I got a problem for using saml function in hue application.
I did every thing what I need to do in following this : https://docs.gethue.com/latest/administrator/configuration/server/#saml
env
os : ubuntu
hue : 4.5.0
step 1. install below
git gcc python-dev swig openssl xmlsec1 libxmlsec1-openssl
step 2. copy metadata from Idp to local
step 3. make a private key and certification with openssl
step 4. set configuration ini file
[[auth]]
backend=libsaml.backend.SAML2Backend
[libsaml]
xmlsec_binary=/usr/bin/xmlsec1
metadata_file=/opt/cloudera/security/saml/idp-openam-metadata.xml
key_file=/opt/cloudera/security/saml/host.key
cert_file=/opt/cloudera/security/saml/host.pem username_source=nameid
entity_id=https://myhuedomainname.com/saml2/metadata
step 5. get hue metadata and register it at Idp
I got my hue metadata at : https://myhuedomainname.com/saml2/metadata
and I registered it at Idp that our company use.
I think I did everything right.
but when I access to https://myhuedomainname.com,
my browser is redirected to :https://myhuedomainname.com/saml2/login/?next=/
then I got error that I cannot solved
it is empty screen that is redirected to same url again and again.
in browser console, I got this error
i18n.js:17 Uncaught ReferenceError: HUE_I18n is not defined
at I18n (i18n.js:17)
at Module../desktop/core/src/desktop/js/jquery/plugins/jquery.filechooser.js
(hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:47211)
at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104)
at Module../desktop/core/src/desktop/js/jquery/jquery.common.js (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46742)
at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104)
at Module../desktop/core/src/desktop/js/hue.js (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46485)
at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104)
at Object.0 (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104841)
at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104)
at checkDeferredModules (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:65)
I18n # i18n.js:17
./desktop/core/src/desktop/js/jquery/plugins/jquery.filechooser.js #
hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:47211
webpack_require # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 ./desktop/core/src/desktop/js/jquery/jquery.common.js #
hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46742
webpack_require # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 ./desktop/core/src/desktop/js/hue.js #
hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46485
webpack_require # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 0 # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104841
webpack_require # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 checkDeferredModules # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:65
(anonymous) # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:241
(anonymous) # hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:244
bootstrap-tooltip.js:326 Uncaught TypeError: Cannot read property 'fn'
of undefined
at bootstrap-tooltip.js:326
at bootstrap-tooltip.js:361 (anonymous) # bootstrap-tooltip.js:326 (anonymous) # bootstrap-tooltip.js:361
bootstrap-typeahead-touchscreen.js:317 Uncaught TypeError: Cannot read
property 'fn' of undefined
at bootstrap-typeahead-touchscreen.js:317
at bootstrap-typeahead-touchscreen.js:358 (anonymous) # bootstrap-typeahead-touchscreen.js:317 (anonymous) #
bootstrap-typeahead-touchscreen.js:358
bootstrap-better-typeahead.min.js:12 Uncaught TypeError: Cannot read
property 'extend' of undefined
at bootstrap-better-typeahead.min.js:12
at bootstrap-better-typeahead.min.js:12 (anonymous) # bootstrap-better-typeahead.min.js:12 (anonymous) #
