Database connection parameters including password shown if dbtype wrong/unsupported

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.x
Component/s: WFS
Labels:
None

Number of attachments :
0

Description

If no SPI data access factory can be found, the connection parameters, including password, are included in the WFS ows:ExceptionReport. This gives an end user access to confidential information.

<?xml version="1.0" encoding="UTF-8"?>
<ows:ExceptionReport version="1.0.0"
  xsi:schemaLocation="http://www.opengis.net/ows http://localhost:8080/geoserver/schemas/ows/1.0.0/owsExceptionReport.xsd"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ows="http://www.opengis.net/ows">
  <ows:Exception exceptionCode="NoApplicableCode">
    <ows:ExceptionText>Error occurred getting features
      Cannot find a DataAccess for parameters {user=test,
      passwd=s3cr3t, host=name.changed.to.protect.the.innocent, port=1521,
      database=test, dbtype=Ooracle}</ows:ExceptionText>
  </ows:Exception>
</ows:ExceptionReport>

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Gabriel Roldan added a comment - 14/May/09 8:21 AM

we have the DataAccessFactory.Param.isPassword() convenience method to help here. This will imply a little more work than Map.toString for the exception report thoug, but an easy fix.

Show

Gabriel Roldan added a comment - 14/May/09 8:21 AM we have the DataAccessFactory.Param.isPassword() convenience method to help here. This will imply a little more work than Map.toString for the exception report thoug, but an easy fix.

Hide

Permalink

Gabriel Roldan added a comment - 14/May/09 8:21 AM

As long as the DataAccess implementation honors the isPassword flag for the parameter, that's it.

Show

Gabriel Roldan added a comment - 14/May/09 8:21 AM As long as the DataAccess implementation honors the isPassword flag for the parameter, that's it.

Hide

Permalink

Andrea Aime added a comment - 14/May/09 8:35 AM

This is somehow related to ~~GEOS-2972~~ where a user complains the SQL is shown.
In the service code we only know wer'e getting a IOException, and we know it contains a string, but there is no classification on how severe the message contents might be... the only thing that comes to mind, as a general solution, is to have IOException subclasses that do provide some information about how sensible the information travelling is.
Thought, for this specific case, I guess we could just override the code that builds up that particular error message

Show

Andrea Aime added a comment - 14/May/09 8:35 AM This is somehow related to GEOS-2972 where a user complains the SQL is shown. In the service code we only know wer'e getting a IOException, and we know it contains a string, but there is no classification on how severe the message contents might be... the only thing that comes to mind, as a general solution, is to have IOException subclasses that do provide some information about how sensible the information travelling is. Thought, for this specific case, I guess we could just override the code that builds up that particular error message

Hide

Permalink

Andrea Aime added a comment - 18/May/09 3:40 PM

Ben, I've spent one hour trying to reproduce this with no avail.
If, on trunk, I connect to Oracle, then stop geoserver, restart it without the oracle jars in the classpath, then execute a WFS GetFeature, I get two bad results (e.g., not informative of what's going on) depending on the WFS version chosen, but the params are never dumped into the error message.

Given the tiger:STATES layer that was coming from Oracle, if I do a WFS 1.1 query I get:

