Closed commanderback closed 3 years ago
Hi and thank you for request. In order to reproduce your issue I need to know a bit more about your system:
Would it be possible to supply any stacktraces, or is this a single log line without any further references?
Thanks in advance
1.Which version of SonarQube did you use? sonarqube 7.9.5 LTS
2.Which version of sonar-cas-plugin did you use? sonar-cas-plugin-2.0.2.jar
sonar.security.realm=cas sonar.authenticator.createUsers=true sonar.cas.forceCasLogin=true sonar.cas.protocol=cas3 sonar.cas.casServerUrlPrefix=https://cas.xx.com/ sonar.cas.casServerLoginUrl=https://cas.xx.com/login sonar.cas.casServerLogoutUrl=https://cas.xx.com/logout sonar.cas.sonarServerUrl=http://sonarqube:9000 sonar.cas.urlAfterCasRedirectCookieMaxAgeSeconds=300 sonar.cas.sessionStorePath=/opt/app/usr/sonarqube/data/sonarcas/sessionstore sonar.cas.sessionStore.cleanUpIntervalInSeconds=1800
sonar.cas.rolesAttributes=groups,roles sonar.cas.fullNameAttribute=displayName sonar.cas.eMailAttribute=mail sonar.cas.saml11.toleranceMilliseconds=1000 sonar.cas.disableCertValidation=true
4.If possible: What is the nature of the request that leads to this error? 4.1like: Browser requests vs REST request I browser http://xx:9000 then input the name/passwd, the browser stop at http://sonarqube:9000/sessions/init/cas?ticket=.... and I check the sonarqube server log file $SONAR_HOME/logs/web.log 2021.01.14 17:17:11 ERROR web[AXcAATOqwIh5Ck86AAAM][o.j.c.c.u.XmlUtils] The element type "input" must be terminated by the matching end-tag "</input>". org.xml.sax.SAXParseException: The element type "input" must be terminated by the matching end-tag "</input>". at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1471) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(XMLDocumentFragmentScannerImpl.java:1683) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2881) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:112) at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:534) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:888) at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:824) at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1216) at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:635) at org.jasig.cas.client.util.XmlUtils.getTextForElement(XmlUtils.java:192) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseProxyGrantingTicketFromResponse(Cas20ServiceTicketValidator.java:117) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:88) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201) at org.sonar.plugins.cas.LoginHandler.handleLogin(LoginHandler.java:62) at org.sonar.plugins.cas.CasIdentityProvider.init(CasIdentityProvider.java:69) at org.sonar.server.authentication.InitFilter.handleBaseIdentityProvider(InitFilter.java:106) at org.sonar.server.authentication.InitFilter.handleProvider(InitFilter.java:80) at org.sonar.server.authentication.InitFilter.doFilter(InitFilter.java:73) at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:126) at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:95) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:87) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76) at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.requestid.RequestIdFilter.doFilter(RequestIdFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) 2021.01.14 17:17:11 ERROR web[AXcAATOqwIh5Ck86AAAM][o.s.p.c.CasIdentityProvider] authentication or logout failed org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server. at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:98) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201) at org.sonar.plugins.cas.LoginHandler.handleLogin(LoginHandler.java:62) at org.sonar.plugins.cas.CasIdentityProvider.init(CasIdentityProvider.java:69) at org.sonar.server.authentication.InitFilter.handleBaseIdentityProvider(InitFilter.java:106) at org.sonar.server.authentication.InitFilter.handleProvider(InitFilter.java:80) at org.sonar.server.authentication.InitFilter.doFilter(InitFilter.java:73) at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:126) at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:95) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:87) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76) at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.requestid.RequestIdFilter.doFilter(RequestIdFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) 2021.01.14 17:26:41 DEBUG web[][o.s.p.c.s.SessionStoreCleaner] CAS session writeJwtFile clean up started. 2021.01.14 17:26:41 DEBUG web[][o.s.p.c.s.SessionStoreCleaner] CAS session writeJwtFile clean up finished and removed 0 entries.
what file/endpoint was requested
Thanks.
------------------ 原始邮件 ------------------ 发件人: "cloudogu/sonar-cas-plugin" <notifications@github.com>; 发送时间: 2021年1月14日(星期四) 下午5:22 收件人: "cloudogu/sonar-cas-plugin"<sonar-cas-plugin@noreply.github.com>; 抄送: "神丸"<794608009@qq.com>;"Author"<author@noreply.github.com>; 主题: Re: [cloudogu/sonar-cas-plugin] html parser throw exception (#28)
Hi and thank you for request. In order to reproduce your issue I need to know a bit more about your system:
Which version of SonarQube did you use?
