#StackBounty: #spring #cas Configuring CAS for Database Audits

Bounty: 450

I’m trying to save the cas audits to a postgres database. For whatever reason, CAS is trying to use the hsqldb driver, even though I’ve specified the postgres driver.

I’m using a CAS 6.0.3 docker image built with the cas-overlay-template project.

Here is my configuration:

cas.audit.jdbc.driverClass=org.postgresql.Driver
cas.audit.jdbc.url=jdbc:postgresql://postgres:5432/cas_audits
cas.audit.jdbc.dialect=org.hibernate.dialect.PostgresPlusDialect
cas.audit.jdbc.user=someuser
cas.audit.jdbc.password=somepassword

I’ve included the cas server support for jdbc audits in the grade build file.

compile "org.apereo.cas:cas-server-support-audit-jdbc:${casServerVersion}"

Here is the stacktrace:

aod_cas.1.kblf4acydbtx@ptzolov-leader    | 2019-05-02 20:54:40,568 WARN [com.zaxxer.hikari.util.DriverDataSource] - <Registered driver with driverClassName=org.hsqldb.jdbcDriver was not found, trying direct instantiation.>
aod_cas.1.kblf4acydbtx@ptzolov-leader    | 2019-05-02 20:54:41,127 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/cas] threw exception [Request processing failed; nested exception is org.springframework.jdbc.BadSqlGrammarException: PreparedStatementCallback; bad SQL grammar [SELECT AUD_DATE FROM COM_AUDIT_TRAIL WHERE AUD_CLIENT_IP = ? AND AUD_USER = ? AND AUD_ACTION = ? AND APPLIC_CD = ? AND AUD_DATE >= ? ORDER BY AUD_DATE DESC]; nested exception is java.sql.SQLSyntaxErrorException: user lacks privilege or object not found: COM_AUDIT_TRAIL in statement [SELECT AUD_DATE FROM COM_AUDIT_TRAIL WHERE AUD_CLIENT_IP = ? AND AUD_USER = ? AND AUD_ACTION = ? AND APPLIC_CD = ? AND AUD_DATE >= ? ORDER BY AUD_DATE DESC]] with root cause>
aod_cas.1.kblf4acydbtx@ptzolov-leader    | org.hsqldb.HsqlException: user lacks privilege or object not found: COM_AUDIT_TRAIL
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.readTableName(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.readTableOrSubquery(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadTableReference(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadFromClause(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadTableExpression(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadQuerySpecification(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadSimpleTable(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadQueryPrimary(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadQueryTerm(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadQueryExpressionBody(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.XreadQueryExpression(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserDQL.compileCursorSpecification(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserCommand.compilePart(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.ParserCommand.compileStatement(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.Session.compileStatement(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.StatementManager.compile(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.Session.execute(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.jdbc.JDBCPreparedStatement.<init>(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.hsqldb.jdbc.JDBCConnection.prepareStatement(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at com.zaxxer.hikari.pool.ProxyConnection.prepareStatement(ProxyConnection.java:311) ~[HikariCP-3.2.0.jar!/:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at com.zaxxer.hikari.pool.HikariProxyConnection.prepareStatement(HikariProxyConnection.java) ~[HikariCP-3.2.0.jar!/:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate$SimplePreparedStatementCreator.createPreparedStatement(JdbcTemplate.java:1557) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:615) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:669) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:700) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:706) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:758) ~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.web.support.JdbcThrottledSubmissionHandlerInterceptorAdapter.exceedsThreshold(JdbcThrottledSubmissionHandlerInterceptorAdapter.java:55) ~[cas-server-support-throttle-jdbc-6.0.3.jar!/:6.0.3]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.web.support.AbstractThrottledSubmissionHandlerInterceptorAdapter.preHandle(AbstractThrottledSubmissionHandlerInterceptorAdapter.java:83) ~[cas-server-support-throttle-core-6.0.3.jar!/:6.0.3]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:246) ~[spring-core-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:494) ~[spring-cloud-context-2.1.0.RELEASE.jar!/:2.1.0.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) ~[spring-aop-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at com.sun.proxy.$Proxy208.preHandle(Unknown Source) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:136) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1033) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at javax.servlet.http.HttpServlet.service(HttpServlet.java:665) ~[javax.servlet-api-4.0.1.jar!/:4.0.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882) ~[spring-webmvc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at javax.servlet.http.HttpServlet.service(HttpServlet.java:750) ~[javax.servlet-api-4.0.1.jar!/:4.0.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28) ~[cas-server-core-web-api-6.0.3.jar!/:6.0.3]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:240) ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94) ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.boot.actuate.web.trace.servlet.HttpTraceFilter.doFilterInternal(HttpTraceFilter.java:90) ~[spring-boot-actuator-2.1.2.RELEASE.jar!/:2.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.1.2.RELEASE.jar!/:5.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.filterAndRecordMetrics(WebMvcMetricsFilter.java:117) ~[spring-boot-actuator-2.1.2.RELEASE.jar!/:2.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:106) ~[spring-boot-actuator-2.1.2.RELEASE.jar!/:2.1.2.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:98) ~[cas-server-core-logging-6.0.3.jar!/:6.0.3]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) ~[inspektr-common-1.8.4.GA.jar!/:1.8.4.GA]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
aod_cas.1.kblf4acydbtx@ptzolov-leader    |  at java.lang.Thread.run(Thread.java:834) [?:?]