<?xml version="1.0" encoding="UTF-8"?>
<ows:ExceptionReport version="1.0.0"
  xsi:schemaLocation="http://www.opengis.net/ows http://localhost:8080/geoserver/schemas/ows/1.0.0/owsExceptionReport.xsd"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ows="http://www.opengis.net/ows">
  <ows:Exception exceptionCode="NoApplicableCode">
    <ows:ExceptionText>Error occurred getting features null
      Could not acquire data access &amp;apos;orang&amp;apos;</ows:ExceptionText>
    <ows:ExceptionText>Details:</ows:ExceptionText>
    <ows:ExceptionText>org.geoserver.wfs.WFSException: Error
      occurred getting features  at
      org.geoserver.platform.ServiceException.fillInStackTrace(ServiceException.java)
      at
      org.geoserver.wfs.WFSException.fillInStackTrace(WFSException.java)
      at java.lang.Throwable.&lt;init>(Throwable.java:218)
      at java.lang.Exception.&lt;init>(Exception.java:59)
      at
      java.lang.RuntimeException.&lt;init>(RuntimeException.java:61)
      at
      org.geoserver.platform.ServiceException.&lt;init>(ServiceException.java:62)
      at
      org.geoserver.platform.ServiceException.&lt;init>(ServiceException.java:73)
      at
      org.geoserver.wfs.WFSException.&lt;init>(WFSException.java:31)
      at
      org.geoserver.wfs.GetFeature.run(GetFeature.java:388)
      at
      org.geoserver.wfs.DefaultWebFeatureService.getFeature(DefaultWebFeatureService.java:115)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
      Method)  at
      sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at
      sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at
      org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
      at
      org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
      at
      org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
      at
      org.geoserver.ows.util.EMFLogger.invoke(EMFLogger.java:51)
      at
      org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
      at
      org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
      at $Proxy19.getFeature(Unknown Source)  at
      sun.reflect.NativeMethodAccessorImpl.invoke0(Native
      Method)  at
      sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at
      sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at
      org.geoserver.security.OperationSecurityInterceptor.invoke(OperationSecurityInterceptor.java:41)
      at
      org.geoserver.ows.Dispatcher.execute(Dispatcher.java:574)
      at
      org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:212)
      at
      org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
      at
      org.geoserver.ows.Dispatcher.handleRequest(Dispatcher.java)
      at
      org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
      at
      org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
      at
      org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
      at
      org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
      at
      org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501)
      at
      javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
      at
      javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
      at
      org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
      at
      org.vfny.geoserver.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264)
      at
      org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107)
      at
      org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
      at
      org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
      at
      org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
      at
      org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:178)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
      at
      org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229)
      at
      org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
      at
      org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148)
      at
      org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
      at
      org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:73)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
      at
      org.geoserver.filters.ReverseProxyFilter.doFilter(ReverseProxyFilter.java:176)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
      at
      org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:41)
      at
      org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
      at
      org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
      at
      org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
      at
      org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
      at
      org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
      at
      org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
      at
      org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
      at org.mortbay.jetty.Server.handle(Server.java:324)
      at
      org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
      at
      org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:828)
      at
      org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
      at
      org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
      at
      org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
      at
      org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
      at
      org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
      Caused by: java.io.IOException  at
      org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:248)
      at
      org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496)
      at
      org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
      Method)  at
      sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at
      sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at
      org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98)
      at $Proxy11.getFeatureSource(Unknown Source)  at
      org.geoserver.wfs.GetFeature.run(GetFeature.java:170)
      ... 67 more Caused by: java.lang.NullPointerException:
      Could not acquire data access 'orang'  at
      org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:234)
      ... 76 more </ows:ExceptionText>

  </ows:Exception>
</ows:ExceptionReport>

I also searched for code with Eclipse and I coudl not find the string "Cannot find a DataAccess" in any *.java file in my workspace which is composed of GeoServer and GeoTools.
So I'm wondering, may it be that you added some extra debug info in your copy of ResourcePool or DataAccessFinder and then forgot about it?
If you still can reproduce the issue configuring GeoServer for verbose exception dumps will expedite the search for the line of code dumping the params a lot.

