web stats
Http Listener (Javascript Authentication) bug - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 10-31-2016, 07:18 AM
jasonpcc jasonpcc is offline
What's HL7?
 
Join Date: Jun 2016
Posts: 3
jasonpcc is on a distinguished road
Default Http Listener (Javascript Authentication) bug

Running Mirth 3.4.1.8057.

I have a HTTP Listener that uses Javascript Authentication. I find that after I deploy the channel, if I then stop the channel, then start it again, the next time the listener is triggered via a HTTP request, this error is thrown:

[2016-10-31 10:07:30,133] ERROR (com.mirth.connect.connectors.http.HttpReceiver:93 3): Error in HTTP authentication for HTTP Listener (HTTP Listener "Source" on channel d05f19ab-c4e2-4084-a690-67f310d14b48).
com.mirth.connect.server.util.javascript.JavaScrip tExecutorException: java.lang.Exception: Script not found in cache
at com.mirth.connect.server.util.javascript.JavaScrip tUtil.execute(JavaScriptUtil.java:68)
at com.mirth.connect.plugins.httpauth.javascript.Java ScriptAuthenticator.authenticate(JavaScriptAuthent icator.java:48)
at com.mirth.connect.connectors.http.HttpReceiver$1.v alidateRequest(HttpReceiver.java:904)
at org.eclipse.jetty.security.SecurityHandler.handle( SecurityHandler.java:512)
at org.eclipse.jetty.server.handler.HandlerWrapper.ha ndle(HandlerWrapper.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java :499)
at org.eclipse.jetty.server.HttpChannel.handle(HttpCh annel.java:311)
at org.eclipse.jetty.server.HttpConnection.onFillable (HttpConnection.java:257)
at org.eclipse.jetty.io.AbstractConnection$2.run(Abst ractConnection.java:544)
at org.eclipse.jetty.util.thread.QueuedThreadPool.run Job(QueuedThreadPool.java:635)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.r un(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)Caused by: java.lang.Exception: Script not found in cache
at com.mirth.connect.plugins.httpauth.javascript.Java ScriptAuthenticator$JavaScriptAuthenticatorTask.do Call(JavaScriptAuthenticator.java:65)
at com.mirth.connect.plugins.httpauth.javascript.Java ScriptAuthenticator$JavaScriptAuthenticatorTask.do Call(JavaScriptAuthenticator.java:51)
at com.mirth.connect.server.util.javascript.JavaScrip tTask.call(JavaScriptTask.java:113)
at java.util.concurrent.FutureTask.run(FutureTask.jav a:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:615)
... 1 more


For what it's worth, this is my Javascript authentication code:
Code:
var authHeader = sourceMap.get('headers').getHeader('AUTHORIZATION');
if(authHeader && authHeader.trim())
{
	authHeader = authHeader.trim();
	// authHeader will look something like this:
	// "Basic [username]:[password]"
	// where username:password will be base64 encoded
	var index = authHeader.indexOf(' ');
	if(index > 0)
	{
		// Make sure the method is indeed "Basic"
		var method = authHeader.substring(0, index);
		if(method.toUpperCase() == "BASIC")
		{
			// Get and decode the credentials...
			var credentials = new java.lang.String(FileUtil.decode(authHeader.substring(index).trim()), java.nio.charset.StandardCharsets.ISO_8859_1);
			index = credentials.indexOf(':');
			if(index > 0)
			{
				var username = credentials.substring(0, index);
				var password = credentials.substring(index + 1);
				
				// TODO: run internal authentication code to authenticate...
				logger.debug("AUTHENTICATED: " + username + ": " + password);

				return AuthenticationResult.Success(username, "TEST");
			}
		}
	}
}

// Return authentication challange...
return AuthenticationResult.Challenged("Basic realm=\"TEST\"");
Reply With Quote
  #2  
Old 10-31-2016, 07:49 AM
narupley's Avatar
narupley narupley is offline
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,125
narupley is on a distinguished road
Default

That looks like a bug: MIRTH-4071
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.
Reply With Quote
  #3  
Old 10-31-2016, 07:54 AM
jasonpcc jasonpcc is offline
What's HL7?
 
Join Date: Jun 2016
Posts: 3
jasonpcc is on a distinguished road
Default

Quote:
Originally Posted by narupley View Post
That looks like a bug: MIRTH-4071
Thanks narupley.

Since it's minor I'm assuming this fix will go into 3.5. Do you have any idea when 3.5 is planning to be released?
Reply With Quote
  #4  
Old 10-31-2016, 08:01 AM
narupley's Avatar
narupley narupley is offline
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,125
narupley is on a distinguished road
Default

Sorry, no ETA at the moment. Just wondering, why not use the Basic mode? It looks like that's what your script is doing.
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.
Reply With Quote
  #5  
Old 10-31-2016, 08:11 AM
jasonpcc jasonpcc is offline
What's HL7?
 
Join Date: Jun 2016
Posts: 3
jasonpcc is on a distinguished road
Default

Quote:
Originally Posted by narupley View Post
Sorry, no ETA at the moment. Just wondering, why not use the Basic mode? It looks like that's what your script is doing.
You might have noticed the TODO section, I still have some work left to do :-)

My plan is to use basic authentication, but with some extra smarts. First, I'll call a local database function to do the actual authentication(passing the username, and hashed password... and maybe the requesters IP address if I have access to that). That database function will log the authentication request, and reject the authentication after so many failed attempts.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 09:11 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Mirth Corporation