java.lang.StringIndexOutOfBoundsException: String index out of range: -1

Jenkins JIRA | Jarod Watkins | 3 years ago
  1. 0

    Without extra attributes passed from RubyCas, the cas plugin works great. I can login/logout and SSO works without issue. As soon as I enable extra_attributes in RubyCas to include even just one attribute, I get the following stack trace: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(Unknown Source) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110) at org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please let me know what other information you may need.

    Jenkins JIRA | 3 years ago | Jarod Watkins
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  2. 0

    Without extra attributes passed from RubyCas, the cas plugin works great. I can login/logout and SSO works without issue. As soon as I enable extra_attributes in RubyCas to include even just one attribute, I get the following stack trace: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(Unknown Source) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110) at org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please let me know what other information you may need.

    Jenkins JIRA | 3 years ago | Jarod Watkins
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  3. 0

    CAS 4, does not work properly with cas client core 3.1.12

    Stack Overflow | 2 years ago | Stupidfrog
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    CAS 4, does not work properly with cas client core 3.1.12

    Google Groups | 2 years ago | jeffrey tan
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
  6. 0

    Since the attributes can be populated from different sources (in my problem from a rich html editor embebed in a form) is hard difficult manage if that values have special characters that acts as tokens in the validator. So, I am wondered why, in the TicketValidator 1.0/2.0, the server response is not full handled by a XML parser like in phpCAS client is done to avoid some frustrated situations like multiline valued attributes. That said, I think that all clients should process the response using the same mechanisms because with ones the response works but with others not. Considere the next response fragment: {code:xml} ... <cas:attributes> ... <cas:signature> The sun is shining<br/> <img src="/resources/user/aklshd12kh12/129123.png" /> </cas:signature> ... </cas:attributes> ... {code} When the validator try to detect the attributes name and read the line *{{The sun is shining<br/>}}* a exception is thrown {code} java.lang.StringIndexOutOfBoundsException: String index out of range: -1 at java.lang.String.substring(String.java:1937) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:145) at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:98) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:217) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:140) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:126) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:242) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:147) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690) at java.lang.Thread.run(Thread.java:662) {code} due to in next code block {code:java} try { while ((line = br.readLine()) != null) { final String trimmedLine = line.trim(); if (trimmedLine.length() > 0) { final int leftPos = trimmedLine.indexOf(":"); final int rightPos = trimmedLine.indexOf(">"); attributeNames.add(trimmedLine.substring(leftPos+1, rightPos)); } } br.close(); } catch (final IOException e) { //ignore } {code} the existence tokens is not verified. Even worse, a false attribute is returned if in the mutiline attribute value has some of that reserved tokens.

    Apereo Issues | 4 years ago | David Ordás
    java.lang.StringIndexOutOfBoundsException: String index out of range: -1
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.lang.StringIndexOutOfBoundsException

    String index out of range: -1

    at java.lang.String.substring()
  2. Java RT
    String.substring
    1. java.lang.String.substring(Unknown Source)
    1 frame
  3. Jasig CAS Client for Java - Core
    AbstractUrlBasedTicketValidator.validate
    1. org.jasig.cas.client.validation.Cas20ServiceTicketValidator.extractCustomAttributes(Cas20ServiceTicketValidator.java:120)
    2. org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:86)
    3. org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188)
    3 frames
  4. spring-security-cas
    CasAuthenticationProvider.authenticate
    1. org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131)
    2. org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117)
    2 frames
  5. spring-security-core
    AbstractAuthenticationManager.authenticate
    1. org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130)
    2. org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48)
    2 frames
  6. spring-security-cas
    CasAuthenticationFilter.attemptAuthentication
    1. org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111)
    1 frame
  7. Spring Security
    AbstractAuthenticationProcessingFilter.doFilter
    1. org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
    1 frame
  8. Hudson
    ChainedServletFilter$1.doFilter
    1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    1 frame
  9. Jasig CAS Client for Java - Core
    SingleSignOutFilter.doFilter
    1. org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
    1 frame
  10. org.jenkinsci.plugins
    CasSingleSignOutFilter.doFilter
    1. org.jenkinsci.plugins.cas.spring.security.CasSingleSignOutFilter.doFilter(CasSingleSignOutFilter.java:43)
    1 frame
  11. Hudson
    ChainedServletFilter$1.doFilter
    1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    1 frame
  12. Acegi Security Core
    HttpSessionContextIntegrationFilter.doFilter
    1. org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
    1 frame
  13. Hudson
    HudsonFilter.doFilter
    1. hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
    2. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    3. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
    4. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
    5. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
    6. hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
    6 frames
  14. winstone
    RequestDispatcher.doFilter
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    2 frames
  15. Stapler
    CompressionFilter.doFilter
    1. org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
    1 frame
  16. winstone
    RequestDispatcher.doFilter
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    2 frames
  17. Hudson
    CharacterEncodingFilter.doFilter
    1. hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
    1 frame
  18. winstone
    RequestHandlerThread.run
    1. winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
    2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
    3. winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
    4. winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227)
    5. winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
    5 frames
  19. Java RT
    FutureTask.run
    1. java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
    2. java.util.concurrent.FutureTask.run(Unknown Source)
    2 frames
  20. winstone
    BoundedExecutorService$1.run
    1. winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
    1 frame
  21. Java RT
    Thread.run
    1. java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    2. java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    3. java.lang.Thread.run(Unknown Source)
    3 frames