bootstrap-better-typeahead.min.js:12
popover-extra-placements.js:113 Uncaught ReferenceError: jQuery is not
defined
at popover-extra-placements.js:113 (anonymous) # popover-extra-placements.js:113
?next=/:123 Uncaught ReferenceError: Dropzone is not defined
at ?next=/:123 (anonymous) # ?next=/:123
below is the logs of hue
[23/Sep/2019 21:50:34 +0000] middleware INFO Redirecting to
login page: / [23/Sep/2019 21:50:34 +0000] access INFO
210.94.41.89, 34.96.109.171 -anon- - "GET / HTTP/1.1" (mem: 158mb)-- login redirection [23/Sep/2019 21:50:34 +0000] access INFO
210.94.41.89, 34.96.109.171 -anon- - "GET / HTTP/1.1" returned in 1ms (mem: 158mb) [23/Sep/2019 21:50:34] "GET / HTTP/1.1" 302 0
[23/Sep/2019 21:50:34] "GET
/static/desktop/js/bundles/hue/hue-bundle-facb48d1fb2c72ee1343.js.map
HTTP/1.1" 200 7139914 [23/Sep/2019 21:50:35 +0000] access DEBUG
210.94.41.89, 34.96.109.171 -anon- - "GET /saml2/login/ HTTP/1.1" (mem: 158mb) [23/Sep/2019 21:50:35 +0000] mdstore DEBUG
service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':
[{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}],
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding':
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35
+0000] mdstore DEBUG service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': [{'binding':
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}],
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding':
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35
+0000] mdstore DEBUG service(http://sts.secsso.net/adfs/services/trust, idpsso_descriptor,
single_sign_on_service, None) [23/Sep/2019 21:50:35 +0000] mdstore
DEBUG service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':
[{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}],
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding':
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35
+0000] mdstore DEBUG service(http://sts.secsso.net/adfs/services/trust, idpsso_descriptor,
single_sign_on_service,
urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect) [23/Sep/2019
21:50:35 +0000] mdstore DEBUG service => [{'binding':
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class':
'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService',
'location': 'https://sts.secsso.net/adfs/ls/'}] [23/Sep/2019 21:50:35
+0000] client INFO destination to provider: https://sts.secsso.net/adfs/ls/ [23/Sep/2019 21:50:35 +0000] entity
INFO REQUEST:
https://sbc-hue.mgmt.dev.com/saml2/metadata/ [23/Sep/2019 21:50:35 +0000] client INFO
AuthNReq: https://sbc-hue.mgmt.dev.com/saml2/metadata/ [23/Sep/2019 21:50:35 +0000] entity INFO
HTTP REDIRECT [23/Sep/2019 21:50:35 +0000] views WARNING User
is using Hue 3 UI [23/Sep/2019 21:50:35 +0000] decorators INFO
AXES: Calling decorated function: dt_login [23/Sep/2019 21:50:35
+0000] decorators INFO args: (True,) [23/Sep/2019 21:50:35 +0000] access INFO 210.94.41.89, 34.96.109.171 -anon- - "GET /saml2/login/ HTTP/1.1" returned in 250ms (mem: 158mb)
I tried it with hue 4.0.0 version but it works
I resolved it with setting 'redirect_whitelist'.
I just though it is not mandatory. but it is
I configured Airflow 1.9 to store dag logs in Google Cloud Storage following (exactly) this description. It is working, however parts of the content of all DAGs logs seems to be duplicated (see below). It appears as if the log were appended to itself with additional information about the upload. The log file on a local drive doesn't have those duplicates.
It seems that gcs_write is by default using an append mode - so the only hack I found is to change it to False. Is there a configuration for that? What is the reason for this anyway?
