java.lang.StringIndexOutOfBoundsException: String index out of range: -1

Jenkins JIRA | Jarod Watkins | 3 years ago
tip
Your exception is missing from the Samebug knowledge base.
Here are the best solutions we found on the Internet.
Click on the to mark the helpful solution and get rewards for you help.
  1. 0

    Without extra attributes passed from RubyCas, the cas plugin works great. I can login/logout and SSO works without issue. As soon as I enable extra_attributes in RubyCas to include even just one attribute, I get the following stack trace: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(Unknown Source) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110) at org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please let me know what other information you may need.

    Jenkins JIRA | 3 years ago | Jarod Watkins
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  2. 0

    Without extra attributes passed from RubyCas, the cas plugin works great. I can login/logout and SSO works without issue. As soon as I enable extra_attributes in RubyCas to include even just one attribute, I get the following stack trace: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(Unknown Source) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110) at org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please let me know what other information you may need.

    Jenkins JIRA | 3 years ago | Jarod Watkins
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  3. 0

    CAS 4, does not work properly with cas client core 3.1.12

    Stack Overflow | 2 years ago | Stupidfrog
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    CAS 4, does not work properly with cas client core 3.1.12

    Google Groups | 2 years ago | jeffrey tan
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  6. 0

    Since the attributes can be populated from different sources (in my problem from a rich html editor embebed in a form) is hard difficult manage if that values have special characters that acts as tokens in the validator. So, I am wondered why, in the TicketValidator 1.0/2.0, the server response is not full handled by a XML parser like in phpCAS client is done to avoid some frustrated situations like multiline valued attributes. That said, I think that all clients should process the response using the same mechanisms because with ones the response works but with others not. Considere the next response fragment: {code:xml} ... <cas:attributes> ... <cas:signature> The sun is shining<br/> <img src="/resources/user/aklshd12kh12/129123.png" /> </cas:signature> ... </cas:attributes> ... {code} When the validator try to detect the attributes name and read the line *{{The sun is shining<br/>}}* a exception is thrown {code} java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(String.java:1937) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:145) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:98) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:217) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:140) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:126) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:242) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:147) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690) at java.lang.Thread.run(Thread.java:662) {code} due to in next code block {code:java} try { while ((line = br.readLine()) != null) { final String trimmedLine = line.trim(); if (trimmedLine.length() > 0) { final int leftPos = trimmedLine.indexOf(":"); final int rightPos = trimmedLine.indexOf(">"); attributeNames.add(trimmedLine.substring(leftPos+1, rightPos)); } } br.close(); } catch (final IOException e) { //ignore } {code} the existence tokens is not verified. Even worse, a false attribute is returned if in the mutiline attribute value has some of that reserved tokens.

    Apereo Issues | 4 years ago | David Ordás
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.lang.StringIndexOutOfBoundsException

    String index out of range: -1

    at java.lang.String.substring()
  2. Java RT
    String.substring
    1. java.lang.String.substring(Unknown Source)
    1 frame
  3. Jasig CAS Client for Java - Core
    AbstractUrlBasedTicketValidator.validate
    1. org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120)
    2. org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86)
    3. org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188)
    3 frames
  4. spring-security-cas
    CasAuthenticationProvider.authenticate
    1. org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131)
    2. org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117)
    2 frames
  5. spring-security-core
    AbstractAuthenticationManager.authenticate
    1. org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130)
    2. org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48)
    2 frames
  6. spring-security-cas
    CasAuthenticationFilter.attemptAuthentication
    1. org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111)
    1 frame
  7. Spring Security
    AbstractAuthenticationProcessingFilter.doFilter
    1. org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
    1 frame
  8. Hudson
    ChainedServletFilter$1.doFilter
    1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    1 frame
  9. Jasig CAS Client for Java - Core
    SingleSignOutFilter.doFilter
    1. org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
    1 frame
  10. org.jenkinsci.plugins
    CasSingleSignOutFilter.doFilter
    1. org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43)
    1 frame
  11. Hudson
    ChainedServletFilter$1.doFilter
    1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    1 frame
  12. Acegi Security Core
    HttpSessionContextIntegrationFilter.doFilter
    1. org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
    1 frame
  13. Hudson
    HudsonFilter.doFilter
    1. hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
    2. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    3. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
    4. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    5. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
    6. hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
    6 frames
  14. winstone
    RequestDispatcher.doFilter
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    2 frames
  15. Stapler
    CompressionFilter.doFilter
    1. org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
    1 frame
  16. winstone
    RequestDispatcher.doFilter
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    2 frames
  17. Hudson
    CharacterEncodingFilter.doFilter
    1. hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
    1 frame
  18. winstone
    RequestHandlerThread.run
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    3. winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
    4. winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227)
    5. winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
    5 frames
  19. Java RT
    FutureTask.run
    1. java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
    2. java.util.concurrent.FutureTask.run(Unknown Source)
    2 frames
  20. winstone
    BoundedExecutorService$1.run
    1. winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
    1 frame
  21. Java RT
    Thread.run
    1. java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    2. java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    3. java.lang.Thread.run(Unknown Source)
    3 frames