The first line : Registered driver with driverClassName=org.hsqldb.jdbcDriver was not found, trying direct instantiation makes me think that my config settings for the driverClass aren’t being registered.

Please let me know if I can add any additional information to help get to the bottom of this.

Thanks!


Get this bounty!!!

#StackBounty: #spring #spring-boot #spring-security #jwt #spring-security-oauth2 OAuth2 + Spring Boot 2 – ResourceServer in ZuulGateway…

Bounty: 50

I am trying OAuth 2 + JWT integration using Spring Boot 2 + Netflix OSS. On requesting access token, I am getting the below error in Zuul Gateway which acts as a Resource Server.

2019-05-04 14:41:29.157 DEBUG 23272 — [nio-8765-exec-2] o.s.s.w.a.ExceptionTranslationFilter : Authentication exception occurred; redirecting to authentication entry point
org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

Can someone help and tell me what am I missing in the code ?

Zuul Gateway + Resource Server

@Configuration
@EnableResourceServer
@Order(value = 0)
@EnableOAuth2Sso
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
            .antMatchers("/oauth/token/**").permitAll()
            //.antMatchers("/login/**,/oauth/**").permitAll()
            .antMatchers("/trips/**").hasAnyRole("CLIENT", "USER", "ANONYMOUS")
            .and().csrf().disable()
            .anonymous().disable();

    }
}

application.yml

logging:
  level:
    org.springframework: DEBUG

server:
  port: 8765

spring:
  application:
    name: gateway


# Map path to auth service
zuul:
  routes:
    trips:
      path: /trips/**
      url: http://localhost:1000/api/trips
    rides:
      path: /rides/**
      url: http://localhost:1000/api/rides
    mauth:
      path: /oauth/**
      url: http://localhost:1000/oauth



#OAuth Configurations
security:
  oauth2:
    client:
      #access-token-uri: https://auth/login
      #user-authorization-uri: /auth/oauth/authorize
      accessTokenUri: http://localhost:1000/oauth/authorize
      userAuthorizationUri: http://localhost:1000/oauth/token
      client-id: sapepool
      client-secret: sapepool
    resource:
      jwt:
        key-uri: http://localhost:1000/oauth/token_key
        #key-value:

Authorization Server

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

        @Autowired
        @Qualifier("authenticationManagerBean")
        private AuthenticationManager authenticationManager;

        @Autowired
        @Qualifier("customUserDetailsService")
        private UserDetailsService userDetailsService;

        /**
         * Token store.
         *
         * @return the token store
         */
        /*@Bean
        public DatastoreTokenStore tokenStore() {
            return new DatastoreTokenStore(datastoreDataSource);
        }*/
        @Bean
        public TokenStore tokenStore() {
            return new JwtTokenStore(jwtAccessTokenConverter());
        }

        @Bean
        public JwtAccessTokenConverter jwtAccessTokenConverter() {
            JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
            converter.setKeyPair(new KeyStoreKeyFactory(new ClassPathResource("jwt.jks"), "password".toCharArray()).getKeyPair("jwt"));
            converter.setSigningKey("123");
            converter.setVerifierKey("123");
            return converter;
        }

        /**
         * 
         */
        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

            endpoints.authenticationManager(authenticationManager).userDetailsService(userDetailsService)
                    .tokenStore(tokenStore())//.tokenServices(tokenServices())
                    .tokenEnhancer(jwtAccessTokenConverter())
                    .accessTokenConverter(jwtAccessTokenConverter())
                    .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
        }

         /**
         * Authorization server security Configuration.
         *
         * @param oauthServer
         *            the oauth server
         * @throws Exception
         *             the exception
         */
        @Override
        public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
            oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            clients.inMemory()
                .withClient("sapepool")
                .secret("{noop}sapepool")
                //.secret("sapepool")
                .authorizedGrantTypes("client_credentials", "password","refresh_token")
                .authorities("ROLE_CLIENT", "ROLE_ANDROID_CLIENT", "ROLE_ANONYMOUS")
                .scopes("read", "write", "trust")
                .accessTokenValiditySeconds(5000)
                .refreshTokenValiditySeconds(50000);
                //.resourceIds("oauth2-resource") - isAutoApprove()
        }
    }