I have changed following variables in the cfg file:
task_log_reader=gcs.task
logging_config_class=log_config.LOGGING_CONFIG
remote_log_conn_id=gcs
log_config.py:
GCS_LOG_FOLDER = 'gs://XXXX/'
LOG_LEVEL = conf.get('core', 'LOGGING_LEVEL').upper()
LOG_FORMAT = conf.get('core', 'log_format')
BASE_LOG_FOLDER = conf.get('core', 'BASE_LOG_FOLDER')
PROCESSOR_LOG_FOLDER = conf.get('scheduler', 'child_process_log_directory')
FILENAME_TEMPLATE = '{{ ti.dag_id }}/{{ ti.task_id }}/{{ ts }}/{{ try_number }}.log'
PROCESSOR_FILENAME_TEMPLATE = '{{ filename }}.log'
LOGGING_CONFIG = {
'version': 1,
'disable_existing_loggers': False,
'formatters': {
'airflow.task': {
'format': LOG_FORMAT,
},
'airflow.processor': {
'format': LOG_FORMAT,
},
},
'handlers': {
'console': {
'class': 'logging.StreamHandler',
'formatter': 'airflow.task',
'stream': 'ext://sys.stdout'
},
'file.task': {
'class': 'airflow.utils.log.file_task_handler.FileTaskHandler',
'formatter': 'airflow.task',
'base_log_folder': os.path.expanduser(BASE_LOG_FOLDER),
'filename_template': FILENAME_TEMPLATE,
},
'file.processor': {
'class': 'airflow.utils.log.file_processor_handler.FileProcessorHandler',
'formatter': 'airflow.processor',
'base_log_folder': os.path.expanduser(PROCESSOR_LOG_FOLDER),
'filename_template': PROCESSOR_FILENAME_TEMPLATE,
}
, 'gcs.task': {
'class': 'airflow.utils.log.gcs_task_handler.GCSTaskHandler',
'formatter': 'airflow.task',
'base_log_folder': os.path.expanduser(BASE_LOG_FOLDER),
'gcs_log_folder': GCS_LOG_FOLDER,
'filename_template': FILENAME_TEMPLATE,
},
},
'loggers': {
'': {
'handlers': ['console'],
'level': LOG_LEVEL
},
'airflow': {
'handlers': ['console'],
'level': LOG_LEVEL,
'propagate': False,
},
'airflow.processor': {
'handlers': ['file.processor'],
'level': LOG_LEVEL,
'propagate': True,
},
'airflow.task': {
'handlers': ['gcs.task'],
'level': LOG_LEVEL,
'propagate': False,
},
'airflow.task_runner': {
'handlers': ['gcs.task'],
'level': LOG_LEVEL,
'propagate': True,
},
}
}
Log:
*** Reading remote log from gs://XXXX/mwt1/mwt1_task1/2018-10-02T15:30:00/1.log.
[2018-11-16 10:27:17,304] {{cli.py:374}} INFO - Running on host fdfdf2f790e1
[2018-11-16 10:27:17,336] {{models.py:1197}} INFO - Dependencies all met for <TaskInstance: mwt1.mwt1_task1 2018-10-02 15:30:00 [queued]>
[2018-11-16 10:27:17,342] {{models.py:1197}} INFO - Dependencies all met for <TaskInstance: mwt1.mwt1_task1 2018-10-02 15:30:00 [queued]>
[2018-11-16 10:27:17,342] {{models.py:1407}} INFO -
--------------------------------------------------------------------------------
Starting attempt 1 of 4
--------------------------------------------------------------------------------
[2018-11-16 10:27:17,354] {{models.py:1428}} INFO - Executing <Task(BashOperator): mwt1_task1> on 2018-10-02 15:30:00
[2018-11-16 10:27:17,355] {{base_task_runner.py:115}} INFO - Running: ['bash', '-c', 'airflow run mwt1 mwt1_task1 2018-10-02T15:30:00 --job_id 48 --raw -sd DAGS_FOLDER/mwt1.py']
[2018-11-16 10:27:17,939] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:17,938] {{__init__.py:45}} INFO - Using executor LocalExecutor
[2018-11-16 10:27:18,231] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,230] {{models.py:189}} INFO - Filling up the DagBag from /usr/local/airflow/dags/mwt1.py
[2018-11-16 10:27:18,451] {{cli.py:374}} INFO - Running on host fdfdf2f790e1
[2018-11-16 10:27:18,473] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:70}} INFO - Tmp dir root location:
[2018-11-16 10:27:18,473] {{base_task_runner.py:98}} INFO - Subtask: /tmp
[2018-11-16 10:27:18,474] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:80}} INFO - Temporary script location: /tmp/airflowtmp5g0d6e4h//tmp/airflowtmp5g0d6e4h/mwt1_task1_8ob3n0y
[2018-11-16 10:27:18,474] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:88}} INFO - Running command: bdasdasdasd
[2018-11-16 10:27:18,479] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,479] {{bash_operator.py:97}} INFO - Output:
