2 Replies Latest reply on Feb 22, 2006 9:40 PM by 702619

    [求助] 麻烦看看这个异常是什么原因造成的〔域的用户名/密码加密无效导致 JSAFE_PaddingException,从而不允许服务器启动〕?

    702619
      在应用完全重新部署时,报如下错误。
      导致在portal admin中无法使用现有的portal文件建立新的门户。
      <2006-2-11 上午10时55分14秒 CST> <Error> <WSRP-Consumer> <BEA-420731> <Exception
      [weblogic.security.internal.encryption.EncryptionServiceException - with nested
      exception:
      [com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad
      byte.]] thrown while trying to do task [handleTimerNotification] in class [com.b
      ea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener].
      com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad b
      yte.
      at com.rsa.jsafe.JA_PKCS5Padding.a([BIILjava/lang/Object;)I(Unknown Sour
      ce)
              at com.rsa.jsafe.JG_BlockCipher.decryptFinal([BI)I(Unknown Source)
              at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decr
      yptBytes([B)[B(JSafeEncryptionServiceImpl.java:67)
              at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decr
      yptString([B)Ljava/lang/String;(JSafeEncryptionServiceImpl.java:93)
              at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt
      (Ljava/lang/String;)Ljava/lang/String;(ClearOrEncryptedService.java:56)
              at weblogic.management.EncryptionHelper.decryptString([BLweblogic/securi
      ty/acl/internal/AuthenticatedSubject;)Ljava/lang/String;(EncryptionHelper.java:4
      5)
              at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener$P
      roxyPortletRemover.getAdminPassword()Ljava/lang/String;(ProxyPortletRemoveListen
      er.java:484)
              at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener$P
      roxyPortletRemover.run()Ljava/lang/Object;(ProxyPortletRemoveListener.java:266)
              at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic/se
      curity/subject/AbstractSubject;Ljava/security/PrivilegedExceptionAction;)Ljava/l
      ang/Object;(AuthenticatedSubject.java:363)
              at weblogic.security.service.SecurityManager.runAs(Lweblogic/security/ac
      l/internal/AuthenticatedSubject;Lweblogic/security/acl/internal/AuthenticatedSub
      ject;Ljava/security/PrivilegedExceptionAction;)Ljava/lang/Object;(SecurityManage
      r.java:147)
              at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener.h
      andleNotification(Ljavax/management/Notification;Ljava/lang/Object;)V(ProxyPortl
      etRemoveListener.java:216)
              at javax.management.NotificationBroadcasterSupport$Triple.fire(Ljavax/ma
      nagement/Notification;)V(NotificationBroadcasterSupport.java:40)
              at javax.management.NotificationBroadcasterSupport.sendNotification(Ljav
      ax/management/Notification;)V(NotificationBroadcasterSupport.java:121)
              at javax.management.timer.Timer.sendNotification(Ljava/util/Date;Ljavax/
      management/timer/TimerNotification;)V(Timer.java:1119)
              at javax.management.timer.Timer.notifyAlarmClock(Ljavax/management/timer
      /TimerAlarmClockNotification;)V(Timer.java:1089)
              at javax.management.timer.TimerAlarmClock.run()V(Timer.java:1165)
              at java.lang.Thread.startThreadFromVM(Ljava/lang/Thread;)V(Unknown Sourc
      e)
      --------------- nested within: ------------------
      weblogic.security.internal.encryption.EncryptionServiceException - with nested e
      xception:
      [com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad
      byte.]
      at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decr
      yptBytes([B)[B(JSafeEncryptionServiceImpl.java:77)
      at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decr
      yptString([B)Ljava/lang/String;(JSafeEncryptionServiceImpl.java:93)
      at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt
      (Ljava/lang/String;)Ljava/lang/String;(ClearOrEncryptedService.java:56)
      at weblogic.management.EncryptionHelper.decryptString([BLweblogic/securi
      ty/acl/internal/AuthenticatedSubject;)Ljava/lang/String;(EncryptionHelper.java:4
      5)
      at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener$P
      roxyPortletRemover.getAdminPassword()Ljava/lang/String;(ProxyPortletRemoveListen
      er.java:484)
      at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener$P
      roxyPortletRemover.run()Ljava/lang/Object;(ProxyPortletRemoveListener.java:266)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Lweblogic/se
      curity/subject/AbstractSubject;Ljava/security/PrivilegedExceptionAction;)Ljava/l
      ang/Object;(AuthenticatedSubject.java:363)
      at weblogic.security.service.SecurityManager.runAs(Lweblogic/security/ac
      l/internal/AuthenticatedSubject;Lweblogic/security/acl/internal/AuthenticatedSub
      ject;Ljava/security/PrivilegedExceptionAction;)Ljava/lang/Object;(SecurityManage
      r.java:147)
      at com.bea.wsrp.consumer.management.portlet.ProxyPortletRemoveListener.h
      andleNotification(Ljavax/management/Notification;Ljava/lang/Object;)V(ProxyPortl
      etRemoveListener.java:216)
      at javax.management.NotificationBroadcasterSupport$Triple.fire(Ljavax/ma
      nagement/Notification;)V(NotificationBroadcasterSupport.java:40)
      at javax.management.NotificationBroadcasterSupport.sendNotification(Ljav
      ax/management/Notification;)V(NotificationBroadcasterSupport.java:121)
      at javax.management.timer.Timer.sendNotification(Ljava/util/Date;Ljavax/
      management/timer/TimerNotification;)V(Timer.java:1119)
      at javax.management.timer.Timer.notifyAlarmClock(Ljavax/management/timer
      /TimerAlarmClockNotification;)V(Timer.java:1089)
      at javax.management.timer.TimerAlarmClock.run()V(Timer.java:1165)
      at java.lang.Thread.startThreadFromVM(Ljava/lang/Thread;)V(Unknown Sourc
      e)
      >


