Community
Participate
Working Groups
Build ID: I20080609-1311 Steps To Reproduce: 1. Create a new dynamic web project 2. Import any WSDL for a service that requires HTTP basic authentication 3. Configure TCP monitor to monitor the web service invocation 4. Open the WSDL in web services explorer 5. Invoke a method on the service 6. Set the username to something 59 characters long 7. Set the password to something 18 characters long 8. Execute the service In the TCP monitor you'll see that the authentication line is wrapped at 98 characters. More information: This problem causes errors invoking services on WebSphere, which fails attempting to parse the header: Exception = com.ibm.wsspi.genericbnf.exception.MalformedMessageException Source = HttpInboundLink.handleNewInformation probeid = 1 Stack Dump = com.ibm.wsspi.genericbnf.exception.MalformedMessageException: Invalid CRLF found in header name at com.ibm.ws.genericbnf.impl.BNFHeadersImpl.findHeaderLength(BNFHeadersImpl.java:5489) at com.ibm.ws.genericbnf.impl.BNFHeadersImpl.parseHeaderName(BNFHeadersImpl.java:5531) at com.ibm.ws.genericbnf.impl.BNFHeadersImpl.parseHeaders(BNFHeadersImpl.java:2100) at com.ibm.ws.genericbnf.impl.GenericMessageImpl.parseMessage(GenericMessageImpl.java:353) ...
Thank you for reporting this bug. I have tried to assign to what I believe is the correct component. For guidance on how to select the correct component in future bug reports, please refer to: https://bugs.eclipse.org/bugs/describecomponents.cgi?product=Web+Tools
Hi Chris, A couple of questions for you. If you don't use the TCP/IP monitor (or user TCP/IP monitor with just use a userid and password that's normal length, e.g. 8 to 10 characters), could you invoke the Web service OK with the Web Services Explorer? Is this Linux specific or happens on Windows as well. I am tentatively targetting this to WTP 3.0.1 based on the severity of the problem you've assigned it to. This might be re-targetted based on further investigation of the problem. Andrew, could you please take a look at this problem? Thanks!
Shortening the username results in a successful invocation Removing the TCP monitor from the connection results in a failed invocation. The WS Explorer status shows this: IWAB0135E An unexpected error has occurred 400 Bad Request (side note: it would be a killer feature if I could, say, copy the contents of that buffer to the clipboard!) The WAS log shows the same exception again.
Looks like this is a known bug/limitation in Sun's Base64Encoder [1]. It does not appear that a fix has been released. It's possible to workaround this limitation by removing the extra newline from the encoded string. Will work on a patch for this. [1] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6459815
Created attachment 108553 [details] strip new line from encoded string
Problem Summary: When using WSE to test a Web service requiring Basic Auth, and it encounters a very long authorization string, the authorization header is split into 2 lines. This results in an invalid header so the Web service cannot be involved. Cause: This is an underlying bug in Sun's Base64Encoder [1] which has a limit to the length of the encoded string. Newline characters are inserted when that limit is reached, hence the extra line in the auth header. [1] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6459815 Fix: A fix to Base64Encoder is not available yet. We can workaround this problem by stripping out these extra newline characters from the encoded string. Fix has been tested and is quite safe.
Patch reviewed. PMC, please approve for WTP 3.0.1.
I'm ok with this quick fix for 3.0.1, but it's unfortunate we haven't gotten rid of that sun internal class. I think this small fix is the safest thing to do for 3.0.1, though. Accordingly, I've set the target of bug 121120 to be 3.1 M1. Perhaps _this_ scenario (with the original code, not the work around) would be an interesting test case for the "new" encoder? thanks,
The changes for this defect have been committed and released to the HEAD and V301 stream under v200807301838.
This defect has been in resolve state for a while. Please verify this with the appropriate WTP driver which can be found in: http://download.eclipse.org/webtools/downloads/ We would verify and close the defect on the originator's behalf if it has not been verified 2 weeks after it's been changed to Verified state.
This bug has been in resolved state for a while. Please verify this defect with the latest WTP 3.0.4 or WTP 3.5 build from: http://download.eclipse.org/webtools/downloads/ If this is not verified within 2 weeks, we'll be verifying the bug on your behalf. Thanks!