[2018-11-16 10:27:18,479] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,479] {{bash_operator.py:101}} INFO - /tmp/airflowtmp5g0d6e4h/mwt1_task1_8ob3n0y: line 1: bdasdasdasd: command not found
[2018-11-16 10:27:18,480] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,480] {{bash_operator.py:105}} INFO - Command exited with return code 127
[2018-11-16 10:27:18,488] {{models.py:1595}} ERROR - Bash command failed
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/airflow/models.py", line 1493, in _run_raw_task
result = task_copy.execute(context=context)
File "/usr/local/lib/python3.6/site-packages/airflow/operators/bash_operator.py", line 109, in execute
raise AirflowException("Bash command failed")
airflow.exceptions.AirflowException: Bash command failed
[2018-11-16 10:27:18,490] {{models.py:1616}} INFO - Marking task as UP_FOR_RETRY
[2018-11-16 10:27:18,503] {{models.py:1644}} ERROR - Bash command failed
[2018-11-16 10:27:17,304] {{cli.py:374}} INFO - Running on host fdfdf2f790e1
[2018-11-16 10:27:17,336] {{models.py:1197}} INFO - Dependencies all met for <TaskInstance: mwt1.mwt1_task1 2018-10-02 15:30:00 [queued]>
[2018-11-16 10:27:17,342] {{models.py:1197}} INFO - Dependencies all met for <TaskInstance: mwt1.mwt1_task1 2018-10-02 15:30:00 [queued]>
[2018-11-16 10:27:17,342] {{models.py:1407}} INFO -
--------------------------------------------------------------------------------
Starting attempt 1 of 4
--------------------------------------------------------------------------------
[2018-11-16 10:27:17,354] {{models.py:1428}} INFO - Executing <Task(BashOperator): mwt1_task1> on 2018-10-02 15:30:00
[2018-11-16 10:27:17,355] {{base_task_runner.py:115}} INFO - Running: ['bash', '-c', 'airflow run mwt1 mwt1_task1 2018-10-02T15:30:00 --job_id 48 --raw -sd DAGS_FOLDER/mwt1.py']
[2018-11-16 10:27:17,939] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:17,938] {{__init__.py:45}} INFO - Using executor LocalExecutor
[2018-11-16 10:27:18,231] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,230] {{models.py:189}} INFO - Filling up the DagBag from /usr/local/airflow/dags/mwt1.py
[2018-11-16 10:27:18,451] {{cli.py:374}} INFO - Running on host fdfdf2f790e1
[2018-11-16 10:27:18,473] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:70}} INFO - Tmp dir root location:
[2018-11-16 10:27:18,473] {{base_task_runner.py:98}} INFO - Subtask: /tmp
[2018-11-16 10:27:18,474] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:80}} INFO - Temporary script location: /tmp/airflowtmp5g0d6e4h//tmp/airflowtmp5g0d6e4h/mwt1_task1_8ob3n0y
[2018-11-16 10:27:18,474] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,473] {{bash_operator.py:88}} INFO - Running command: bdasdasdasd
[2018-11-16 10:27:18,479] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,479] {{bash_operator.py:97}} INFO - Output:
[2018-11-16 10:27:18,479] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,479] {{bash_operator.py:101}} INFO - /tmp/airflowtmp5g0d6e4h/mwt1_task1_8ob3n0y: line 1: bdasdasdasd: command not found
[2018-11-16 10:27:18,480] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,480] {{bash_operator.py:105}} INFO - Command exited with return code 127
[2018-11-16 10:27:18,488] {{models.py:1595}} ERROR - Bash command failed
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/airflow/models.py", line 1493, in _run_raw_task
result = task_copy.execute(context=context)
File "/usr/local/lib/python3.6/site-packages/airflow/operators/bash_operator.py", line 109, in execute
raise AirflowException("Bash command failed")
airflow.exceptions.AirflowException: Bash command failed
[2018-11-16 10:27:18,490] {{models.py:1616}} INFO - Marking task as UP_FOR_RETRY
[2018-11-16 10:27:18,503] {{models.py:1644}} ERROR - Bash command failed
[2018-11-16 10:27:18,504] {{base_task_runner.py:98}} INFO - Subtask: /usr/local/lib/python3.6/site-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>.
