Remove default properties and default profile.

This signals what is required configuration.
Default profile has to be explicitly enabled

[#134590641] https://www.pivotaltracker.com/story/show/134590641
[#134535615] https://www.pivotaltracker.com/story/show/134535615

server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/LegacyTokenKey.java

@@ -20,7 +20,7 @@ private LegacyTokenKey() {}
 
     public static final String LEGACY_TOKEN_KEY_ID = "legacy-token-key";
 
-    private static String legacySigningKey = "tokenkey";
+    private static String legacySigningKey = null;
     private static KeyInfo keyInfo;
     static {
         setLegacySigningKey(legacySigningKey);

server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/YamlServletProfileInitializer.java

@@ -36,7 +36,9 @@
 import java.util.Map;
 import java.util.Set;
 
+import static org.springframework.util.StringUtils.commaDelimitedListToStringArray;
 import static org.springframework.util.StringUtils.hasText;
+import static org.springframework.util.StringUtils.isEmpty;
 
 /**
  * An {@link ApplicationContextInitializer} for a web application to enable it
@@ -194,11 +196,19 @@ private void applyLog4jConfiguration(ConfigurableEnvironment environment, Servle
 
     }
 
-    private void applySpringProfiles(ConfigurableEnvironment environment, ServletContext servletContext) {
+    protected void applySpringProfiles(ConfigurableEnvironment environment, ServletContext servletContext) {
+        String systemProfiles = System.getProperty("spring.profiles.active");
+        environment.setDefaultProfiles(new String[0]);
         if (environment.containsProperty("spring_profiles")) {
             String profiles = environment.getProperty("spring_profiles");
             servletContext.log("Setting active profiles: " + profiles);
             environment.setActiveProfiles(StringUtils.tokenizeToStringArray(profiles, ",", true, true));
+        } else {
+            if (isEmpty(systemProfiles)) {
+                environment.setActiveProfiles("hsqldb");
+            } else {
+                environment.setActiveProfiles(commaDelimitedListToStringArray(systemProfiles));
+            }
         }
     }
 

server/src/test/java/org/cloudfoundry/identity/uaa/impl/config/YamlServletProfileInitializerTest.java

@@ -1,14 +1,45 @@
 package org.cloudfoundry.identity.uaa.impl.config;
 
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
 import org.junit.Test;
-import java.util.Arrays;
-
+import org.springframework.mock.env.MockEnvironment;
+import org.springframework.mock.web.MockServletContext;
 import org.springframework.util.StringUtils;
 
 import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertArrayEquals;
 import static org.junit.Assert.assertThat;
 
 public class YamlServletProfileInitializerTest {
+
+    private static String systemConfiguredProfiles;
+    private YamlServletProfileInitializer initializer;
+    private MockEnvironment environment;
+    private MockServletContext context;
+
+    @BeforeClass
+    public static void saveProfiles() {
+        systemConfiguredProfiles = System.getProperty("spring.profiles.active");
+    }
+
+    @AfterClass
+    public static void restoreProfiles() {
+        if (systemConfiguredProfiles != null) {
+            System.setProperty("spring.profiles.active", systemConfiguredProfiles);
+        } else {
+            System.clearProperty("spring.profiles.active");
+        }
+    }
+
+    @Before
+    public void setup() {
+        initializer = new YamlServletProfileInitializer();
+        environment = new MockEnvironment();
+        context = new MockServletContext();
+    }
+
     @Test
     public void tokenizeToStringArray_RemovesSpaces() throws Exception {
         String profileString = "    database    ,  ldap ";
@@ -21,6 +52,35 @@ public void tokenizeToStringArray_RemovesSpaces() throws Exception {
         assertThat(profiles.length, is(2));
         assertThat(profiles[0], is("    database    "));
         assertThat(profiles[1], is("  ldap "));
+    }
 
+    @Test
+    public void if_no_profiles_are_set_use_hsqldb() {
+        System.clearProperty("spring.profiles.active");
+        initializer.applySpringProfiles(environment, context);
+        assertArrayEquals(new String[] {"hsqldb"}, environment.getActiveProfiles());
+    }
+
+    @Test
+    public void if_profiles_are_set_use_them() {
+        System.setProperty("spring.profiles.active", "hsqldb,default");
+        initializer.applySpringProfiles(environment, context);
+        assertArrayEquals(new String[] {"hsqldb", "default"}, environment.getActiveProfiles());
+    }
+
+    @Test
+    public void default_profile_unset() {
+        System.setProperty("spring.profiles.active", "hsqldb");
+        initializer.applySpringProfiles(environment, context);
+        assertArrayEquals(new String[] {"hsqldb"}, environment.getActiveProfiles());
+        assertArrayEquals(new String[0], environment.getDefaultProfiles());
+    }
+
+    @Test
+    public void yaml_configured_profiles_are_used() {
+        System.setProperty("spring.profiles.active", "hsqldb,default");
+        environment.setProperty("spring_profiles", "mysql,default");
+        initializer.applySpringProfiles(environment, context);
+        assertArrayEquals(new String[] {"mysql", "default"}, environment.getActiveProfiles());
     }
 }