Show

Andrea Aime added a comment - 18/May/09 3:40 PM Ben, I've spent one hour trying to reproduce this with no avail. If, on trunk, I connect to Oracle, then stop geoserver, restart it without the oracle jars in the classpath, then execute a WFS GetFeature, I get two bad results (e.g., not informative of what's going on) depending on the WFS version chosen, but the params are never dumped into the error message. Given the tiger:STATES layer that was coming from Oracle, if I do a WFS 1.1 query I get: <?xml version= "1.0" encoding= "UTF-8" ?> <ows:ExceptionReport version= "1.0.0" xsi:schemaLocation= "http: //www.opengis.net/ows http://localhost:8080/geoserver/schemas/ows/1.0.0/owsExceptionReport.xsd" xmlns:xsi= "http: //www.w3.org/2001/XMLSchema-instance" xmlns:ows= "http://www.opengis.net/ows" > <ows:Exception exceptionCode= "NoApplicableCode" > <ows:ExceptionText>Error occurred getting features null Could not acquire data access &apos;orang&apos;</ows:ExceptionText> <ows:ExceptionText>Details:</ows:ExceptionText> <ows:ExceptionText>org.geoserver.wfs.WFSException: Error occurred getting features at org.geoserver.platform.ServiceException.fillInStackTrace(ServiceException.java) at org.geoserver.wfs.WFSException.fillInStackTrace(WFSException.java) at java.lang.Throwable.<init>(Throwable.java:218) at java.lang.Exception.<init>(Exception.java:59) at java.lang.RuntimeException.<init>(RuntimeException.java:61) at org.geoserver.platform.ServiceException.<init>(ServiceException.java:62) at org.geoserver.platform.ServiceException.<init>(ServiceException.java:73) at org.geoserver.wfs.WFSException.<init>(WFSException.java:31) at org.geoserver.wfs.GetFeature.run(GetFeature.java:388) at org.geoserver.wfs.DefaultWebFeatureService.getFeature(DefaultWebFeatureService.java:115) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.geoserver.ows.util.EMFLogger.invoke(EMFLogger.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy19.getFeature(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.geoserver.security.OperationSecurityInterceptor.invoke(OperationSecurityInterceptor.java:41) at org.geoserver.ows.Dispatcher.execute(Dispatcher.java:574) at org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:212) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.geoserver.ows.Dispatcher.handleRequest(Dispatcher.java) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093) at org.vfny.geoserver.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:178) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148) at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:73) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.ReverseProxyFilter.doFilter(ReverseProxyFilter.java:176) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:41) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:324) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:828) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450) Caused by: java.io.IOException at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:248) at org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496) at org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98) at $Proxy11.getFeatureSource(Unknown Source) at org.geoserver.wfs.GetFeature.run(GetFeature.java:170) ... 67 more Caused by: java.lang.NullPointerException: Could not acquire data access 'orang' at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:234) ... 76 more </ows:ExceptionText> </ows:Exception> </ows:ExceptionReport> I also searched for code with Eclipse and I coudl not find the string "Cannot find a DataAccess" in any *.java file in my workspace which is composed of GeoServer and GeoTools. So I'm wondering, may it be that you added some extra debug info in your copy of ResourcePool or DataAccessFinder and then forgot about it? If you still can reproduce the issue configuring GeoServer for verbose exception dumps will expedite the search for the line of code dumping the params a lot.

Hide

Permalink

Ben Caradoc-Davies added a comment - 18/May/09 8:30 PM - edited

Note that the dbtype parameter is misspelled ("Ooracle"), so the request never gets deep enough to require any Oracle jars.

I went hunting ... the exception is thrown in GT app-schema AppSchemaDataAccessConfigurator.aquireSourceDatastores. You are going to reassign this one to me, aren't you?
Before you do, it would be good to check what the core code does when a bad dbtype causes no DataAccessfactory to be found. If passwd is not revealed, then this bug is app-schema specific.

Caused by: org.geotools.data.DataSourceException: Cannot find a DataAccess for parameters {user=pirsa, passwd=XXXXXXXX, host=wsrv1.arrc.csiro.au, schema=pirsa, port=1521, database=wsrv1, dbtype=oracleng}
	at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.aquireSourceDatastores(AppSchemaDataAccessConfigurator.java:517)
	at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.buildMappings(AppSchemaDataAccessConfigurator.java:170)
	at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.buildMappings(AppSchemaDataAccessConfigurator.java:147)
	at org.geotools.data.complex.AppSchemaDataAccessFactory.createDataStore(AppSchemaDataAccessFactory.java:68)
	at org.vfny.geoserver.util.DataStoreUtils.getDataAccess(DataStoreUtils.java:97)
	at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:220)
	at org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496)
	at org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:585)
	at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98)
	at $Proxy16.getFeatureSource(Unknown Source)
	at org.geoserver.wfs.GetFeature.run(GetFeature.java:170)
	... 66 more