[2018-11-16 10:27:18,504] {{base_task_runner.py:98}} INFO - Subtask: """)
[2018-11-16 10:27:18,504] {{base_task_runner.py:98}} INFO - Subtask: Traceback (most recent call last):
[2018-11-16 10:27:18,504] {{base_task_runner.py:98}} INFO - Subtask: File "/usr/local/bin/airflow", line 27, in <module>
[2018-11-16 10:27:18,504] {{base_task_runner.py:98}} INFO - Subtask: args.func(args)
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: File "/usr/local/lib/python3.6/site-packages/airflow/bin/cli.py", line 392, in run
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: pool=args.pool,
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: File "/usr/local/lib/python3.6/site-packages/airflow/utils/db.py", line 50, in wrapper
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: result = func(*args, **kwargs)
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: File "/usr/local/lib/python3.6/site-packages/airflow/models.py", line 1493, in _run_raw_task
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: result = task_copy.execute(context=context)
[2018-11-16 10:27:18,505] {{base_task_runner.py:98}} INFO - Subtask: File "/usr/local/lib/python3.6/site-packages/airflow/operators/bash_operator.py", line 109, in execute
[2018-11-16 10:27:18,506] {{base_task_runner.py:98}} INFO - Subtask: raise AirflowException("Bash command failed")
[2018-11-16 10:27:18,506] {{base_task_runner.py:98}} INFO - Subtask: airflow.exceptions.AirflowException: Bash command failed
[2018-11-16 10:27:18,515] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,515] {{gcp_api_base_hook.py:82}} INFO - Getting connection using a JSON key file.
[2018-11-16 10:27:18,535] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,535] {{discovery.py:852}} INFO - URL being requested: GET https://www.googleapis.com/storage/v1/b/XXXX/o/mwt1%2Fmwt1_task1%2F2018-10-02T15%3A30%3A00%2F1.log?alt=media
[2018-11-16 10:27:18,535] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,535] {{client.py:595}} INFO - Attempting refresh to obtain initial access_token
[2018-11-16 10:27:18,537] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,537] {{client.py:893}} INFO - Refreshing access_token
[2018-11-16 10:27:18,911] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,911] {{gcp_api_base_hook.py:82}} INFO - Getting connection using a JSON key file.
[2018-11-16 10:27:18,922] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,922] {{util.py:134}} WARNING - __init__() takes at most 2 positional arguments (3 given)
[2018-11-16 10:27:18,928] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,928] {{discovery.py:852}} INFO - URL being requested: POST https://www.googleapis.com/upload/storage/v1/b/XXXX/o?name=mwt1%2Fmwt1_task1%2F2018-10-02T15%3A30%3A00%2F1.log&alt=json&uploadType=media
[2018-11-16 10:27:18,928] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,928] {{client.py:595}} INFO - Attempting refresh to obtain initial access_token
[2018-11-16 10:27:18,930] {{base_task_runner.py:98}} INFO - Subtask: [2018-11-16 10:27:18,930] {{client.py:893}} INFO - Refreshing access_token
This is a known issue that affects both GCS and S3 remote logging, see AIRFLOW-1916. It is fixed in Airflow 1.10 so you can either upgrade or pull run a fork with the fix.
I have a controller in my app as follows:
#Secured(UserRoles.ROLE_USER)
class ProjectController implements BaseController, SpringSecurityAware {
ProjectService projectService
def create(ProjectCommand command) {
...
}
def update(ProjectCommand command) {
Long projectId = params.id
...
