java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator

Atlassian JIRA | Joe Clark [Atlassian] | 4 years ago
  1. 0

    The constructor signature of {{com.atlassian.confluence.event.events.security.LoginEvent}} changed between Confluence 4.3.x and 5.0 - an additional String parameter was added to the constructor. From this: {code} public LoginEvent(Object src, String username, String sessionId, String remoteHost, String remoteIP) {code} To this: {code:lang=java} public LoginEvent(Object src, String username, String sessionId, String remoteHost, String remoteIP, String loginSource) {code} This breaks binary compatibility for any custom Seraph authenticator that manually constructs and fires an instance of LoginEvent. This is the expected behaviour for a well-written custom authenticator as, otherwise, a user's login history is not properly recorded in the Confluence database. The following exception is thrown at runtime: {noformat} java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator at com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:130) at com.atlassian.seraph.auth.AbstractAuthenticator.getUser(AbstractAuthenticator.java:45) at com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getUserPrincipal(BaseLoginFilter.java:236) at com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getRemoteUser(BaseLoginFilter.java:224) at com.pixelpark.seraph.SSOAuthenticator.getRemoteUsername(SSOAuthenticator.java:51) at com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:105) at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98) at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:30) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:150) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:74) at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:51) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:33) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) {noformat} This has some pretty crappy compatibility consequences for custom authenticators. Currently it is possible to write a custom authenticator that works on any version of Confluence from 3.5.x all the way to 4.3.x. The backwards compatibility on any earlier version than 3.5 was broken by embedded crowd (which is fair enough, it was a big change). To break compatibility for something as minor as the addition of an optional constructor parameter seems a bit cruel. The original constructor to LoginEvent should be restored and annotated with a Deprecated flag. This will allow developers to continue to write one custom authenticator jar that works with a wide range of Confluence versions.

    Atlassian JIRA | 4 years ago | Joe Clark [Atlassian]
    java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator
  2. 0

    The constructor signature of {{com.atlassian.confluence.event.events.security.LoginEvent}} changed between Confluence 4.3.x and 5.0 - an additional String parameter was added to the constructor. From this: {code} public LoginEvent(Object src, String username, String sessionId, String remoteHost, String remoteIP) {code} To this: {code:lang=java} public LoginEvent(Object src, String username, String sessionId, String remoteHost, String remoteIP, String loginSource) {code} This breaks binary compatibility for any custom Seraph authenticator that manually constructs and fires an instance of LoginEvent. This is the expected behaviour for a well-written custom authenticator as, otherwise, a user's login history is not properly recorded in the Confluence database. The following exception is thrown at runtime: {noformat} java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator at com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:130) at com.atlassian.seraph.auth.AbstractAuthenticator.getUser(AbstractAuthenticator.java:45) at com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getUserPrincipal(BaseLoginFilter.java:236) at com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getRemoteUser(BaseLoginFilter.java:224) at com.pixelpark.seraph.SSOAuthenticator.getRemoteUsername(SSOAuthenticator.java:51) at com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:105) at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98) at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:30) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:150) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:74) at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:51) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:33) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) {noformat} This has some pretty crappy compatibility consequences for custom authenticators. Currently it is possible to write a custom authenticator that works on any version of Confluence from 3.5.x all the way to 4.3.x. The backwards compatibility on any earlier version than 3.5 was broken by embedded crowd (which is fair enough, it was a big change). To break compatibility for something as minor as the addition of an optional constructor parameter seems a bit cruel. The original constructor to LoginEvent should be restored and annotated with a Deprecated flag. This will allow developers to continue to write one custom authenticator jar that works with a wide range of Confluence versions.

    Atlassian JIRA | 4 years ago | Joe Clark [Atlassian]
    java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator
  3. 0

    Login failed with Confluence 5.x

    GitHub | 4 years ago | bananastalktome
    java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Login failed with Confluence 5.x

    GitHub | 4 years ago | bananastalktome
    java.lang.IllegalAccessError: tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class shibauth.confluence.authentication.shibboleth.RemoteUserAuthenticator
  6. 0

    db:: 4.16::Exception in thread "main" java.lang.NoSuchFieldError: TRACE x3

    hivmr.com | 4 months ago
    java.lang.IllegalAccessError: tried to access method cfanvo.SimpleUnit.init(Ljava/lang/String;Ljava/lang/String;D)V from class UnitTest

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. java.lang.IllegalAccessError

      tried to access method com.atlassian.confluence.event.events.security.SecurityEvent.<init>(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V from class com.pixelpark.seraph.SSOAuthenticator

      at com.pixelpark.seraph.SSOAuthenticator.getUser()
    2. com.pixelpark.seraph
      SSOAuthenticator.getUser
      1. com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:130)
      1 frame
    3. com.atlassian.seraph
      BaseLoginFilter$SecurityHttpRequestWrapper.getRemoteUser
      1. com.atlassian.seraph.auth.AbstractAuthenticator.getUser(AbstractAuthenticator.java:45)
      2. com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getUserPrincipal(BaseLoginFilter.java:236)
      3. com.atlassian.seraph.filter.BaseLoginFilter$SecurityHttpRequestWrapper.getRemoteUser(BaseLoginFilter.java:224)
      3 frames
    4. com.pixelpark.seraph
      SSOAuthenticator.getUser
      1. com.pixelpark.seraph.SSOAuthenticator.getRemoteUsername(SSOAuthenticator.java:51)
      2. com.pixelpark.seraph.SSOAuthenticator.getUser(SSOAuthenticator.java:105)
      2 frames
    5. com.atlassian.seraph
      SecurityFilter.doFilter
      1. com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:125)
      1 frame
    6. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    7. com.atlassian.security
      TrustedApplicationsFilter.doFilter
      1. com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
      1 frame
    8. com.atlassian.confluence
      AbstractBootstrapHotSwappingFilter.doFilter
      1. com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:30)
      1 frame
    9. com.atlassian.core
      AbstractHttpFilter.doFilter
      1. com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      1 frame
    10. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    11. com.atlassian.seraph
      BaseLoginFilter.doFilter
      1. com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:150)
      1 frame
    12. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    13. com.atlassian.plugin
      ServletFilterModuleContainerFilter.doFilter
      1. com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      2. com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
      3. com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
      3 frames
    14. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    15. com.atlassian.confluence
      ClusterHeaderFilter.doFilter
      1. com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:37)
      1 frame
    16. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    17. com.atlassian.gzipfilter
      GzipFilter.doFilter
      1. com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:74)
      2. com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:51)
      2 frames
    18. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    19. com.atlassian.core
      AbstractHttpFilter.doFilter
      1. com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:33)
      2. com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      2 frames
    20. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames
    21. com.atlassian.plugin
      ServletFilterModuleContainerFilter.doFilter
      1. com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      2. com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
      3. com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
      3 frames
    22. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      2 frames