Show

Ben Caradoc-Davies added a comment - 18/May/09 8:30 PM - edited Note that the dbtype parameter is misspelled ("Ooracle"), so the request never gets deep enough to require any Oracle jars. I went hunting ... the exception is thrown in GT app-schema AppSchemaDataAccessConfigurator.aquireSourceDatastores. You are going to reassign this one to me, aren't you? Before you do, it would be good to check what the core code does when a bad dbtype causes no DataAccessfactory to be found. If passwd is not revealed, then this bug is app-schema specific. Caused by: org.geotools.data.DataSourceException: Cannot find a DataAccess for parameters {user=pirsa, passwd=XXXXXXXX, host=wsrv1.arrc.csiro.au, schema=pirsa, port=1521, database=wsrv1, dbtype=oracleng} at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.aquireSourceDatastores(AppSchemaDataAccessConfigurator.java:517) at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.buildMappings(AppSchemaDataAccessConfigurator.java:170) at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.buildMappings(AppSchemaDataAccessConfigurator.java:147) at org.geotools.data.complex.AppSchemaDataAccessFactory.createDataStore(AppSchemaDataAccessFactory.java:68) at org.vfny.geoserver.util.DataStoreUtils.getDataAccess(DataStoreUtils.java:97) at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:220) at org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496) at org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98) at $Proxy16.getFeatureSource(Unknown Source) at org.geoserver.wfs.GetFeature.run(GetFeature.java:170) ... 66 more

Hide

Permalink

Ben Caradoc-Davies added a comment - 18/May/09 8:32 PM

And thanks, Andrea, for taking the time to investigate this. Doubly so, if it turns out to be app-schema specific.

Show

Ben Caradoc-Davies added a comment - 18/May/09 8:32 PM And thanks, Andrea, for taking the time to investigate this. Doubly so, if it turns out to be app-schema specific.

Hide

Permalink

Andrea Aime added a comment - 19/May/09 2:04 AM

Ben, I changed the dbtype to OORacle in my datastore.xml and I got this:

19 mag 08:54:15 ERROR [geoserver.ows] - 
org.geoserver.wfs.WFSException: Error occurred getting features
	at org.geoserver.platform.ServiceException.fillInStackTrace(ServiceException.java)
	at org.geoserver.wfs.WFSException.fillInStackTrace(WFSException.java)
	at java.lang.Throwable.<init>(Throwable.java:218)
	at java.lang.Exception.<init>(Exception.java:59)
	at java.lang.RuntimeException.<init>(RuntimeException.java:61)
	at org.geoserver.platform.ServiceException.<init>(ServiceException.java:62)
	at org.geoserver.platform.ServiceException.<init>(ServiceException.java:73)
	at org.geoserver.wfs.WFSException.<init>(WFSException.java:31)
	at org.geoserver.wfs.GetFeature.run(GetFeature.java:388)
	at org.geoserver.wfs.DefaultWebFeatureService.getFeature(DefaultWebFeatureService.java:115)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
	at org.geoserver.ows.util.EMFLogger.invoke(EMFLogger.java:51)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
	at $Proxy19.getFeature(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.geoserver.security.OperationSecurityInterceptor.invoke(OperationSecurityInterceptor.java:41)
	at org.geoserver.ows.Dispatcher.execute(Dispatcher.java:574)
	at org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:212)
	at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
	at org.geoserver.ows.Dispatcher.handleRequest(Dispatcher.java)
	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
	at org.vfny.geoserver.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264)
	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107)
	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
	at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
	at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:178)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229)
	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
	at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148)
	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
	at org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:73)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
	at org.geoserver.filters.ReverseProxyFilter.doFilter(ReverseProxyFilter.java:176)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
	at org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:41)
	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
	at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
	at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
	at org.mortbay.jetty.Server.handle(Server.java:324)
	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
	at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:828)
	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
	at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
	at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
Caused by: java.io.IOException
	at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:248)
	at org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496)
	at org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98)
	at $Proxy11.getFeatureSource(Unknown Source)
	at org.geoserver.wfs.GetFeature.run(GetFeature.java:170)
	... 67 more
Caused by: java.lang.NullPointerException: Could not acquire data access 'orang'
	at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:234)
	... 76 more

