Copy link
Contributor

@bmarwell bmarwell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM – THANKS! :)

@zAlbee
Copy link
Contributor Author

zAlbee commented Jul 8, 2021

Is there anything else I need to do to get this merged? (I noticed some failing checks). We saw that 1.7.1 fixed some vulnerabilities and would like to upgrade to a fixed version of that.

@bmarwell
Copy link
Contributor

bmarwell commented Jul 9, 2021

Is there anything else I need to do to get this merged?

Yes:

We need to backport this fix to 1.x, once this gets another set of eyes, I can backport it

@bdemers I can work on a backport next week. If you like, you can go ahead and merge it.

@bdemers bdemers mentioned this pull request Jul 9, 2021
@bmarwell bmarwell merged commit 2b2bdb1 into apache:main Jul 12, 2021
@zAlbee zAlbee deleted the patch-1 branch July 12, 2021 18:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants