-
|
Hallo an alle, ich habe ein Problem mit meiner UV. Server (Ubuntu 22.04 - alle Updates). Der Keycloack-Server ist als Docker Image installiert und erreichbar. Einloggen zur UV klappt scheinbar. Bei der Weiterleitung zu */web/person/1/overview kommt 404. Fehlermeldung:
Es scheint einen Authorizierungsfehler zu geben. Jemand diese Probleme schon gehabt oder eine Idee, wie es lösen kann? Mit Keycloack und OIDC habe ich wenig Erfahrung. Hier das LOG 2023-04-13 14:44:06.908 DEBUG 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Securing GET /error/404
2023-04-13 14:44:06.909 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking DisableEncodeUrlFilter (1/17)
2023-04-13 14:44:06.909 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking WebAsyncManagerIntegrationFilter (2/17)
2023-04-13 14:44:06.909 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking SecurityContextPersistenceFilter (3/17)
2023-04-13 14:44:06.909 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking HeaderWriterFilter (4/17)
2023-04-13 14:44:06.909 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking CsrfFilter (5/17)
2023-04-13 14:44:06.910 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking LogoutFilter (6/17)
2023-04-13 14:44:06.910 TRACE 12970 --- [http-nio-8080-exec-4] o.s.s.w.a.logout.LogoutFilter : Did not match request to Ant [pattern='/logout', POST]
2023-04-13 14:44:06.910 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking OAuth2AuthorizationRequestRedirectFilter (7/17)
2023-04-13 14:44:06.910 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking OAuth2LoginAuthenticationFilter (8/17)
2023-04-13 14:44:06.910 TRACE 12970 --- [http-nio-8080-exec-4] .s.o.c.w.OAuth2LoginAuthenticationFilter : Did not match request to Ant [pattern='/login/oauth2/code/*']
2023-04-13 14:44:06.911 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking DefaultLoginPageGeneratingFilter (9/17)
2023-04-13 14:44:06.912 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking DefaultLogoutPageGeneratingFilter (10/17)
2023-04-13 14:44:06.912 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking ReloadAuthenticationAuthoritiesFilter (11/17)
2023-04-13 14:44:06.912 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking RequestCacheAwareFilter (12/17)
2023-04-13 14:44:06.912 TRACE 12970 --- [http-nio-8080-exec-4] o.s.s.w.s.HttpSessionRequestCache : No saved request
2023-04-13 14:44:06.912 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking SecurityContextHolderAwareRequestFilter (13/17)
2023-04-13 14:44:06.914 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking AnonymousAuthenticationFilter (14/17)
2023-04-13 14:44:06.914 TRACE 12970 --- [http-nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter : Did not set SecurityContextHolder since already authenticated OAuth2AuthenticationToken [Principal=Name: [91c57e92-3761-4f93-a1da-08c1881de8d7], Granted Authorities: [[ROLE_USER, SCOPE_email, SCOPE_openid, SCOPE_profile]], User Attributes: [{at_hash=GPoFyuX4jf0bmT5JfuTVaA, sub=91c57e92-3761-4f93-a1da-08c1881de8d7, resource_access={account={roles=[manage-account, manage-account-links, view-profile]}}, email_verified=true, iss=http://192.168.99.225:8090/realms/urlaubsverwaltung, groups=["urlaubsverwaltung_user","default-roles-urlaubsverwaltung","offline_access","uma_authorization"], typ=ID, preferred_username=+++, given_name=Thomas, nonce=QD4pX6VhmiwE_BkXqu5kXcctVTJdtPhrZ8E5ot8t4YQ, sid=643865fa-d0e2-4976-b583-a831c501824c, aud=[urlaubsverwaltung], acr=1, azp=urlaubsverwaltung, auth_time=2023-04-13T12:44:05Z, name=+++, exp=2023-04-13T12:49:05Z, session_state=643865fa-d0e2-4976-b583-a831c501824c, family_name=+++, iat=2023-04-13T12:44:05Z, email=+++, jti=2ab2a803-5525-48d7-8d72-cf521291172c}], Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=192.168.224.3, SessionId=f90f24bb-2429-43e6-a236-fd913307fbab], Granted Authorities=[USER, DEPARTMENT_HEAD, SECOND_STAGE_AUTHORITY, BOSS, OFFICE, SICK_NOTE_VIEW, SICK_NOTE_ADD, SICK_NOTE_EDIT, SICK_NOTE_CANCEL, SICK_NOTE_COMMENT, APPLICATION_ADD, APPLICATION_CANCEL, APPLICATION_CANCELLATION_REQUESTED]]
2023-04-13 14:44:06.915 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking SessionManagementFilter (15/17)
2023-04-13 14:44:06.915 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking ExceptionTranslationFilter (16/17)
2023-04-13 14:44:06.915 TRACE 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Invoking FilterSecurityInterceptor (17/17)
2023-04-13 14:44:06.915 DEBUG 12970 --- [http-nio-8080-exec-4] o.s.security.web.FilterChainProxy : Secured GET /error/404
2023-04-13 14:44:06.917 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/favicons/**'] - [permitAll] (1/24)
2023-04-13 14:44:06.917 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/browserconfig.xml'] - [permitAll] (2/24)
2023-04-13 14:44:06.917 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/manifest.json'] - [permitAll] (3/24)