uaa/src/main/resources/login.yml

@@ -249,9 +249,6 @@ uaa:
   login:
     url: http://localhost:8080/uaa/authenticate
 
-# The secret that this login server will use to authenticate to the uaa
-LOGIN_SECRET: loginsecret
-
 # Google Analytics
 #analytics:
 #  code: secret_code

uaa/src/main/resources/required_configuration.yml

@@ -0,0 +1,46 @@
+login:
+  serviceProviderKey: |
+    -----BEGIN RSA PRIVATE KEY-----
+    MIICXQIBAAKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5
+    L39WqS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vA
+    fpOwznoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQAB
+    AoGAVOj2Yvuigi6wJD99AO2fgF64sYCm/BKkX3dFEw0vxTPIh58kiRP554Xt5ges
+    7ZCqL9QpqrChUikO4kJ+nB8Uq2AvaZHbpCEUmbip06IlgdA440o0r0CPo1mgNxGu
+    lhiWRN43Lruzfh9qKPhleg2dvyFGQxy5Gk6KW/t8IS4x4r0CQQD/dceBA+Ndj3Xp
+    ubHfxqNz4GTOxndc/AXAowPGpge2zpgIc7f50t8OHhG6XhsfJ0wyQEEvodDhZPYX
+    kKBnXNHzAkEAyCA76vAwuxqAd3MObhiebniAU3SnPf2u4fdL1EOm92dyFs1JxyyL
+    gu/DsjPjx6tRtn4YAalxCzmAMXFSb1qHfwJBAM3qx3z0gGKbUEWtPHcP7BNsrnWK
+    vw6By7VC8bk/ffpaP2yYspS66Le9fzbFwoDzMVVUO/dELVZyBnhqSRHoXQcCQQCe
+    A2WL8S5o7Vn19rC0GVgu3ZJlUrwiZEVLQdlrticFPXaFrn3Md82ICww3jmURaKHS
+    N+l4lnMda79eSp3OMmq9AkA0p79BvYsLshUJJnvbk76pCjR28PK4dV1gSDUEqQMB
+    qy45ptdwJLqLJCeNoR0JUcDNIRhOCuOPND7pcMtX6hI/
+    -----END RSA PRIVATE KEY-----
+  serviceProviderKeyPassword: password
+  serviceProviderCertificate: |
+    -----BEGIN CERTIFICATE-----
+    MIIDSTCCArKgAwIBAgIBADANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJhdzEO
+    MAwGA1UECBMFYXJ1YmExDjAMBgNVBAoTBWFydWJhMQ4wDAYDVQQHEwVhcnViYTEO
+    MAwGA1UECxMFYXJ1YmExDjAMBgNVBAMTBWFydWJhMR0wGwYJKoZIhvcNAQkBFg5h
+    cnViYUBhcnViYS5hcjAeFw0xNTExMjAyMjI2MjdaFw0xNjExMTkyMjI2MjdaMHwx
+    CzAJBgNVBAYTAmF3MQ4wDAYDVQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAM
+    BgNVBAcTBWFydWJhMQ4wDAYDVQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAb
+    BgkqhkiG9w0BCQEWDmFydWJhQGFydWJhLmFyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+    ADCBiQKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5L39W
+    qS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vAfpOw
+    znoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQABo4Ha
+    MIHXMB0GA1UdDgQWBBTx0lDzjH/iOBnOSQaSEWQLx1syGDCBpwYDVR0jBIGfMIGc
+    gBTx0lDzjH/iOBnOSQaSEWQLx1syGKGBgKR+MHwxCzAJBgNVBAYTAmF3MQ4wDAYD
+    VQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAMBgNVBAcTBWFydWJhMQ4wDAYD
+    VQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAbBgkqhkiG9w0BCQEWDmFydWJh
+    QGFydWJhLmFyggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYvBJ
+    0HOZbbHClXmGUjGs+GS+xC1FO/am2suCSYqNB9dyMXfOWiJ1+TLJk+o/YZt8vuxC
+    KdcZYgl4l/L6PxJ982SRhc83ZW2dkAZI4M0/Ud3oePe84k8jm3A7EvH5wi5hvCkK
+    RpuRBwn3Ei+jCRouxTbzKPsuCVB+1sNyxMTXzf0=
+    -----END CERTIFICATE-----
+
+#The secret that an external login server will use to authenticate to the uaa using the id `login`
+LOGIN_SECRET: loginsecret
+
+jwt:
+  token:
+    signing-key: tokenKey

