Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSGI Missing Provide-Capability entry for org.apache.shiro.crypto.hash.HashSpi #1117

Closed
1 task done
jherkel opened this issue Oct 17, 2023 · 1 comment · Fixed by #1118 or #1158
Closed
1 task done

OSGI Missing Provide-Capability entry for org.apache.shiro.crypto.hash.HashSpi #1117

jherkel opened this issue Oct 17, 2023 · 1 comment · Fixed by #1118 or #1158
Assignees
@fpapon
Milestone
2.0

Comments

@jherkel
Copy link
Contributor

jherkel commented Oct 17, 2023

Search before asking

  • I had searched in the issues and found no similar issues.

Environment

Apache Karaf 4.4.4 & JDK 17 & Fedora 38

Shiro version

2.0.0 alpha 3

What was the actual outcome?

During password encryption I can see that shiro isn't able to see argon hash provider.

What was the expected outcome?

Shiro is able to use bcrypt & argon hash providers

How to reproduce

Import shiro bundles:
shiro-core
mvn:org.apache.shiro.crypto/shiro-hashes-bcrypt/${org.apache.shiro.version}
mvn:org.apache.shiro.crypto/shiro-hashes-argon2/${org.apache.shiro.version}

Deploy any application that uses shiro and is able to run under Karaf & OSGI

Debug logs

Caused by: java.lang.UnsupportedOperationException: Cannot create a hash with the given algorithm: argon2id
at org.apache.shiro.crypto.hash.DefaultHashService.computeHash(DefaultHashService.java:98) ~[!/:2.0.0-alpha-3]
at org.apache.shiro.authc.credential.DefaultPasswordService.passwordsMatch(DefaultPasswordService.java:181) ~[!/:2.0.0-alpha-3]
at tech.pantheon.chronos.aaa.impl.security.realm.impl.TokenCredentialsMatcher.doCredentialsMatch(TokenCredentialsMatcher.java:36) ~[?:?]
at org.apache.shiro.realm.AuthenticatingRealm.assertCredentialsMatch(AuthenticatingRealm.java:600) ~[!/:2.0.0-alpha-3]
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:581) ~[!/:2.0.0-alpha-3]
at Proxy7d5c2798_ad1d_48c5_aa34_93f64a110877.getAuthenticationInfo(Unknown Source) ~[?:?]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) ~[!/:2.0.0-alpha-3]
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:273) ~[!/:2.0.0-alpha-3]
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) ~[!/:2.0.0-alpha-3]
@lprimak
Copy link
Contributor

lprimak commented Oct 17, 2023

Sounds like you have a good handle on the problem. Would you submit a PR?
jherkel added a commit to jherkel/shiro that referenced this issue Oct 17, 2023
@jherkel
[apache#1117] fix missing osgi headers
bc05274
jherkel added a commit to jherkel/shiro that referenced this issue Oct 17, 2023
@jherkel
[apache#1117] fix missing osgi headers
c389e64
@jherkel jherkel mentioned this issue Oct 17, 2023
Merged
9 tasks
@fpapon fpapon self-assigned this Oct 18, 2023
fpapon added a commit that referenced this issue Nov 11, 2023
@fpapon
[#1117] Fix Karaf feature
5a42836
@fpapon fpapon mentioned this issue Nov 11, 2023
Merged
@fpapon fpapon added this to the 2.0 milestone Nov 11, 2023
fpapon added a commit that referenced this issue Nov 11, 2023
@fpapon
Merge pull request #1158 from apache/pr-1118
3ee445e 
[#1117] OSGI Missing Provide-Capability entry for org.apache.shiro.crypto.hash.HashSpi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
3 participants
@lprimak @jherkel @fpapon