2023-04-13 14:44:06.917 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/css/**'] - [permitAll] (4/24)
2023-04-13 14:44:06.918 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/fonts/**'] - [permitAll] (5/24)
2023-04-13 14:44:06.918 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/images/**'] - [permitAll] (6/24)
2023-04-13 14:44:06.918 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/assets/**'] - [permitAll] (7/24)
2023-04-13 14:44:06.918 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/login*'] - [permitAll] (8/24)
2023-04-13 14:44:06.919 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/company/persons/*/calendar', GET] - [permitAll] (9/24)
2023-04-13 14:44:06.919 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/departments/*/persons/*/calendar', GET] - [permitAll] (10/24)
2023-04-13 14:44:06.919 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/persons/*/calendar', GET] - [permitAll] (11/24)
2023-04-13 14:44:06.919 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/absences/**'] - [hasAuthority('USER')] (12/24)
2023-04-13 14:44:06.919 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/application/**'] - [hasAuthority('USER')] (13/24)
2023-04-13 14:44:06.920 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/department/**'] - [hasAnyAuthority('BOSS','OFFICE')] (14/24)
2023-04-13 14:44:06.920 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/google-api-handshake/**'] - [hasAuthority('OFFICE')] (15/24)
2023-04-13 14:44:06.920 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/overview'] - [hasAuthority('USER')] (16/24)
2023-04-13 14:44:06.920 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/overtime/**'] - [hasAuthority('USER')] (17/24)
2023-04-13 14:44:06.920 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/person/**'] - [hasAuthority('USER')] (18/24)
2023-04-13 14:44:06.921 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/sicknote/**'] - [hasAuthority('USER')] (19/24)
2023-04-13 14:44:06.921 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to Ant [pattern='/web/settings/**'] - [hasAuthority('OFFICE')] (20/24)
2023-04-13 14:44:06.922 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to EndpointRequestMatcher includes=[health], excludes=[], includeLinks=false - [permitAll] (21/24)
2023-04-13 14:44:06.923 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to EndpointRequestMatcher includes=[prometheus], excludes=[], includeLinks=false - [permitAll] (22/24)
2023-04-13 14:44:06.923 TRACE 12970 --- [http-nio-8080-exec-4] edFilterInvocationSecurityMetadataSource : Did not match request to EndpointRequestMatcher includes=[*], excludes=[], includeLinks=true - [hasAuthority('ADMIN')] (23/24)
2023-04-13 14:44:06.931 DEBUG 12970 --- [http-nio-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request
2023-04-13 15:10:53.402 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Trying to match request against DefaultSecurityFilterChain [RequestMatcher=Ant [pattern='/api/**'], Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@64d53f0d, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1b10f60e, org.springframework.security.web.context.SecurityContextPersistenceFilter@456b140f, org.springframework.security.web.header.HeaderWriterFilter@4b240276, org.springframework.security.web.csrf.CsrfFilter@215c6ec0, org.springframework.security.web.authentication.logout.LogoutFilter@7ae0a26, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@4fc71437, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@75c15f76, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@1b9c716f, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@4b916cc2, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@1e6bd367, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5b2c7186, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7f5e9949, org.springframework.security.web.session.SessionManagementFilter@43b45ce4, org.springframework.security.web.access.ExceptionTranslationFilter@19ce19b7, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6bd2f039]] (1/2)
2023-04-13 15:10:53.405 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Trying to match request against DefaultSecurityFilterChain [RequestMatcher=any request, Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@7b8fcdf2, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@54d2f5d3, org.springframework.security.web.context.SecurityContextPersistenceFilter@18209303, org.springframework.security.web.header.HeaderWriterFilter@7474196, org.springframework.security.web.csrf.CsrfFilter@744fb110, org.springframework.security.web.authentication.logout.LogoutFilter@3b046e64, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@5d00b469, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@dd07be8, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@81dfdee, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@c29b0dc, org.synyx.urlaubsverwaltung.security.ReloadAuthenticationAuthoritiesFilter@228958a, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@57df09a7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@6aa9a93b, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7cd3860, org.springframework.security.web.session.SessionManagementFilter@11ee671f, org.springframework.security.web.access.ExceptionTranslationFilter@838e109, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@5c9e6d95]] (2/2)
