In a multinode Spring LDAP Security application, getting the below exception. Strange thing is in some node, authentication happens properly and in some nodes getting this exception -
In a multinode Spring LDAP Security application, getting the below exception. Strange thing is in some node, authentication happens properly and in some nodes getting this exception -
StackTrace: java.lang.NullPointerException at org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.hashCode(LdapUserDetailsImpl.java:133) at org.springframework.security.authentication.AbstractAuthenticationToken.hashCode(AbstractAuthenticationToken.java:180) at java.lang.Object.toString(Object.java:236) at org.springframework.security.authentication.AbstractAuthenticationToken.toString(AbstractAuthenticationToken.java:201) at java.lang.String.valueOf(String.java:2994) at java.lang.StringBuilder.append(StringBuilder.java:131) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.java:312) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:240) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at com.company.cm.config.WebSecurityConfig$1.doFilterInternal(WebSecurityConfig.java:113) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:124) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:167) at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:80) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1533) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1489) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
Logs -
20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/login_process'; against '/login_process' 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Attempting to bind as uid=,ou=People,dc=company,dc=com 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Removing pooling flag for user uid=,ou=People,dc=company,dc=com 20:04:28.772 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.support.AbstractContextSource - Got Ldap context on server 'ldap://ip/dc=company,dc=com' 20:04:28.772 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Retrieving attributes... 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Getting authorities for user uid=,ou=People,dc=company,dc=com 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Searching for roles for user '', DN = 'uid=,ou=People,dc=company,dc=com', with filter (memberUid={0}) in search base 'ou=Group' 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: (memberUid=uid=,ou=People,dc=company,dc=com) 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.LdapTemplate - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true 20:04:28.865 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.support.AbstractContextSource - Got Ldap context on server 'ldap://ip/dc=company,dc=com' 20:04:28.976 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.LdapUserDetailsMapper - Mapping user details from context with DN: uid=,ou=People,dc=company,dc=com 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy - Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@1d1ae249 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.978 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.983 [http-nio-8080-exec-10] DEBUG org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER - No session found by id: Caching result for getSession(false) for this HttpServletRequest. 20:04:28.983 [http-nio-8080-exec-10] DEBUG org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER - A new session was created. To help you troubleshoot where the session was created we provided a StackTrace (this is not an error). You can prevent this from appearing by disabling DEBUG logging for org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER java.lang.RuntimeException: For debugging purposes only (not an error) at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:368) at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:390) at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.changeSessionId(SessionRepositoryFilter.java:291) at javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:249) at javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:249) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:201) at org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.applySessionFixation(ChangeSessionIdAuthenticationStrategy.java:55) at org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.onAuthentication(AbstractSessionFixationProtectionStrategy.java:87) at org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.onAuthentication(ChangeSessionIdAuthenticationStrategy.java:32) at org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy.onAuthentication(CompositeSessionAuthenticationStrategy.java:89) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at com.company.cm.config.WebSecurityConfig$1.doFilterInternal(WebSecurityConfig.java:113) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:124) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:167) at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:80) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1533) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1489) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) 20:04:28.984 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy - Delegating to org.springframework.security.web.csrf.CsrfAuthenticationStrategy@38ef21bd 20:04:28.984 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession. 20:04:28.984 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed 20:04:28.986 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.988 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.988 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.989 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.990 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.990 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.990 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.991 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/css/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/fonts/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/html/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/js/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/thirdparty/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 1 of 14 in additional filter chain; firing Filter: 'ChannelProcessingFilter' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request '/WEB-INF/error/exceptionPage.jsp' matched by universal pattern '/' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.access.channel.ChannelProcessingFilter - Request: FilterInvocation: URL: /WEB-INF/error/exceptionPage.jsp; ConfigAttributes: [ANY_CHANNEL] 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 2 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 3 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper$HttpSessionWrapper@1285eb30. A new one will be created. 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 4 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 5 of 14 in additional filter chain; firing Filter: 'CsrfFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 6 of 14 in additional filter chain; firing Filter: '' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 7 of 14 in additional filter chain; firing Filter: 'LogoutFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/logout' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 8 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/WEB-INF/error/exceptionPage.jsp'; against '/login_process' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - pathInfo: both null (property equals) 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - queryString: both null (property equals) 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURI: arg1=/cms/index.html; arg2=/cms/WEB-INF/error/exceptionPage.jsp (property not equals) 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - saved request doesn't match 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 35b812b5-4e29-4f31-9c9f-be7601329ec3; Granted Authorities: ROLE_ANONYMOUS' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter' 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Opening RedisConnection 20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.994 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.session.SessionManagementFilter - Requested session ID 59d0030f-e0ba-4991-a512-a5848660afc4 is invalid.
Configuration -
@Bean
public DefaultSpringSecurityContextSource ldapContext() {
DefaultSpringSecurityContextSource context = new DefaultSpringSecurityContextSource(
config.get("ldap.context", "ldap://x.x.x.x/dc=company,dc=com"));
context.afterPropertiesSet();
return context;
}
/**
* LDAP Bind Authenticator
*
* @return
*/
@Bean
public BindAuthenticator bindAuthenticator() {
BindAuthenticator authenticator = new BindAuthenticator(ldapContext());
String[] dnPatterns = { config.get("ldap.dnPattern", "uid={0},ou=People") };
authenticator.setUserDnPatterns(dnPatterns);
return authenticator;
}
/**
* LDAP authorities populator
*
* @return
*/
@Bean
public DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator() {
DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContext(),
config.get("ldap.group.search.base", "ou=Group"));
ldapAuthoritiesPopulator.setGroupRoleAttribute(config.get("ldap.group.role.attribute", "cn"));
ldapAuthoritiesPopulator.setGroupSearchFilter(config.get("ldap.group.search.filter", "(memberUid={0})"));
ldapAuthoritiesPopulator.setIgnorePartialResultException(true);
ldapAuthoritiesPopulator.setRolePrefix(config.get("ldap.user.role.prefix", "ROLE_"));
ldapAuthoritiesPopulator.setSearchSubtree(true);
ldapAuthoritiesPopulator.setConvertToUpperCase(true);
return ldapAuthoritiesPopulator;
}
@Bean
public LdapAuthenticationProvider ldapAuthenticationProvider() {
LdapAuthenticationProvider authProvider = new LdapAuthenticationProvider(bindAuthenticator(),
ldapAuthoritiesPopulator());
authProvider.setUseAuthenticationRequestCredentials(true);
authProvider.setHideUserNotFoundExceptions(false);
authProvider.setUserDetailsContextMapper(ldapContextMapper());
return authProvider;
}
@Bean
public LdapUserDetailsContextMapper ldapContextMapper() {
return new LdapUserDetailsContextMapper();
}
@Configuration @EnableRedisHttpSession(redisNamespace = "cms", maxInactiveIntervalInSeconds = 14400) @ImportResource("classpath:application-context.xml") public class SessionRepositoryConfig extends AbstractHttpSessionApplicationInitializer {
@Autowired
Configuration config;
@Bean
public JedisConnectionFactory connectionFactory() {
List<String> clusterNodes = Arrays.asList(config.get("redis.cluster.session"));
return new JedisConnectionFactory(new RedisClusterConfiguration(clusterNodes));
}