uaa/src/main/webapp/WEB-INF/spring-servlet.xml

@@ -440,9 +440,9 @@
         <property name="logoutDisableRedirectParameter" value="${logout.redirect.parameter.disable:true}"/>
         <property name="prompts" ref="prompts"/>
         <property name="branding" value="#{@config['login']['branding']}" />
-        <property name="samlSpPrivateKey" value="#{'${login.serviceProviderKey:' + @defaultSamlKey + '}'}" />
-        <property name="samlSpPrivateKeyPassphrase" value="${login.serviceProviderKeyPassword:password}" />
-        <property name="samlSpCertificate" value="#{'${login.serviceProviderCertificate:' + @defaultSamlCert + '}'}" />
+        <property name="samlSpPrivateKey" value="${login.serviceProviderKey}" />
+        <property name="samlSpPrivateKeyPassphrase" value="${login.serviceProviderKeyPassword}" />
+        <property name="samlSpCertificate" value="${login.serviceProviderCertificate}" />
     </bean>
 
     <bean id="ldapLoginAuthenticationMgr" class="org.cloudfoundry.identity.uaa.authentication.manager.LdapLoginAuthenticationManager">

uaa/src/main/webapp/WEB-INF/spring/saml-providers.xml

@@ -44,61 +44,6 @@
         <!-- Logger for SAML messages and events -->
         <bean id="samlLogger" class="org.springframework.security.saml.log.SAMLDefaultLogger" />
 
-        <!--<bean id="samlLoginServerKeyManagerFactory" class="org.cloudfoundry.identity.uaa.provider.saml.SamlKeyManagerFactory -->
-        <!--<constructor-arg type="java.lang.String" value="#{'${login.serviceProviderKey:' + @defaultSamlKey + '}'}" />-->
-            <!--<constructor-arg type="java.lang.String" value="${login.serviceProviderKeyPassword:password}" />-->
-            <!--<constructor-arg type="java.lang.String" value="#{'${login.serviceProviderCertificate:' + @defaultSamlCert + '}'}" />-->
-        <!--</bean>-->
-
-        <bean id="defaultSamlCert" class="java.lang.String">
-            <constructor-arg>
-                <value>
-<![CDATA[-----BEGIN CERTIFICATE-----
-MIIDSTCCArKgAwIBAgIBADANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJhdzEO
-MAwGA1UECBMFYXJ1YmExDjAMBgNVBAoTBWFydWJhMQ4wDAYDVQQHEwVhcnViYTEO
-MAwGA1UECxMFYXJ1YmExDjAMBgNVBAMTBWFydWJhMR0wGwYJKoZIhvcNAQkBFg5h
-cnViYUBhcnViYS5hcjAeFw0xNTExMjAyMjI2MjdaFw0xNjExMTkyMjI2MjdaMHwx
-CzAJBgNVBAYTAmF3MQ4wDAYDVQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAM
-BgNVBAcTBWFydWJhMQ4wDAYDVQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAb
-BgkqhkiG9w0BCQEWDmFydWJhQGFydWJhLmFyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5L39W
-qS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vAfpOw
-znoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQABo4Ha
-MIHXMB0GA1UdDgQWBBTx0lDzjH/iOBnOSQaSEWQLx1syGDCBpwYDVR0jBIGfMIGc
-gBTx0lDzjH/iOBnOSQaSEWQLx1syGKGBgKR+MHwxCzAJBgNVBAYTAmF3MQ4wDAYD
-VQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAMBgNVBAcTBWFydWJhMQ4wDAYD
-VQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAbBgkqhkiG9w0BCQEWDmFydWJh
-QGFydWJhLmFyggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYvBJ
-0HOZbbHClXmGUjGs+GS+xC1FO/am2suCSYqNB9dyMXfOWiJ1+TLJk+o/YZt8vuxC
-KdcZYgl4l/L6PxJ982SRhc83ZW2dkAZI4M0/Ud3oePe84k8jm3A7EvH5wi5hvCkK
-RpuRBwn3Ei+jCRouxTbzKPsuCVB+1sNyxMTXzf0=
------END CERTIFICATE-----]]>
-                </value>
-            </constructor-arg>
-        </bean>
-
-        <bean id="defaultSamlKey" class="java.lang.String">
-            <constructor-arg>
-                <value>
-<![CDATA[-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5
-L39WqS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vA
-fpOwznoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQAB
-AoGAVOj2Yvuigi6wJD99AO2fgF64sYCm/BKkX3dFEw0vxTPIh58kiRP554Xt5ges
-7ZCqL9QpqrChUikO4kJ+nB8Uq2AvaZHbpCEUmbip06IlgdA440o0r0CPo1mgNxGu
-lhiWRN43Lruzfh9qKPhleg2dvyFGQxy5Gk6KW/t8IS4x4r0CQQD/dceBA+Ndj3Xp
-ubHfxqNz4GTOxndc/AXAowPGpge2zpgIc7f50t8OHhG6XhsfJ0wyQEEvodDhZPYX
-kKBnXNHzAkEAyCA76vAwuxqAd3MObhiebniAU3SnPf2u4fdL1EOm92dyFs1JxyyL
-gu/DsjPjx6tRtn4YAalxCzmAMXFSb1qHfwJBAM3qx3z0gGKbUEWtPHcP7BNsrnWK
-vw6By7VC8bk/ffpaP2yYspS66Le9fzbFwoDzMVVUO/dELVZyBnhqSRHoXQcCQQCe
-A2WL8S5o7Vn19rC0GVgu3ZJlUrwiZEVLQdlrticFPXaFrn3Md82ICww3jmURaKHS
-N+l4lnMda79eSp3OMmq9AkA0p79BvYsLshUJJnvbk76pCjR28PK4dV1gSDUEqQMB
-qy45ptdwJLqLJCeNoR0JUcDNIRhOCuOPND7pcMtX6hI/
------END RSA PRIVATE KEY-----]]>
-                </value>
-            </constructor-arg>
-        </bean>
-
         <!-- Entry point to initialize authentication, default values taken from
             properties file -->
         <bean id="samlEntryPoint" class="org.cloudfoundry.identity.uaa.provider.saml.LoginSamlEntryPoint">

