Getting 500 when trying to authenticate

[sofGitAdmin]

fter deploying gravitee using the docker-compose example, when accessing the portal, I get this error from my browser developer console

Request URL:http://xxxxxx:8083/management/user/ Request Method:GET Status Code:500 Internal Server Error Remote Address: Referrer Policy:no-referrer-when-downgrade

and the response payload was

{ "message" : "Cannot pass null or empty values to constructor", "http_status" : 500 }

Expected Behavior No 500 error.

Current Behavior 500 error

Possible Solution Probably the portal should be GETing the /users/ resource? normally this kind of erro is generated when credentials in DB are empty ??

Steps to Reproduce (for bugs) install service using docker-compose.yml provided at gravitee site access the portal Context Trialing the solution

Your Environment Version used: official gravitee docker image:latest Browser Name and version: chrome Version 62.0.3202.75 Operating System and version: docker latest version running on Ubuntu

[sofGitAdmin]

This is my api management gravitee.yml content : gravitee.txt

I'm trying to authentify with in memory users (admin , user ...).

[Sebbl22]

Same problem here with Docker on Windows and the official docker-compose files

[NicolasGeraud]

hi, please provide the full gravitee.log file

[Sebbl22]

Hi, I attached the logfile and gravitee.yml. Nothing was changed in the yml.

gravitee_accesslog_2018_07_04.log gravitee.log gravitee.txt

[brasseld]

Hello @Sebbl22

Please remove existing Docker images for Gravitee.io and run docker-compose up again.

Thanks for your feedback.

[Sebbl22]

Hi @brasseld , I ran docker-compose rm, deleted all three graviteeio/* images and created new containers (docker-compose up). Unfortunately I recieve the same error. One change I noticed was, that I now get a notification in the bottom right corner of the management-ui login screen stating "Cannot pass null or empty values to constructor " when trying to login. This notification hasn't been there before. Note: This only happens if I try to login with a valid username/password combination like admin:admin or user:password. If I try invalid combinations I recieve the correct "wrong username or password" notiication.

Here is the new gravitee.log file. gravitee.log

Since there was a comment (which is now deleted) stating that this issue (https://golb.hplar.ch/2017/10/JCE-policy-changes-in-Java-SE-8u151-and-8u152.html) might be related, I also updated the java version inside the container to 8u172 and changed the crypto.policy to "unimited" in the java.security file. Gravitee startet just fine and reported the new HotSpot 64-Bit Server VM/25.172 version in the gravitee.log file, but the execption still remained. If relevant, I can upload the gravitee.log file for this experiment as well.

Thank you for your help.

[brasseld]

Can you try to remove docker volume used for mongodb and restart the stack ? There is absolutely no reason for this issue so I would be sure that you are running Gravitee from scratch.

Also please check that cookies / has been clean up for the Gravitee portal.

Thanks again

[Sebbl22]

I completely removed all docker container and images, pulled them again and startet them. It didn't work either. After that I deleted all cookies for localhost in Firefox and it worked. I'm not sure how this could have happened, but I can login now without problems.

Thank you for your help and advice.

[brasseld]

Hi guys,

Any news about this issue ?

[Sebbl22]

Hi, as I wrote, the issue was resolved by deleting all cookies for localhost. As far as I know cookies are only domain-specifiy (not considering ports). I tested some other docker containers (especially SonarQube) at the same time, so maybe there were some existing cookies with identical names but unexpected values.

The issue can be considered resolved / closed for me.

[brasseld]

Ok, thanks for your feedback @Sebbl22

[ynuosoft]

hi all,how to resolve this bug,i use graviteeio-gateway-1.18.1

08:01:53.739 [gravitee-listener-27] ERROR i.g.m.rest.provider.ThrowableMapper - Internal error java.lang.IllegalArgumentException: Cannot pass null or empty values to constructor at org.springframework.security.core.userdetails.User.(User.java:101) at org.springframework.security.core.userdetails.User.(User.java:74) at io.gravitee.management.idp.api.authentication.UserDetails.(UserDetails.java:41) at io.gravitee.management.rest.resource.CurrentUserResource.getCurrentUser(CurrentUserResource.java:110) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:74) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:144) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:161) at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:202) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:99) at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:388) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:346) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:102) at org.glassfish.jersey.server.ServerRuntime$2.run(ServerRuntime.java:337) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267) at org.glassfish.jersey.internal.Errors.process(Errors.java:315) at org.glassfish.jersey.internal.Errors.process(Errors.java:297) at org.glassfish.jersey.internal.Errors.process(Errors.java:267) at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:280) at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:316) at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:1084) at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:418) at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:372) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1712) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:215) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at io.gravitee.management.security.filter.JWTAuthenticationFilter.doFilter(JWTAuthenticationFilter.java:119) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:121) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:96) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1699) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:224) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) at org.eclipse.jetty.server.Server.handle(Server.java:523) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) at java.lang.Thread.run(Thread.java:748)

[NicolasGeraud]

hi @ynuosoft , what is the link between the current issue and your comment ?