}
}
And it mapped as follows:
post "/v1/api/project" (controller: "project", action: "create")
put "/v1/api/project/$id" {
controller = "project"
action = "update"
constraints {
id(matches:/\\\d+/)
}
}
I am using spring security rest with a custom token storage. The authentication mechanism works properly, as it's been tested and run for a while already.
When I am sending the post request to create the project, everything works fine.
However, if I am trying to update the project I am getting 403 without even getting into the action method.
My request looks like this:
PUT /v1/api/project/12 HTTP/1.1
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9....0qS2PUw8PQ
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Cookie: JSESSIONID=61F4874A906D706062C0209CEBF2AC3E
Host: localhost:8080
Connection: close
User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) GCDHTTPRequest
Content-Length: 77
title=Project+Update&background=Background&problemStatement=Problem+Statement
Notes:
UserRoles.ROLE_USER is a simple string
If I am debugging the request, the resolved user does have the expected authorities
What am I missing?
I suspect that there is something wrong with UrlMapping
UPDATE
Here is the debug log... It does not make much sense to me. It seems like it authenticated properly, but at the very end, the role was not allowed, even though it was the correct role.
2018-07-03 01:14:59.665 DEBUG --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/v1/api/project/12'; against '/v1/login'
2018-07-03 01:14:59.665 DEBUG --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/v1/api/project/12'; against '/v1/api/**'
2018-07-03 01:14:59.667 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 1 of 7 in additional filter chain; firing Filter: 'SecurityRequestHolderFilter'
2018-07-03 01:14:59.674 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 2 of 7 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2018-07-03 01:14:59.675 DEBUG --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/v1/api/project/12'; against '/logoff'
2018-07-03 01:14:59.675 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 3 of 7 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2018-07-03 01:14:59.675 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestAuthenticationFilter : Actual URI is /v1/api/project/12; endpoint URL is /api/login
2018-07-03 01:14:59.675 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 4 of 7 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2018-07-03 01:14:59.681 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 5 of 7 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2018-07-03 01:14:59.690 DEBUG --- [nio-8080-exec-4] g.p.s.r.token.bearer.BearerTokenReader : Looking for bearer token in Authorization header, query string or Form-Encoded body parameter
2018-07-03 01:14:59.690 DEBUG --- [nio-8080-exec-4] g.p.s.r.token.bearer.BearerTokenReader : Found bearer token in Authorization header
2018-07-03 01:14:59.690 DEBUG --- [nio-8080-exec-4] g.p.s.r.token.bearer.BearerTokenReader : Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g
2018-07-03 01:14:59.699 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestTokenValidationFilter : Token found: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g
2018-07-03 01:14:59.699 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestTokenValidationFilter : Trying to authenticate the token
2018-07-03 01:14:59.699 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestAuthenticationProvider : Use JWT: false
2018-07-03 01:14:59.699 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestAuthenticationProvider : Trying to validate token eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g
2018-07-03 01:14:59.873 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestAuthenticationProvider : Authentication result: grails.plugin.springsecurity.rest.token.AccessToken(accessToken:eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g, accessTokenJwt:null, expiration:null, refreshToken:null, refreshTokenJwt:null, principal:grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, super:grails.plugin.springsecurity.rest.token.AccessToken#4430b82e: Principal: grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER)