uaa/src/test/java/org/cloudfoundry/identity/uaa/BootstrapTests.java

@@ -173,7 +173,7 @@ public String getVirtualServerName() {
         };
         context.setServletContext(servletContext);
         MockServletConfig servletConfig = new MockServletConfig(servletContext);
-        servletConfig.addInitParameter("environmentConfigLocations", "file:${UAA_CONFIG_PATH}/uaa.yml,login.yml");
+        servletConfig.addInitParameter("environmentConfigLocations", "required_configuration.yml,file:${UAA_CONFIG_PATH}/uaa.yml,login.yml");
         context.setServletConfig(servletConfig);
 
         YamlServletProfileInitializer initializer = new YamlServletProfileInitializer();

uaa/src/test/java/org/cloudfoundry/identity/uaa/login/BootstrapTests.java

@@ -100,7 +100,9 @@
 import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.hasItemInArray;
 import static org.hamcrest.Matchers.notNullValue;
+import static org.hamcrest.core.IsNot.not;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
@@ -118,30 +120,32 @@ public class BootstrapTests {
 
     private ConfigurableApplicationContext context;
 
-    private static String activeProfiles;
+    private static String systemConfiguredProfiles;
+    private String profiles;
 
     @BeforeClass
     public static void saveProfiles() {
-        activeProfiles = System.getProperty("spring.profiles.active");
+        systemConfiguredProfiles = System.getProperty("spring.profiles.active");
     }
 
     @AfterClass
     public static void restoreProfiles() {
-        if (activeProfiles != null) {
-            System.setProperty("spring.profiles.active", activeProfiles);
+        if (systemConfiguredProfiles != null) {
+            System.setProperty("spring.profiles.active", systemConfiguredProfiles);
         } else {
             System.clearProperty("spring.profiles.active");
         }
     }
 
     @Before
-    public void setup() throws Exception {
+    public synchronized void setup() throws Exception {
         System.clearProperty("spring.profiles.active");
         IdentityZoneHolder.clear();
+        profiles = systemConfiguredProfiles==null ? "default,hsqldb" : (systemConfiguredProfiles != null && systemConfiguredProfiles.contains("default")) ? systemConfiguredProfiles : systemConfiguredProfiles+",default";
     }
 