So no, the core code path does not dump the connection information, your code does instead (AppSchemaDataAccessConfigurator.aquireSourceDatastores():

Map datastoreParams = dsconfig.getParams();

            datastoreParams = resolveRelativePaths(datastoreParams);

            AppSchemaDataAccessConfigurator.LOGGER.fine("looking for datastore " + id);

            DataAccess dataStore = DataAccessFinder.getDataStore(datastoreParams);

            if (dataStore == null) {
                throw new DataSourceException("Cannot find a DataAccess for parameters "
                        + datastoreParams);
            }

if the map is what I think it is, just a string -> string one, there is no easy way to fix this, as without knowing the target factory you cannot even interrogate the params to see if they have the password flag

Show

Andrea Aime added a comment - 19/May/09 2:04 AM Ben, I changed the dbtype to OORacle in my datastore.xml and I got this: 19 mag 08:54:15 ERROR [geoserver.ows] - org.geoserver.wfs.WFSException: Error occurred getting features at org.geoserver.platform.ServiceException.fillInStackTrace(ServiceException.java) at org.geoserver.wfs.WFSException.fillInStackTrace(WFSException.java) at java.lang.Throwable.<init>(Throwable.java:218) at java.lang.Exception.<init>(Exception.java:59) at java.lang.RuntimeException.<init>(RuntimeException.java:61) at org.geoserver.platform.ServiceException.<init>(ServiceException.java:62) at org.geoserver.platform.ServiceException.<init>(ServiceException.java:73) at org.geoserver.wfs.WFSException.<init>(WFSException.java:31) at org.geoserver.wfs.GetFeature.run(GetFeature.java:388) at org.geoserver.wfs.DefaultWebFeatureService.getFeature(DefaultWebFeatureService.java:115) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.geoserver.ows.util.EMFLogger.invoke(EMFLogger.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy19.getFeature(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.geoserver.security.OperationSecurityInterceptor.invoke(OperationSecurityInterceptor.java:41) at org.geoserver.ows.Dispatcher.execute(Dispatcher.java:574) at org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:212) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.geoserver.ows.Dispatcher.handleRequest(Dispatcher.java) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093) at org.vfny.geoserver.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107) at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:178) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229) at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274) at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148) at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:73) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.ReverseProxyFilter.doFilter(ReverseProxyFilter.java:176) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:41) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:324) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:828) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450) Caused by: java.io.IOException at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:248) at org.geoserver.catalog.ResourcePool.getFeatureSource(ResourcePool.java:496) at org.geoserver.catalog.impl.FeatureTypeInfoImpl.getFeatureSource(FeatureTypeInfoImpl.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:98) at $Proxy11.getFeatureSource(Unknown Source) at org.geoserver.wfs.GetFeature.run(GetFeature.java:170) ... 67 more Caused by: java.lang.NullPointerException: Could not acquire data access 'orang' at org.geoserver.catalog.ResourcePool.getDataStore(ResourcePool.java:234) ... 76 more So no, the core code path does not dump the connection information, your code does instead (AppSchemaDataAccessConfigurator.aquireSourceDatastores(): Map datastoreParams = dsconfig.getParams(); datastoreParams = resolveRelativePaths(datastoreParams); AppSchemaDataAccessConfigurator.LOGGER.fine( "looking for datastore " + id); DataAccess dataStore = DataAccessFinder.getDataStore(datastoreParams); if (dataStore == null ) { throw new DataSourceException( "Cannot find a DataAccess for parameters " + datastoreParams); } if the map is what I think it is, just a string -> string one, there is no easy way to fix this, as without knowing the target factory you cannot even interrogate the params to see if they have the password flag

Hide

Permalink

Ben Caradoc-Davies added a comment - 19/May/09 3:01 AM

Thanks, it is good to know that the core code path is not insecure.

