I am using gateway based authentication in spring security. A user is authenticated from the database. Through zuul, the authenticated user is directed to the UI microservice. A successfully authenticates user at the admin gateway service when routed to the UI microservice gives the following exception.
There was an unexpected error (type=Internal Server Error, status=500).
Cannot deserialize; nested exception is org.springframework.core.serializer.support.SerializationFailedException: Failed to deserialize payload. Is the byte array a result of corresponding serialization for DefaultDeserializer?; nested exception is org.springframework.core.NestedIOException: Failed to deserialize object type; nested exception is java.lang.ClassNotFoundException: mysecurity.CustomUserDetails
Look at your exception:
java.lang.ClassNotFoundException: mysecurity.CustomUserDetails
Just make sure that you have mysecurity.CustomUserDetails class in your classpath
Related
I am trying to configure spring-boot-starter-oauth2-resource-server and spring-boot-starter-oauth2-client in a single app as web_application_and_resource_server. After following these instructions I have the following error:
Error: Caused by: java.lang.IllegalStateException: Web Api do not support authorization_code grant type. id = graph.
I am unsure how to configure the properties for the resource server, I tried the properties below:
azure.activedirectory.tenant-id=###
# Specifies your App Registration's Application ID:
azure.activedirectory.client-id=###
# Specifies your App Registration's secret key:
azure.activedirectory.client-secret=###
azure.activedirectory.application-type = web_application_and_resource_server
#azure.activedirectory.app-id-uri=##
#azure.activedirectory.authorization-clients.api.authorizationGrantType=on_behalf_of
#azure.activedirectory.authorization-clients.api.scopes=https://graph.microsoft.com/User.Read
azure.activedirectory.authorization-clients.graph.authorizationGrantType=authorization_code
azure.activedirectory.authorization-clients.graph.scopes=https://graph.microsoft.com/User.Read,Directory.AccessAsUser.All,offline_access,openid,profile,email
How does the configuration apply to resource server?
With above configuration I receive an error webapi cant accept authorisation code as a granttype which is true.
Is there any specific configuration required at AZure Ad level?
All APIs are within the spring boot application itself. I just need all APIs to be authenticated using the token.
After reading the following article:
http://blogs.technet.com/b/ad/archive/2015/08/12/azure-ad-microsoft-account-preview-sign-in-personal-and-work-accounts-using-a-single-stack.aspx
I tried to implement an OpenID Connect/Oauth code flow per the documentation at:
https://azure.microsoft.com/en-us/documentation/articles/active-directory-appmodel-v2-overview/
I'm using mod_auth_openidc as my Relying Party (that I have working with both Google and my own OpenID Provider.
I've registered my app at https://apps.dev.microsoft.com, and gone through all the steps. I get the login screen at microsoft, then the permissions screen and when it redirects back to my site and hits mod_auth_openidc, I get an error that says:
Error:
The OpenID Connect Provider returned an error: Error in handling response type.
In my Apache Error logs I get:
oidc_proto_validate_code_response: requested flow is "code" but no "access_token" parameter found in the code response, referer: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&scope=openid&client_id=xxx&state=yyy&redirect_uri=https%3A%2F%2Fdst-dev.mydomain.com%2Foauth2callback&nonce=zzz
and
oidc_proto_resolve_code_and_validate_response: code response validation failed,
What I'm trying to figure out is where the problem lies. Is there an issue with what Microsoft is sending mod_auth_openidc, or is there a bug or configuration issue on the mod_auth_openidc side?
The example at MS webpages uses a different response mode and response type in the authentication request:
&response_mode=form_post&response_type=code+id_token
both are supported by mod_auth_openidc so you could apply something similar by including:
OIDCResponseType id_token
OIDCResponseMode form_post
in the Apache configuration or using the associated primitives in the .conf file for Microsoft when using multiple providers.
File upload mechanism is added to my existing application which is deployed to WebSphere 7. I use commons-fileupload-1.2.2.jar for the file upload. During testing, I encountered below exception:
[5/2/13 18:00:00:773 CST] 0000001b SystemOut O 18:00:00,773 INFO AccountsController:156 - Session is valid.