     @After
-    public void cleanup() throws Exception {
+    public synchronized void cleanup() throws Exception {
         System.clearProperty("spring.profiles.active");
         System.clearProperty("uaa.url");
         System.clearProperty("login.url");
@@ -161,14 +165,25 @@ public void cleanup() throws Exception {
         IdentityZoneHolder.clear();
     }
 
+    @Test
+    public void testNoDefaultProfileIsLoaded() throws Exception {
+        System.clearProperty("spring.profiles.active");
+        context = getServletContext(null, false, new String[] {"login.yml", "test/bootstrap/uaa.yml", "required_configuration.yml"}, "file:./src/main/webapp/WEB-INF/spring-servlet.xml");
+        String[] profiles = context.getEnvironment().getActiveProfiles();
+        assertThat("'default' profile should not be loaded", profiles, not(hasItemInArray("default")));
+        profiles = context.getEnvironment().getDefaultProfiles();
+        assertThat("'default' profile should not be default", profiles, not(hasItemInArray("default")));
+    }
+
     @Test
     public void testRootContextDefaults() throws Exception {
         String originalSmtpHost = System.getProperty("smtp.host");
         System.setProperty("smtp.host","");
-        context = getServletContext(activeProfiles, "login.yml", "uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml");
+
+        context = getServletContext(profiles +",default", false, new String[] {"login.yml", "uaa.yml", "required_configuration.yml"}, "file:./src/main/webapp/WEB-INF/spring-servlet.xml");
 
         JdbcUaaUserDatabase userDatabase = context.getBean(JdbcUaaUserDatabase.class);
-        if (activeProfiles != null && activeProfiles.contains("mysql")) {
+        if (profiles != null && profiles.contains("mysql")) {
             assertTrue(userDatabase.isCaseInsensitive());
             assertEquals("marissa", userDatabase.retrieveUserByName("marissa", OriginKeys.UAA).getUsername());
             assertEquals("marissa", userDatabase.retrieveUserByName("MArissA", OriginKeys.UAA).getUsername());
@@ -315,7 +330,7 @@ public void testPropertyValuesWhenSetInYaml() throws Exception {
         String uaa = "uaa.some.test.domain.com";
         String login = uaa.replace("uaa", "login");
         String profiles = System.getProperty("spring.profiles.active");
-        context = getServletContext(profiles, "login.yml", "test/bootstrap/bootstrap-test.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml");
+        context = getServletContext(profiles, false, new String[] {"login.yml", "uaa.yml", "required_configuration.yml", "test/bootstrap/bootstrap-test.yml"}, "file:./src/main/webapp/WEB-INF/spring-servlet.xml");
 
         JdbcUaaUserDatabase userDatabase = context.getBean(JdbcUaaUserDatabase.class);
         assertTrue(userDatabase.isCaseInsensitive());
@@ -784,9 +799,17 @@ public void testMessageService() throws Exception {
     }
 
     private ConfigurableApplicationContext getServletContext(String profiles, String loginYmlPath, String uaaYamlPath, String... resources) {
-        return getServletContext(profiles, false, loginYmlPath, uaaYamlPath, resources);
+        return getServletContext(profiles, false, new String[] {"required_configuration.yml", loginYmlPath, uaaYamlPath}, resources);
     }
     private ConfigurableApplicationContext getServletContext(String profiles, boolean mergeProfiles, String loginYmlPath, String uaaYamlPath, String... resources) {
+        return getServletContext(
+            profiles,
+            mergeProfiles,
+            new String[] {"required_configuration.yml", loginYmlPath, uaaYamlPath},
+            resources
+        );
+    }
+    private ConfigurableApplicationContext getServletContext(String profiles, boolean mergeProfiles, String[] yamlFiles, String... resources) {
         String[] resourcesToLoad = resources;
         if (!resources[0].endsWith(".xml")) {
             resourcesToLoad = new String[resources.length - 1];
@@ -842,7 +865,7 @@ public String getVirtualServerName() {
         };
         context.setServletContext(servletContext);
         MockServletConfig servletConfig = new MockServletConfig(servletContext);
-        servletConfig.addInitParameter("environmentConfigLocations", loginYmlPath+","+uaaYamlPath);
+        servletConfig.addInitParameter("environmentConfigLocations", StringUtils.arrayToCommaDelimitedString(yamlFiles));
         context.setServletConfig(servletConfig);
 
         YamlServletProfileInitializer initializer = new YamlServletProfileInitializer();