2023-04-13 15:10:53.405 DEBUG 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Securing GET /login/oauth2/code/oidc?state=tkFSJrN-FOxwZABY2eE3uFd43qqvKKnhPq1e-gzTqTg%3D&session_state=4f1776b7-05a8-4590-8444-a6b97a084e41&code=daea5552-cec7-4a4f-a455-972cbd39763f.4f1776b7-05a8-4590-8444-a6b97a084e41.2989eb9e-cae7-41bc-91f5-da3cf446bcaf
2023-04-13 15:10:53.406 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking DisableEncodeUrlFilter (1/17)
2023-04-13 15:10:53.406 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking WebAsyncManagerIntegrationFilter (2/17)
2023-04-13 15:10:53.406 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking SecurityContextPersistenceFilter (3/17)
2023-04-13 15:10:53.409 TRACE 12970 --- [http-nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
2023-04-13 15:10:53.410 TRACE 12970 --- [http-nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Created SecurityContextImpl [Null authentication]
2023-04-13 15:10:53.410 DEBUG 12970 --- [http-nio-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2023-04-13 15:10:53.411 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking HeaderWriterFilter (4/17)
2023-04-13 15:10:53.411 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking CsrfFilter (5/17)
2023-04-13 15:10:53.412 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.csrf.CsrfFilter : Did not protect against CSRF since request did not match CsrfNotRequired [TRACE, HEAD, GET, OPTIONS]
2023-04-13 15:10:53.412 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking LogoutFilter (6/17)
2023-04-13 15:10:53.414 TRACE 12970 --- [http-nio-8080-exec-5] o.s.s.w.a.logout.LogoutFilter : Did not match request to Ant [pattern='/logout', POST]
2023-04-13 15:10:53.415 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking OAuth2AuthorizationRequestRedirectFilter (7/17)
2023-04-13 15:10:53.416 TRACE 12970 --- [http-nio-8080-exec-5] o.s.security.web.FilterChainProxy : Invoking OAuth2LoginAuthenticationFilter (8/17)
2023-04-13 15:10:53.424 TRACE 12970 --- [http-nio-8080-exec-5] .s.o.c.w.OAuth2LoginAuthenticationFilter : Failed to process authentication request
org.springframework.security.oauth2.core.OAuth2AuthenticationException: [authorization_request_not_found]
at org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter.attemptAuthentication(OAuth2LoginAuthenticationFilter.java:173) ~[spring-security-oauth2-client-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:227) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.doFilterInternal(OAuth2AuthorizationRequestRedirectFilter.java:178) ~[spring-security-oauth2-client-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:221) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186) ~[spring-security-web-5.7.7.jar!/:5.7.7]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:142) ~[spring-session-core-2.7.1.jar!/:2.7.1]
at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82) ~[spring-session-core-2.7.1.jar!/:2.7.1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96) ~[spring-boot-actuator-2.7.10.jar!/:2.7.10]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.26.jar!/:5.3.26]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:389) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:926) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1791) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.73.jar!/:na]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.73.jar!/:na]
at java.base/java.lang.Thread.run(Thread.java:829) ~[na:na]
2023-04-13 15:10:53.431 TRACE 12970 --- [http-nio-8080-exec-5] .s.o.c.w.OAuth2LoginAuthenticationFilter : Cleared SecurityContextHolder
2023-04-13 15:10:53.431 TRACE 12970 --- [http-nio-8080-exec-5] .s.o.c.w.OAuth2LoginAuthenticationFilter : Handling authentication failure
2023-04-13 15:10:53.432 DEBUG 12970 --- [http-nio-8080-exec-5] o.s.s.web.DefaultRedirectStrategy : Redirecting to /login?error
2023-04-13 15:10:53.432 TRACE 12970 --- [http-nio-8080-exec-5] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match request to [Is Secure]
2023-04-13 15:10:53.432 DEBUG 12970 --- [http-nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-04-13 15:10:53.492 DEBUG 12970 --- [http-nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-04-13 15:10:53.492 DEBUG 12970 --- [http-nio-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request