Authorization Server – Web Security Config

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private static Logger log = LoggerFactory.getLogger(WebSecurityConfig.class);


    @Autowired
    private UserDetailsService userDetailsService;


    @Override
    @Bean
    public UserDetailsService userDetailsServiceBean() throws Exception {
        return super.userDetailsServiceBean();
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
            .antMatchers("/oauth/token/**").permitAll()
            .anyRequest().permitAll()
            //.antMatchers("*/oauth/**").permitAll()
            //.antMatchers("/**").permitAll()
            .and().csrf().disable();
            //.anonymous().disable();

        /*
         * http.csrf().disable().exceptionHandling() //.authenticationEntryPoint( //
         * (request, response, authException) ->
         * response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
         * .and().authorizeRequests().antMatchers("/**").authenticated().and().httpBasic
         * ();
         */
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }
}


Get this bounty!!!

#StackBounty: #java #spring #spring-data-jpa #spring-data Querying an entity by values in an ElementCollections using Spring Data JpaRe…

Bounty: 50

Is it possible to query entities in a JpaRepository based on values stored in an attached @ElementCollection using query methods?

Setup

My Spring Boot 2 / Spring 5 application has an entity (Artwork) to which arbitrary metadata can be attached.
The metadata is implemented with a simple key value map using @ElementCollection and @CollectionTable, since the metadata is just plaintext key/value pairs and does not exists outside the scope of it’s entity.

The entity looks like this:

@Entity
@Table(name = "artwork")
public class Artwork implements Serializable {
    @Id
    @GeneratedValue(strategy = IDENTITY)
    private Long id;

    // more propperties 

    @ElementCollection
    @MapKeyColumn(name = "name")
    @Column(name = "value")
    @CollectionTable(name = "artwork_metadata", joinColumns = @JoinColumn(name = "artwork_id"))
    private Map<String, String> metadata = new HashMap<>();

    // more code
}

Problem

I have two use cases, where I need to query the entity based on information stored in the metadata map.

  • One use case is finding all Artworks with licenses (having metadata.name = license, no matter what is in the value column)
  • The other is finding all entities of one specific artist (having an exact key/value pair of metadata.name = artist and metadata.value = someName)

I have tried using the underscore notation for manual property path description; but my datatype is a map, not really an object with fields name / value.

public interface ArtworkRepository extends JpaRepository<Artwork, Long> {
    List<Artwork> findAllByReleaseDateAfter(Instant after);

    // Not working
    List<Artwork> findAllByMetadata_NameAndMetadata_value 

Querying in general seems to be possible. But most of the answers I found on StackOverflow are about searching in Lists, not in maps.

So my question is

How do I query entities in a JpaRepository based on values stored in an attached @ElementCollection using query methods? Or do I need to convert this rlationship at the object level using JPA’s one-to-many mapping.

Update

  • Since we have several tens of thousands of recordsin the artist table I want to filter at the database level and not within the application.
  • Querying by metadata will become common, so introducing helper flags like hasLicense or moving the artist to the primary entity is not an option.

Thanks.


Get this bounty!!!

#StackBounty: #java #spring #spring-boot #svg #batik Unable to make sense of URL for connection reading a svg file

Bounty: 50

I have a Spring Boot v2.1.2.RELEASE application.
I have a file in ../src/main/resources/icons/128/black/ae.png

which I want to read, But I got an error: Unable to make sense of URL for connection

@SpringBootApplication
public class SvgManagerApplication implements CommandLineRunner {

    public static void main(String[] args) {
        SpringApplication.run(SvgManagerApplication.class, args);
    }


    @Override
    public void run(String... args) throws Exception {      

        try {

            String parser = XMLResourceDescriptor.getXMLParserClassName();
            SAXSVGDocumentFactory f = new SAXSVGDocumentFactory(parser);
            Document doc = f.createDocument("classpath:icons/128/black/ae.svg");

            System.out.println(doc);

        } catch (IOException ex) {

            System.out.println(ex.getMessage());

        }
    }
}


Get this bounty!!!

#StackBounty: #spring #spring-properties spring application.yml reference list from another property

Bounty: 50

I have property file application-dev.yml with content:

spring.profiles: dev
config.some.value:
- ELEMENT1
- ELEMENT2

and another application-staging.yml with content:

spring.profiles: staging
config.some.value:
- ELEMENT1
- ELEMENT2
- ELEMENT3

so I basically do not know size of list. When I reference this list in main application.yml like this:

some.value: ${config.some.value}

I get Failed to convert property value of type 'java.lang.String' to required type 'java.util.List' for property 'value'. How to reference it correctly?


Get this bounty!!!