2018-07-03 01:14:59.873 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestTokenValidationFilter : Token authenticated. Storing the authentication result in the security context
2018-07-03 01:14:59.873 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestTokenValidationFilter : Authentication result: grails.plugin.springsecurity.rest.token.AccessToken(accessToken:eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g, accessTokenJwt:null, expiration:null, refreshToken:null, refreshTokenJwt:null, principal:grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, super:grails.plugin.springsecurity.rest.token.AccessToken#4430b82e: Principal: grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER)
2018-07-03 01:14:59.873 DEBUG --- [nio-8080-exec-4] g.p.s.rest.RestTokenValidationFilter : Continuing the filter chain
2018-07-03 01:14:59.878 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 6 of 7 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2018-07-03 01:14:59.878 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /v1/api/project/12 at position 7 of 7 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2018-07-03 01:14:59.977 DEBUG --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /v1/api/project/12; Attributes: [_DENY_]
2018-07-03 01:14:59.978 DEBUG --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: grails.plugin.springsecurity.rest.token.AccessToken(accessToken:eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1qTTFPRGxETjBWR1FUQXlOa00wUkRoR056TkZSRGs1TlRFME1VVXlRa0ZDT0VFelJUazBRdyJ9.eyJpc3MiOiJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwNjY0NzgyMTY3NjY0Mzk5ODE2MCIsImF1ZCI6WyJodHRwczovL3ByaXotZGV2LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly9wcml6LWRldi5hdXRoMC5jb20vdXNlcmluZm8iXSwiaWF0IjoxNTMwNjA1NjU5LCJleHAiOjE1MzA2MTI4NTksImF6cCI6ImtXcnJTT2Nsam1xM3dHTDB1SXR6ZVZ0ZjBMdzdidnlMIiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCJ9.Oybu4Y4JKhWxuBBWST4f7bqge6AXxvx6wREkhU5OfA8WiR5vJ9Jd8NwjbsdfBss8A4ECjmsDTJb7yCT7nWlr0BAdimhcM6-hU_RtOEl8u_zxPnJrT4I58m_j2eWjoyGCa2snwnBwX1F49ls75bBeH_SEgd4pFanptfUCI2_UluqmvBnSuq_v5bGcB87k0OCcfXR_sZs8Cj_Llt-pgf8yYYisX8EBwfyTm6DeHcSgYPQedGY5zORuZ5T6jlpx3xJwc8J3MrXXUyTRvvZPy7mzyyd12Yfjmh2qrFZ_yFY9yaJVAMtZheLAT0GiamrRtLwL6AcQ-zdJqZJ6ik_4nLPw8g, accessTokenJwt:null, expiration:null, refreshToken:null, refreshTokenJwt:null, principal:grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, super:grails.plugin.springsecurity.rest.token.AccessToken#4430b82e: Principal: grails.plugin.springsecurity.userdetails.GrailsUser#2dba1e: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER)
2018-07-03 01:14:59.979 DEBUG --- [nio-8080-exec-4] o.s.s.a.h.RoleHierarchyImpl : getReachableGrantedAuthorities() - From the roles [ROLE_USER] one can reach [ROLE_USER] in zero or more steps.
2018-07-03 01:14:59.997 DEBUG --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is not anonymous); delegating to AccessDeniedHandler
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AbstractAccessDecisionManager.checkAllowIfAllAbstainDecisions(AbstractAccessDecisionManager.java:70)
at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.groovy:50)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at javax.servlet.FilterChain$doFilter.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:136)
at grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:121)
at grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:139)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.groovy:64)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.groovy:58)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:67)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:96)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
2018-07-03 01:15:00.005 DEBUG --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/v1/login'
2018-07-03 01:15:00.005 DEBUG --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/v1/api/**'
2018-07-03 01:15:00.005 DEBUG --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /error has no matching filters
Apparently, the problem was not related to security at all.
The issue was with the UrlMapping.
The UrlMapping for the update was supposed to be:
put "/v1/api/project/$id" {
controller = "project"
action = "update"
constraints {
id(matches:/\d+/)
}
}
The regex for constraints was wrong.
However, I still don't understand why 403 was returned and not 404.
