java.io.CharConversionException

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • I am not 100% sure it is SpringSecurity bug as I can not reproduce this bug. It maybe caused by tomcat session management or EHCache... But I put it here just because it is very serious issue. I really need SS expert's help.... For the whole authentication process, very few part of my code is involved, almost all from SS configuration. My site is running on Internet and allow public register and login. Someday, while I login(or maybe remember-me auto login, I forgot detail), my user should be "admin". But I suddenly found my login user is another unknown guy(user name is "alexuser") !!!! I checked log, that guy is latest registered user, last login is 2 hour early than my login. I cannot point out if he chose remeber-me option. Between alexuser and me login, there aren't any login event. There are 2 login success events during my login. Log shows an exception between them, but I don't think this exception is very critical for this bug. The exception is thrown from a customized filter(CaptchaValidationProcessingFilter - see attachment), in line 1 of doFilter(): String captchaResponse = request.getParameter("j_captcha_response"); The attachment is my appliationContext-security.xml. I am using spring security 2.0.3. But my code is upgraded from acegi, so my configuration is still that bloat xml style. Log information as below, the first login event publish success event, but it does not continue - at least log displays "admin" did not continue to load its setting. It looks second login success event replaced first. Basically, I assume the real "alexuser" did not login simultaneously. It likes SpringSecurity API interrupt by that exception then goes somewhere pickup wrong user and do authentication again... Log ---------------------------------------------------------------------------------------- 2008-12-18 06:24:10,750 WARN [LoggerListener] Authentication event AuthenticationSuccessEvent: admin; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:10,750 WARN [LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent: admin; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 Dec 18, 2008 6:24:10 AM org.apache.tomcat.util.http.Parameters processParameters WARNING: Parameters: Character decoding failed. Parameter skipped. java.io.CharConversionException: EOF at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:83) at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:49) at org.apache.tomcat.util.http.Parameters.urlDecode(Parameters.java:412) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:394) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:346) at org.apache.catalina.connector.Request.parseParameters(Request.java:2470) at org.apache.catalina.connector.Request.getParameter(Request.java:1040) at org.apache.catalina.connector.RequestFacade.getParameter(RequestFacade.java:355) at com.mypackge.wiki.security.acegi.CaptchaValidationProcessingFilter.doFilter(CaptchaValidationProcessingFilter.java:59) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:70) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.mypackage.wiki.webapp.filter.InstallFilter.doFilterInternal(InstallFilter.java:49) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2008-12-18 06:24:10,821 WARN [LoggerListener] Authentication event AuthenticationSuccessEvent: alexuser; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:10,822 WARN [LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent: alexuser; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:11,061 WARN [User] User alexuser does not have personal setting, using default one instead. 2008-12-18 06:24:11,463 INFO [MarkupRenderEngineImpl] Render markup content takes: 1ms ----------------------------------------------------------------------------------------
    via by steveneo,
  • I am not 100% sure it is SpringSecurity bug as I can not reproduce this bug. It maybe caused by tomcat session management or EHCache... But I put it here just because it is very serious issue. I really need SS expert's help.... For the whole authentication process, very few part of my code is involved, almost all from SS configuration. My site is running on Internet and allow public register and login. Someday, while I login(or maybe remember-me auto login, I forgot detail), my user should be "admin". But I suddenly found my login user is another unknown guy(user name is "alexuser") !!!! I checked log, that guy is latest registered user, last login is 2 hour early than my login. I cannot point out if he chose remeber-me option. Between alexuser and me login, there aren't any login event. There are 2 login success events during my login. Log shows an exception between them, but I don't think this exception is very critical for this bug. The exception is thrown from a customized filter(CaptchaValidationProcessingFilter - see attachment), in line 1 of doFilter(): String captchaResponse = request.getParameter("j_captcha_response"); The attachment is my appliationContext-security.xml. I am using spring security 2.0.3. But my code is upgraded from acegi, so my configuration is still that bloat xml style. Log information as below, the first login event publish success event, but it does not continue - at least log displays "admin" did not continue to load its setting. It looks second login success event replaced first. Basically, I assume the real "alexuser" did not login simultaneously. It likes SpringSecurity API interrupt by that exception then goes somewhere pickup wrong user and do authentication again... Log ---------------------------------------------------------------------------------------- 2008-12-18 06:24:10,750 WARN [LoggerListener] Authentication event AuthenticationSuccessEvent: admin; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:10,750 WARN [LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent: admin; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 Dec 18, 2008 6:24:10 AM org.apache.tomcat.util.http.Parameters processParameters WARNING: Parameters: Character decoding failed. Parameter skipped. java.io.CharConversionException: EOF at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:83) at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:49) at org.apache.tomcat.util.http.Parameters.urlDecode(Parameters.java:412) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:394) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:346) at org.apache.catalina.connector.Request.parseParameters(Request.java:2470) at org.apache.catalina.connector.Request.getParameter(Request.java:1040) at org.apache.catalina.connector.RequestFacade.getParameter(RequestFacade.java:355) at com.mypackge.wiki.security.acegi.CaptchaValidationProcessingFilter.doFilter(CaptchaValidationProcessingFilter.java:59) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:70) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.mypackage.wiki.webapp.filter.InstallFilter.doFilterInternal(InstallFilter.java:49) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 2008-12-18 06:24:10,821 WARN [LoggerListener] Authentication event AuthenticationSuccessEvent: alexuser; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:10,822 WARN [LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent: alexuser; details: org.springframework.security.ui.WebAuthenticationDetails@0: RemoteIpAddress: 60.242.146.122; SessionId: 1F63337DB300CA25A919E72CF52590C5 2008-12-18 06:24:11,061 WARN [User] User alexuser does not have personal setting, using default one instead. 2008-12-18 06:24:11,463 INFO [MarkupRenderEngineImpl] Render markup content takes: 1ms ----------------------------------------------------------------------------------------
    via by steveneo,
  • Why % is not allowed
    via Stack Overflow by Prateek
    ,
    • java.io.CharConversionException: EOF at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:83) at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:49) at org.apache.tomcat.util.http.Parameters.urlDecode(Parameters.java:412) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:394) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:346) at org.apache.catalina.connector.Request.parseParameters(Request.java:2470) at org.apache.catalina.connector.Request.getParameter(Request.java:1040) at org.apache.catalina.connector.RequestFacade.getParameter(RequestFacade.java:355) at com.mypackge.wiki.security.acegi.CaptchaValidationProcessingFilter.doFilter(CaptchaValidationProcessingFilter.java:59) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:70) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.mypackage.wiki.webapp.filter.InstallFilter.doFilterInternal(InstallFilter.java:49) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619)

    Users with the same issue

    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,