Which version of sonar-cas-plugin did you use?
If possible: What is the nature of the request that leads to this error?
like: Browser requests vs REST request
what file/endpoint was requested
Would it be possible to supply any stacktraces, or is this a single log line without any further references?
Thanks in advance
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Hi again,
while I am currently diagnosing your error I found some things in your reply that made me think of a configuration problem.
2.Which version of sonar-cas-plugin did you use? sonar-cas-plugin-2.0.2.jar
Did you mean sonar-cas-plugin.2.0.1.jar
? This repo does not contain a release for a version 2.0.2
- sonarqube cas related config $SONAR_HOME/conf/sonar.properties
These two lines of your sonar.properties
strike me as weird for two reasons:
...
sonar.cas.casServerUrlPrefix=https://cas.xx.com/
...
sonar.cas.sonarServerUrl=http://sonarqube:9000
...
sonar.cas.casServerUrlPrefix
seems to contain non-breaking spaces?: https://cas.xx.com/
sonar.cas.sonarServerUrl
seems to point to a local SonarQube installation while the CAS URL looks like an internet address (http://sonarqube
vs https://cas.xx.com
)
Currently I don't have a SonarQube in version 7.9.5 LTS at hand but as a quick-test I checked the constellation
I will test with SonarQube 7.9.5 again and will come back to this issue later on.
In the meanwhile: Would you kindly check with my annotations regarding the configuration above?
Hi again.
I was not able to reproduce your error within this installation:
I noticed something else from which I conclude that your problem is really just a faulty configuration. The error in the stacktrace tells me that an HTML response was tried to be parsed (instead of a CAS ticket in XML).
4.1like: Browser requests vs REST request ... 2021.01.14 17:17:11 ERROR web[AXcAATOqwIh5Ck86AAAM][o.j.c.c.u.XmlUtils] The element type "input" must be terminated by the matching end-tag "</input>".
The fact that the CAS plugin tries to parse a response with an input
element is key to my assumption. Usually CAS granting tickets don't contain <input />
elements, but HTML forms do.
That being said, I suggest to validate the SonarQube configuration. If you want to gain more insights to the faulty HTTP response you could clone the repo and log the CAS response. org.sonar.plugins.cas.LoginHandler.handleLogin()
would be a good starting point.
Hi, After confirmation, we use Yale CAS server. I notice the plugin support Apereo CAS. so I want to know whether the plugin supports Yale CAS.
Thank you.
------------------ 原始邮件 ------------------ 发件人: "cloudogu/sonar-cas-plugin" <notifications@github.com>; 发送时间: 2021年1月14日(星期四) 晚上7:11 收件人: "cloudogu/sonar-cas-plugin"<sonar-cas-plugin@noreply.github.com>; 抄送: "神丸"<794608009@qq.com>;"Author"<author@noreply.github.com>; 主题: Re: [cloudogu/sonar-cas-plugin] html parser throw exception (#28)
Hi again.
I was not able to reproduce your error within this installation:
SonarQube 7.9.5 and
sonar-cas-plugin 2.0.1
I noticed something else from which I conclude that your problem is really just a faulty configuration. The error in the stacktrace tells me that an HTML response was tried to be parsed (instead of a CAS ticket in XML).
4.1like: Browser requests vs REST request ... 2021.01.14 17:17:11 ERROR web[AXcAATOqwIh5Ck86AAAM][o.j.c.c.u.XmlUtils] The element type "input" must be terminated by the matching end-tag "</input>".
The fact that the CAS plugin tries to parse a response with an input element is key to my assumption. Usually CAS granting tickets don't contain <input /> elements.
That being said, I suggest to validate the SonarQube configuration. If you want to gain more insights to the faulty HTTP response you could clone the repo and log the CAS response. org.sonar.plugins.cas.LoginHandler.handleLogin() would be a good starting point.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
From what I understand is that University Yale designed the CAS specification and created an initial CAS implementation. After that Yale submitted it to Apereo for proper maintenance.
Speaking for myself, Apereo's CAS implementation is so old that I haven't ever held a Yale implementation in my hands. https://github.com/cloudogu/sonar-cas-plugin from supports only Apereo CAS. It was successfully tested with CAS 4.0.x
I saw you using the CAS 3 specification, but maybe that was just default values in sonar.properties
?:
sonar.cas.protocol=cas3
Just so I can take the CAS implementation into consideration which you are using:
I am closing this issue because it is stale and also because it looks like a configuration fault. Please feel free to reply if there is additional information available.
ERROR web[...][...] The element type "input" must be terminated by the matching end-tag "".