Key: KERN-731
URL: http://jira.sakaiproject.org/browse/KERN-731
Project: Nakamura
Issue Type: Bug/Defect
Components: System - other
Affects Versions: 0.4
Reporter: Alan Berg
Login at /dev as admin and then edit your own profile.
There is no max length size limit, so end users can input values greater than the length acceptable on the server side. Wish for both client and serverside verification. Serverside verification is indirect via throwing an Exception.
No error message is shown on the client side.
For example see the country input under Degree in the user profile.
Stack trace is:
04.04.2010 19:19:58.285 *WARN* [580321105@qtp-1493422662-20] org.mortbay.jetty EXCEPTION java.lang.IllegalStateException: Form too large269514>200000
at org.mortbay.jetty.Request.extractParameters(Request.java:1476)
at org.mortbay.jetty.Request.getParameterMap(Request.java:785)
at javax.servlet.ServletRequestWrapper.getParameterMap(ServletRequestWrapper.java:177)
at org.apache.sling.engine.impl.parameters.ParameterSupport.getContainerParameters(ParameterSupport.java:153)
at org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:119)
at org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:85)
at org.apache.sling.engine.impl.SlingMainServlet$1.getParameter(SlingMainServlet.java:809)
at org.sakaiproject.nakamura.formauth.FormAuthenticationHandler$FormAuthentication.<init>(FormAuthenticationHandler.java:95)
at org.sakaiproject.nakamura.formauth.FormAuthenticationHandler.extractCredentials(FormAuthenticationHandler.java:156)
at org.apache.sling.commons.auth.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:67)
at org.apache.sling.commons.auth.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)
at org.apache.sling.commons.auth.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:560)
at org.apache.sling.commons.auth.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:374)
at org.apache.sling.engine.impl.SlingMainServlet.handleSecurity(SlingMainServlet.java:832)
at org.ops4j.pax.web.service.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:62)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.ops4j.pax.web.service.internal.HttpServiceContext.handle(HttpServiceContext.java:111)
at org.ops4j.pax.web.service.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:535)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:880)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:747)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.sakaiproject.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira