When using the Requirements Bazaar, the las2peer agent creation fails for usernames having only three characters or fewer with IllegalArgumentException: please use a login name longer than three characters!. This causes users not being able to use the Requirements Bazaar at all.
Steps to reproduce
Create a new Learning Layers account with only three characters.
For all actions, the user gets an HTTP error 500 message in the frontend for every action. Thus, the Requirements Bazaar is unusable.
The backend logs look similar to this (here, the invalid username is bja):
2022 Oct 06 15:17:21 INFO i5.las2peer.connectors.webConnector.util.AuthenticationManager: OIDC sub found. Authenticating...
2022 Oct 06 15:17:21 INFO i5.las2peer.connectors.webConnector.util.AuthenticationManager: attempting login with id: bja
2022 Oct 06 15:17:21 FINER i5.las2peer.p2p.PastryNodeImpl: ARTIFACT_FETCH_STARTED (2060) <0x418909..>/reqbaz/137.226.232.38:9011 - - - USER_NAME-bja
2022 Oct 06 15:17:21 FINE i5.las2peer.persistency.SharedStorage: Starting latest version lookup for USER_NAME-bja at 1
2022 Oct 06 15:17:21 FINE i5.las2peer.persistency.helper.LatestArtifactVersionFinder: Looking for metadata envelope with identifier 'USER_NAME-bja' and version 1 at id 57C93FFBCA6D18EFEDD1D45DD7048CA29DE9331F ...
2022 Oct 06 15:17:21 FINE i5.las2peer.persistency.helper.LatestArtifactVersionFinder: Lookup got 0 past handles for identifier 'USER_NAME-bja' and version 1
2022 Oct 06 15:17:21 FINER i5.las2peer.p2p.PastryNodeImpl: ARTIFACT_FETCH_FAILED (-2065) <0x418909..>/reqbaz/137.226.232.38:9011 - - - USER_NAME-bja
2022 Oct 06 15:17:21 INFO i5.las2peer.connectors.webConnector.util.AuthenticationManager: OIDC sub uknown. Auto-register...
2022 Oct 06 15:17:21 SEVERE i5.las2peer.connectors.webConnector.WebConnector: Internal Server Error: OIDC agent creation failed
javax.ws.rs.InternalServerErrorException: OIDC agent creation failed
at i5.las2peer.connectors.webConnector.util.AuthenticationManager.createNewOidcAgent(AuthenticationManager.java:337)
at i5.las2peer.connectors.webConnector.util.AuthenticationManager.authenticateOIDC(AuthenticationManager.java:181)
at i5.las2peer.connectors.webConnector.util.AuthenticationManager.authenticateAgent(AuthenticationManager.java:80)
at i5.las2peer.connectors.webConnector.WebConnector.authenticateAgent(WebConnector.java:685)
at i5.las2peer.connectors.webConnector.WebConnectorRequestHandler.authenticate(WebConnectorRequestHandler.java:173)
at i5.las2peer.connectors.webConnector.WebConnectorRequestHandler.handle(WebConnectorRequestHandler.java:147)
at i5.las2peer.connectors.webConnector.WebConnectorRequestHandler.handleGET(WebConnectorRequestHandler.java:119)
at jdk.internal.reflect.GeneratedMethodAccessor46.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:124)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:167)
at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:176)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:79)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:475)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:397)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:81)
at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:255)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:234)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
at org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpContainer.service(GrizzlyHttpContainer.java:356)
at org.glassfish.grizzly.http.server.HttpHandler$1.run(HttpHandler.java:200)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:569)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:549)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: java.lang.IllegalArgumentException: please use a login name longer than three characters!
at i5.las2peer.security.UserAgentImpl.checkLoginNameValidity(UserAgentImpl.java:89)
at i5.las2peer.security.UserAgentImpl.setLoginName(UserAgentImpl.java:78)
at i5.las2peer.connectors.webConnector.util.AuthenticationManager.createNewOidcAgent(AuthenticationManager.java:322)
... 31 more
2022 Oct 06 15:17:21 FINER i5.las2peer.p2p.PastryNodeImpl: CONNECTOR_ERROR (-9100) <0x418909..>/reqbaz/137.226.232.38:9011 - - - WebConnector: Internal Server Error: OIDC agent creation failed
Expected behavior
All users with a valid Learning Layer accounts should be able to use the Requirements Bazaar.
Possible solutions
Either, users should not be able to create Learning Layer accounts with less than 4 characters, or the constraint for las2peer agent names should be relaxed.
However, both constraints cannot be changed directly in the Requirements Bazaar.
fxjordan
commented
1 year ago
Summary
When using the Requirements Bazaar, the las2peer agent creation fails for usernames having only three characters or fewer with
IllegalArgumentException: please use a login name longer than three characters!. This causes users not being able to use the Requirements Bazaar at all.Steps to reproduce
Current Behavior
For all actions, the user gets an HTTP error 500 message in the frontend for every action. Thus, the Requirements Bazaar is unusable. The backend logs look similar to this (here, the invalid username is
bja):Expected behavior
All users with a valid Learning Layer accounts should be able to use the Requirements Bazaar.
Possible solutions
Either, users should not be able to create Learning Layer accounts with less than 4 characters, or the constraint for las2peer agent names should be relaxed.
However, both constraints cannot be changed directly in the Requirements Bazaar.