      该帖由 weiyun_pang 在 Feb 22, 2006 3:41 PM 编辑过
        • 1. Re: [求助] 麻烦看看这个异常是什么原因造成的?
          702619
          参考这里
          http://www.bea.com.cn/support_pattern/ReEncryptingPasswordsPattern.html
          • 2. Re: [求助] 麻烦看看这个异常是什么原因造成的?
            702619
            //我将解决方法粘贴过来,方便大家

            有几种方法可解决此问题:
            1:
            将加密密码更改为明文密码。可通过将加密值更改为明文值并重新启动服务器的方法重新生成域/机器组合的用户名/密码加密。

            需要更改的文件包括:

            在域目录中:

            boot.properties(boot.properties 可能不存在。如果不存在,则不必进行任何操作)
            config.xml

            boot.properties 中的值类似以下内容:

            username={3DES}pxyIL8dxDy1JnDPs+i3dDA==
            password={3DES}pxyIL8dxDy1JnDPs+i3dDA==

            将将更改为明文用户名/密码,类似以下内容:

            username=user1
            password=password1

            config.xml 的值将类似以下内容:

            PasswordEncrypted="{3DES}pxyIL8dxDy1JnDPs+i3dDA=="

            将其更改为:

            Password="password1"

            如果您的 application-config.xml 文件内包含密码值,则可能也需进行更改。只在 config.xml 和 boot.properties 文件内查找您所更改的相同 {3DES} 加密值,如果存在,则同样将这些值更改为明文。这些值是否存在视您的应用程序而定。Application-config.xml 文件位于 /user_projects/applications//META-INF 目录下。

            例如,密码可能类似以下内容:

            AdminPassword="{3DES}pxyIL8dxDy1JnDPs+i3dDA=="

            将其更改为:

            AdminPassword="password1"

            确保在进行任何这些更改后重新启动服务器。

            2:
            重设内嵌的 LDAP 认证。如果收到内嵌的 LDAP JSAFE_PaddingException,则需要在 WebLogic Server 控制台内重设内嵌的 LDAP 认证。在域的控制台内,转到“Security”并单击“Embedded LDAP”选项卡。根据需要设置认证并进行确认。应用更改并重新启动服务器。


            3:使用 Configuration Wizard(配置向导)在新机器上创建新域。


            4:使用 EncryptDomainString 实用程序生成新的加密密码。参考 Encrypting Passwords(加密密码)。