Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7973

Clicking Test Command twice in External Command Certificate Validator gives exception

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: EJBCA 7.0.1
    • Fix Version/s: EJBCA 7.1.0
    • Component/s: None
    • Labels:
      None
    • Issue discovered during:
      Ad Hoc
    • Sprint:
      EJBCA Team Alice - 2019 w10

      Description

      Configure an external command certificate validator (for example zlint).

      Browse to a file to test, select it, and click "Test command". The command will be tested and the output displayed.

      Click "Test command" again, now you get an error exception:

      An exception has occurred.

      java.lang.String cannot be cast to java.io.File

      I would call it a cosmetic issue, but security scanners may flag "Exceptions" as information leaks, albeit there is no information revealed here.

      The error should be handled better.

       

      Information in server.log:

      03:27:49,034 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-2) 2019-03-13 03:27:49-07:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;CN=SuperAdmin;;;;resource0=/administrator
      03:27:56,513 INFO  [org.cesecore.keys.validation.ExternalCommandCertificateValidator] (default task-17) Test external command certificate validator zlint
      03:27:56,513 WARNING [javax.enterprise.resource.webcontainer.jsf.lifecycle] (default task-17) java.lang.String cannot be cast to java.io.File: java.lang.ClassCastException: java.lang.String cannot be cast to java.io.File
      	at org.cesecore.keys.validation.ExternalCommandCertificateValidator.testCommand(ExternalCommandCertificateValidator.java:367)
      	at org.cesecore.keys.validation.ExternalCommandCertificateValidator$1.action(ExternalCommandCertificateValidator.java:148)
      	at org.ejbca.ui.psm.jsf.JsfDynamicUiActionListener.processAction(JsfDynamicUiActionListener.java:67)
      

       

        Attachments

          Activity

            People

            • Assignee:
              tomas Tomas Gustavsson
              Reporter:
              tomas Tomas Gustavsson
              Verified by:
              Bastian Fredriksson
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 hour
                1h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour
                1h