[5/2/13 18:04:42:299 CST] 0000001e servlet E com.ibm.ws.webcontainer.servlet.ServletWrapper service SRVE0068E: Uncaught exception created in one of the service methods of the servlet dispatcher in application SunLinkOnline_ST. Exception created : org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.multipart.MultipartException: Could not parse multipart servlet request; nested exception is org.apache.commons.fileupload.FileUploadBase$IOFileUploadException: Processing of multipart/form-data request failed. Async operation timed out
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:583)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1657)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1597)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:131)
at ph.com.sunlife.sunlink.filter.MFSanitizerFilter.doFilter(MFSanitizerFilter.java:38)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:934)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:502)
at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:179)
at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:91)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:864)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:445)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:504)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:301)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:275)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1563)
Caused by: org.springframework.web.multipart.MultipartException: Could not parse multipart servlet request; nested exception is org.apache.commons.fileupload.FileUploadBase$IOFileUploadException: Processing of multipart/form-data request failed. Async operation timed out
at org.springframework.web.multipart.commons.CommonsMultipartResolver.parseRequest(CommonsMultipartResolver.java:172)
at org.springframework.web.multipart.commons.CommonsMultipartResolver.resolveMultipart(CommonsMultipartResolver.java:149)
at org.springframework.web.servlet.DispatcherServlet.checkMultipart(DispatcherServlet.java:1006)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:851)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
... 34 more
Caused by: org.apache.commons.fileupload.FileUploadBase$IOFileUploadException: Processing of multipart/form-data request failed. Async operation timed out
at org.apache.commons.fileupload.FileUploadBase.parseRequest(FileUploadBase.java:371)
at org.apache.commons.fileupload.servlet.ServletFileUpload.parseRequest(ServletFileUpload.java:126)
at org.springframework.web.multipart.commons.CommonsMultipartResolver.parseRequest(CommonsMultipartResolver.java:165)
... 39 more
Caused by: java.net.SocketTimeoutException: Async operation timed out
Could someone please share some insights what is causing above exception. Though the exception may point to server long response or due to handling of timeout in server but is there a way to resolve this? Like handling of exception in code side? Your help is much appreciated. Please let me know if I need to include other information to resolve this exceptions. Thanks!
It seems like file upload time out need to be increased. I came across same situation once but what i needed was to upload my application to websphere via admin console. Since my application is a large one i have to increase time out for admin console.
Since your scenario is for file upload in application hosted in websphere you have to change the time out of different queue.
Please find following URLs
IBM Websphere timeout custom properties
IBM changing time out in HTTP queues
what i did in my scenario
I'm doing a soap based authentication in my custom Authenticator object. Sometime the soap endpoint may not be available. This in sequence will throw a
SOAP-ERROR: Parsing WSDL: Couldn't load from
and then will be handled by
ErrorHandler::handleFatalError(1, 'SOAP-ERROR: Par...', '/home/bombadil/...', 100)
in lib/Cake/Error/ErrorHandler.php
and then the page will be redirected to lib Cake/View/Errors/fatal_error.ctp
Now, how do I redirect to my login page again and showing a toned down error message instead of throwing the unfriendly page of fatal_error.ctp? I can't afford to create another fatal_error page because I want to redirect again to my login page.
Thanks
NVM, I raise an exception upon unsuccessful connection in the Soap datasource and catch it at my model which doing the Soap based authentication.
when im trying to send a mail using java mail api in my web application , I'm getting this exception.
java.lang.SecurityException: Access to default session denied
the inputs are fron an html page. then it goes to a servlet which eventually calls a java class where the mail logic is written
This error text is associated with a call to Session.getDefaultInstance(props, authenticator) where the default instance already has a different authenticator set.
It should work better if you call Session.getInstance(props, authenticator) instead of Session.getDefaultInstance(props, authenticator) in your code.
I've got the same error, when I launch 2 tests in Webdriver. In secound test i've got "java.lang.SecurityException: Access to default session denied".
When I used method Session.getInstance instead Session.getDefaultInstance in every test, errors disappeared.