And on a personal note, there is nothing more satisfying than assigning a bugreport back to the original reporter. I hope you enjoyed it as much as would have.

Show

Ben Caradoc-Davies added a comment - 19/May/09 3:01 AM Thanks, it is good to know that the core code path is not insecure. And on a personal note, there is nothing more satisfying than assigning a bugreport back to the original reporter. I hope you enjoyed it as much as would have.

Hide

Permalink

Andrea Aime added a comment - 21/May/09 8:59 AM

Hmm... no, I don't particularly enjoy that. I enjoy squashing bugs or adding new features, giving back reports is not especially amusing...
On a separate note, should I move this one to beta2? To 2.0.x?

Show

Andrea Aime added a comment - 21/May/09 8:59 AM Hmm... no, I don't particularly enjoy that. I enjoy squashing bugs or adding new features, giving back reports is not especially amusing... On a separate note, should I move this one to beta2? To 2.0.x?

Hide

Permalink

Gabriel Roldan added a comment - 21/May/09 1:49 PM

chiming in late...
the stack trace indicates the one exposing the params is the app-schema module:

Caused by: org.geotools.data.DataSourceException: Cannot find a DataAccess for parameters {user=pirsa, passwd=p1rsaUSR, host=wsrv1.arrc.csiro.au, schema=pirsa, port=1521, database=wsrv1, dbtype=oracleng}
	at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.aquireSourceDatastores(AppSchemaDataAccessConfigurator.java:517)

For instance, it is line number 497 on my current trunk checkout that has the offending code:

                throw new DataSourceException("Cannot find a DataAccess for parameters "
                        + datastoreParams);

where datastoreParams is a java.util.Map...

The question remains the same, how to hide the pwd and still create a useful message...
if instead of

            if (dataStore == null) {
                throw new DataSourceException("Cannot find a DataAccess for parameters "
                        + datastoreParams);
            }

the following sort of does the trick, but still seems like too cumbersome:

            if (dataStore == null) {
                String msg = "Cannot find a DataAccess for the given parameters..";
                for (Iterator<DataAccessFactory> dsfi = DataAccessFinder.getAllDataStores(); it
                        .hasNext();) {
                    DataAccessFactory dataAccessFactory = dsfi.next();
                    if (dataAccessFactory.canProcess(datastoreParams)) {
                        Map reportParams = new HashMap(datastoreParams);
                        Param[] parametersInfo = dataAccessFactory.getParametersInfo();
                        for (Param param : parametersInfo) {
                            if (param.isPassword() && reportParams.containsKey(param.key)) {
                                reportParams.put(param.key, "*****");
                            }
                        }
                        msg = "Cannot find a DataAccess for parameters " + reportParams;
                    }
                }
                throw new DataSourceException(msg);
            }

any way out?...