2023-04-13 15:10:53.510 TRACE 12970 --- [http-nio-8080-exec-6] o.s.security.web.FilterChainProxy : Trying to match request against DefaultSecurityFilterChain [RequestMatcher=Ant [pattern='/api/**'], Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@64d53f0d, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1b10f60e, org.springframework.security.web.context.SecurityContextPersistenceFilter@456b140f, org.springframework.security.web.header.HeaderWriterFilter@4b240276, org.springframework.security.web.csrf.CsrfFilter@215c6ec0, org.springframework.security.web.authentication.logout.LogoutFilter@7ae0a26, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@4fc71437, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@75c15f76, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@1b9c716f, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@4b916cc2, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@1e6bd367, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5b2c7186, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7f5e9949, org.springframework.security.web.session.SessionManagementFilter@43b45ce4, org.springframework.security.web.access.ExceptionTranslationFilter@19ce19b7, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6bd2f039]] (1/2)
2023-04-13 15:10:53.510 TRACE 12970 --- [http-nio-8080-exec-6] o.s.security.web.FilterChainProxy : Trying to match request against DefaultSecurityFilterChain [RequestMatcher=any request, Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@7b8fcdf2, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@54d2f5d3, org.springframework.security.web.context.SecurityContextPersistenceFilter@18209303, org.springframework.security.web.header.HeaderWriterFilter@7474196, org.springframework.security.web.csrf.CsrfFilter@744fb110, org.springframework.security.web.authentication.logout.LogoutFilter@3b046e64, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@5d00b469, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@dd07be8, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@81dfdee, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@c29b0dc, org.synyx.urlaubsverwaltung.security.ReloadAuthenticationAuthoritiesFilter@228958a, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@57df09a7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@6aa9a93b, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7cd3860, org.springframework.security.web.session.SessionManagementFilter@11ee671f, org.springframework.security.web.access.ExceptionTranslationFilter@838e109, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@5c9e6d95]] (2/2)' |
Beta Was this translation helpful? Give feedback.
Answered by
derTobsch
Apr 20, 2023
Replies: 1 comment 4 replies
-
|
ich habe den Keycloak Server neu aufgesetzt, die Datenbank erneuert usw. Das Problem bleibt bestehen. |
Beta Was this translation helpful? Give feedback.
4 replies
-
|
Hallo @waldi969, kannst du uns deine Anpassungen an der application.properties schicken, bitte alle spezifischen Werte entfernen, sodass wir ein paar mehr Einblicke bekommen? Wie sieht in der Datenbank die Tabellen "SPRING_SESSION" und "SPRING_SESSION_ATTRIBUTES" aus? Wie hast du deine Cookies im Browser eingestellt? Welchen Browser verwendest du? |
Beta Was this translation helpful? Give feedback.
-
|
Hallo @derTobsch , danke für deine Hilfe. Ich habe eine bearbeitete Kopie der application.properties als txt und angehängt. Browser ist Chrome (aktuell), aber auch Edge oder in Chrome der Inkognitomodus machen keinen Unterschied. Ging vorm Austausch der jar Datei auch problemlos. Ein Downgrade auf die alte Version klappt leider auch nicht mehr. Es kommt der gleiche Fehler. SPRING_SESSION_ATTRIBUTES .pdf Urlaubsverwaltung läuft bei mir als Service unter Ubuntu. Url intern wird über einen Reverse Proxy weitergeleitet auf eine interne Adresse. Geht aber beides nicht (IP und URL). In Keycloak ist bei Valid redirect URIs beides eingetragen. |
Beta Was this translation helpful? Give feedback.
-
|
Hilft die ggf das hier weiter spring-projects/spring-security#5946 (comment) ? Zu den Application properties. Bitte nur die in die application.properties packen, welche du aktiv überschreiben willst, da |
Beta Was this translation helpful? Give feedback.
Answer selected by
waldi969
-
|
Vielen Dank! Der Tipp mit spring.thymeleaf.view-names=thymeleaf/* war der Richtige. Ich habe keine Ahnung, wo der Eintrag herkam, aber er ist die Lösung. Ich habe es nachgestellt. Mit Eintrag kommt der Fehler, ohne läuft alles ohne Fehler! Vielen Dank und weiter so! Tolles Programm! |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hilft die ggf das hier weiter spring-projects/spring-security#5946 (comment) ?
Zu den Application properties. Bitte nur die in die application.properties packen, welche du aktiv überschreiben willst, da
spring.thymeleaf.view-names=thymeleaf/*zum Beispiel nicht korrekt ist. Bitte werfe da alle raus, bis auf die die du bewusst und aktiv überschreiben möchtest.