I am attempting to perform an HTTP POST to a local mongo database based off a simple example (http://www.tothenew.com/blog/using-groovys-http-builder-library/) and am having trouble keeping the connection open long enough to make any posts. Here is my code:
public static void postToDatabase(String item, final log) {
try {
String baseURL = "http://localhost:27017"
URIBuilder uri = new URIBuilder(baseURL)
HTTPBuilder http = new HTTPBuilder(uri)
String path = "Test/testCollection"
http.post(path: path, body: item, requestContentType: URLENC) { resp ->
log.info("POST Success: ${resp.StatusLine}")
assert resp.StatusLine.statusCode == 201
}
} catch(HttpResponseException ex) {
ex.printStackTrace()
} catch(ConnectException ex) {
ex.printStackTrace()
}
}
Once the program reaches the http.post call, here is the following stack trace I receive:
5651 [main] DEBUG groovyx.net.http.HTTPBuilder - POST http://localhost:27017Test/testCollection
5843 [main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Get connection for route {}->http://localhost:27017
5862 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnectionOperator - Connecting to localhost:27017
5890 [main] DEBUG org.apache.http.client.protocol.RequestAddCookies - CookieSpec selected: best-match
6067 [main] DEBUG org.apache.http.client.protocol.RequestAuthCache - Auth cache not set in the context
6067 [main] DEBUG org.apache.http.client.protocol.RequestTargetAuthentication - Target auth state: UNCHALLENGED
6068 [main] DEBUG org.apache.http.client.protocol.RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
6068 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Attempt 1 to execute request
6069 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Sending request: POST Test/testCollection HTTP/1.1
6069 [main] DEBUG org.apache.http.wire - >> "POST Test/testCollection HTTP/1.1[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Accept: */*[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Content-Length: 122[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Host: localhost:27017[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Connection: Keep-Alive[\r][\n]"
6071 [main] DEBUG org.apache.http.wire - >> "Accept-Encoding: gzip,deflate[\r][\n]"
6072 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
6072 [main] DEBUG org.apache.http.headers - >> POST Test/testCollection HTTP/1.1
6072 [main] DEBUG org.apache.http.headers - >> Accept: */*
6072 [main] DEBUG org.apache.http.headers - >> Content-Length: 122
6072 [main] DEBUG org.apache.http.headers - >> Content-Type: application/x-www-form-urlencoded
6072 [main] DEBUG org.apache.http.headers - >> Host: localhost:27017
6072 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
6072 [main] DEBUG org.apache.http.headers - >> Accept-Encoding: gzip,deflate
6073 [main] DEBUG org.apache.http.wire - >> "[ { "size" : "10\" - 10\" Double Helix (Class 4) 1 1/4\" Rod" , "strength" : { "unit" : "POUND_FORCE" , "value" : 31000}}]"
6075 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection 0.0.0.0:51283<->127.0.0.1:27017 closed
6075 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Closing the connection.
6075 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection 0.0.0.0:51283<->127.0.0.1:27017 closed
6075 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection 0.0.0.0:51283<->127.0.0.1:27017 shut down
6075 [main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl#50d3bf39
Exception in thread "main" org.apache.http.NoHttpResponseException: The target server failed to respond
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:143)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:260)
at org.apache.http.impl.AbstractHttpClientConnection.receiveResponseHeader(AbstractHttpClientConnection.java:283)
at org.apache.http.impl.conn.DefaultClientConnection.receiveResponseHeader(DefaultClientConnection.java:251)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.receiveResponseHeader(ManagedClientConnectionImpl.java:197)
at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:682)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:486)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at groovyx.net.http.HTTPBuilder.doRequest(HTTPBuilder.java:476)
at groovyx.net.http.HTTPBuilder.post(HTTPBuilder.java:359)
at groovyx.net.http.HTTPBuilder$post.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:110)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:130)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader.postToDatabase(MongoLoader.groovy:180)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader$postToDatabase$1.callStatic(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:53)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:191)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:219)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader.sortClientItems(MongoLoader.groovy:99)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader$sortClientItems$0.callStatic(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:53)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:191)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:227)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader.parseJSONString(MongoLoader.groovy:76)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader$parseJSONString.callStatic(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:53)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:191)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:219)
at com.spidasoftware.engine.api.v1.serializers.MongoLoader.main(MongoLoader.groovy:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
For whatever reason, it seems like the program likes to close the connection before it even makes the post. Any suggestions?
I think you are using the wrong port number for mongodb use 28017 according to http://docs.mongodb.org/ecosystem/tools/http-interfaces/