Show

Gabriel Roldan added a comment - 21/May/09 1:49 PM chiming in late... the stack trace indicates the one exposing the params is the app-schema module: Caused by: org.geotools.data.DataSourceException: Cannot find a DataAccess for parameters {user=pirsa, passwd=p1rsaUSR, host=wsrv1.arrc.csiro.au, schema=pirsa, port=1521, database=wsrv1, dbtype=oracleng} at org.geotools.data.complex.config.AppSchemaDataAccessConfigurator.aquireSourceDatastores(AppSchemaDataAccessConfigurator.java:517) For instance, it is line number 497 on my current trunk checkout that has the offending code: throw new DataSourceException( "Cannot find a DataAccess for parameters " + datastoreParams); where datastoreParams is a java.util.Map... The question remains the same, how to hide the pwd and still create a useful message... if instead of if (dataStore == null ) { throw new DataSourceException( "Cannot find a DataAccess for parameters " + datastoreParams); } the following sort of does the trick, but still seems like too cumbersome: if (dataStore == null ) { String msg = "Cannot find a DataAccess for the given parameters.." ; for (Iterator<DataAccessFactory> dsfi = DataAccessFinder.getAllDataStores(); it .hasNext();) { DataAccessFactory dataAccessFactory = dsfi.next(); if (dataAccessFactory.canProcess(datastoreParams)) { Map reportParams = new HashMap(datastoreParams); Param[] parametersInfo = dataAccessFactory.getParametersInfo(); for (Param param : parametersInfo) { if (param.isPassword() && reportParams.containsKey(param.key)) { reportParams.put(param.key, "*****" ); } } msg = "Cannot find a DataAccess for parameters " + reportParams; } } throw new DataSourceException(msg); } any way out?...

Hide

Permalink

Ben Caradoc-Davies added a comment - 21/May/09 8:36 PM

Updated fix version. Well spotted Andrea.

Show

Ben Caradoc-Davies added a comment - 21/May/09 8:36 PM Updated fix version. Well spotted Andrea.

Hide

Permalink

Ben Caradoc-Davies added a comment - 21/May/09 8:38 PM

Gabriel, I was contemplating something like this, however there could be other sensitive parameters, such as hostnames or paths. I might just throw dbtype and log the full parameters.

Show

Ben Caradoc-Davies added a comment - 21/May/09 8:38 PM Gabriel, I was contemplating something like this, however there could be other sensitive parameters, such as hostnames or paths. I might just throw dbtype and log the full parameters.

Hide

Permalink

Ben Caradoc-Davies added a comment - 21/May/09 8:41 PM

Andrea wrote:
> giving back reports is not especially amusing...

I do admit to being easily amused.

Show

Ben Caradoc-Davies added a comment - 21/May/09 8:41 PM Andrea wrote: > giving back reports is not especially amusing... I do admit to being easily amused.

Hide

Permalink

Ben Caradoc-Davies added a comment - 19/Nov/09 12:06 AM

Fixed in GeoTools in r34399 on trunk and r34400 on 2.6.x branch.

Show

Ben Caradoc-Davies added a comment - 19/Nov/09 12:06 AM Fixed in GeoTools in r34399 on trunk and r34400 on 2.6.x branch.

Hide

Permalink

Ben Caradoc-Davies added a comment - 19/Nov/09 12:11 AM

The fix was to hardcode a list of safe parameters to report. Ugly, but combines reasonable reporting with reasonable security. Gabriel's suggestion was elegant, but if dbtype is wrong, the user gets nothing at all.

Show

Ben Caradoc-Davies added a comment - 19/Nov/09 12:11 AM The fix was to hardcode a list of safe parameters to report. Ugly, but combines reasonable reporting with reasonable security. Gabriel's suggestion was elegant, but if dbtype is wrong, the user gets nothing at all.

Hide

Permalink

Ben Caradoc-Davies added a comment - 19/Nov/09 12:21 AM

I also added logging of the full bad parameters.

Show

Ben Caradoc-Davies added a comment - 19/Nov/09 12:21 AM I also added logging of the full bad parameters.

Hide

Permalink

Andrea Aime added a comment - 28/Nov/10 2:58 AM

Mass closing all issues that have been in "resolved" state for 2 months or more without any feedback or update

Show

Andrea Aime added a comment - 28/Nov/10 2:58 AM Mass closing all issues that have been in "resolved" state for 2 months or more without any feedback or update

People

Assignee:

Ben Caradoc-Davies

Reporter:

Ben Caradoc-Davies

Vote (0)

Watch (1)

Dates

Created:

14/May/09 12:29 AM

Updated:

28/Nov/10 2:58 AM

Resolved:

19/Nov/09 12:06 AM