Hi Ray Thanks for the suggestion.
Have tried checking if there are any duplicate versions of same artifact and couldn't find any duplicates. Tried downgrading the Spring framework version manually and noticed that, until 5.3.15 the same set of dependencies work fine. Bean initialisation issue is only seen from Spring framework 5.3.16 onwards. So, suspect some behavioural change in Spring framework needs to be adapted by CAS. *Note:* Could see similar kind of logs wherein CAS startup is success with older spring versions. 2022-04-08 08:03:36,049 TRACE [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <building REST credential factory from [[*org.apereo.cas.rest.config.CasCoreRestConfiguration$$Lambda$1448/0x0000000100cdb040@5606d537, org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1449/0x0000000100cdb440@783f5f71, org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1449/0x0000000100cdb440@783f5f71* ]]> 2022-04-08 08:03:36,049 TRACE [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <Configuring credential factory: [org.apereo.cas.rest.config.CasCoreRestConfiguration$$Lambda$1448/0x0000000100cdb040@5606d537]> 2022-04-08 08:03:36,051 TRACE [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <Configuring credential factory: [ *org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1449/0x0000000100cdb440@783f5f71* ]> 2022-04-08 08:03:36,058 TRACE [org.apereo.cas.support.x509.rest.config.X509RestConfiguration] - <Is certificate extractor available? = [org.apereo.cas.adaptors.x509.authentication.RequestHeaderX509CertificateExtractor@5265a8dd], headerAuth = [true], bodyAuth = [true], tlsClientAuth = [false]> 2022-04-08 08:03:36,068 TRACE [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <Configuring credential factory: [ *org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1449/0x0000000100cdb440@783f5f71* ]> 2022-04-08 08:03:36,068 TRACE [org.apereo.cas.support.x509.rest.config.X509RestConfiguration] - <Is certificate extractor available? = [org.apereo.cas.adaptors.x509.authentication.RequestHeaderX509CertificateExtractor@5265a8dd], headerAuth = [true], bodyAuth = [true], tlsClientAuth = [false]> *Dependency list from cas.war:* % ls cas/WEB-INF/lib | grep rest cas-server-core-rest-6.4.6.2.jar cas-server-support-rest-6.4.6.2.jar cas-server-support-rest-core-6.4.6.2.jar cas-server-support-rest-tokens-6.4.6.2.jar cas-server-support-rest-x509-6.4.6.2.jar hamcrest-core-1.3.jar % ls cas/WEB-INF/lib | grep x509 cas-server-support-rest-x509-6.4.6.2.jar cas-server-support-x509-6.4.6.2.jar cas-server-support-x509-core-6.4.6.2.jar cas-server-support-x509-webflow-6.4.6.2.jar Thanks Dhanesh On Friday, 8 April 2022 at 22:04:04 UTC+5:30 Ray Bon wrote: > Dhanesh, > > Could be conflicting libraries. > Print the dependencies and search for duplicates with different versions > (or maybe diff dependencies with and without rest-x509). > $ ./gradlew dependencies > dependencies.out > > Ray > > On Fri, 2022-04-08 at 02:57 -0700, Dhanesh Kumar wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Hi > > Seems like when we remove '*cas-server-support-rest-x509-*.jar*', the > startup is fine. > > Also noticed that with the jar added, X509 bean is trying to get > registered twice and failing during the second iteration which is getting > passed when using older version of Spring framework. > > Additional stacktrace: > > 2022-04-07 16:47:58,902 TRACE > [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <building REST > credential factory from > [[org.apereo.cas.rest.config.CasCoreRestConfiguration$$Lambda$1489/0x0000000100d06840@79c849c7, > > *org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1490/0x0000000100d06c40@457b8fc3, > > org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1490/0x0000000100d06c40@457b8fc3* > ]]> > > 2022-04-07 16:47:58,903 TRACE > [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <Configuring > credential factory: > [org.apereo.cas.rest.config.CasCoreRestConfiguration$$Lambda$1489/0x0000000100d06840@79c849c7]> > > 2022-04-07 16:47:58,905 TRACE > [org.apereo.cas.rest.config.CasCoreRestConfiguration] - <Configuring > credential factory: > [org.apereo.cas.support.x509.rest.config.X509RestConfiguration$$Lambda$1490/0x0000000100d06c40@457b8fc3]> > > 2022-04-07 16:47:58,910 TRACE > [org.apereo.cas.support.x509.rest.config.X509RestConfiguration] - <Is > certificate extractor available? = > [org.apereo.cas.adaptors.x509.authentication.RequestHeaderX509CertificateExtractor@8c3b634], > > headerAuth = [true], bodyAuth = [true], tlsClientAuth = [false]> > > 2022-04-07 16:47:58,917 WARN [org.apereo.cas.web.CasWebApplicationContext] > - <Exception encountered during context initialization - cancelling refresh > attempt: org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'serviceTicketResource' defined in class path > resource [org/apereo/cas/config/CasRestConfiguration.class]: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.apereo.cas.support.rest.resources.ServiceTicketResource]: Factory > method 'serviceTicketResource' threw exception; nested exception is > org.springframework.beans.factory.BeanCreationException: Error creating > bean with name 'restHttpRequestCredentialFactory' defined in class path > resource [org/apereo/cas/rest/config/CasCoreRestConfiguration.class]: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.apereo.cas.rest.factory.RestHttpRequestCredentialFactory]: Factory > method 'restHttpRequestCredentialFactory' threw exception; nested exception > is *java.lang.ClassCastException: class com.sun.proxy.$Proxy282 cannot be > cast to class > org.apereo.cas.rest.plan.RestHttpRequestCredentialFactoryConfigurer* > (com.sun.proxy.$Proxy282 and > org.apereo.cas.rest.plan.RestHttpRequestCredentialFactoryConfigurer are in > unnamed module of loader > org.springframework.boot.loader.LaunchedURLClassLoader @3cbbc1e0)> > > On Thursday, 7 April 2022 at 21:47:08 UTC+5:30 Dhanesh Kumar wrote: > > Hi > > Have been using CAS 6.4.6 version with cas-server-core-rest*.jar and have > been successfully using all the required functionalities without any issues. > > Due to recent Spring vulnerability CVE-2022-22965, had updated the version > to 6.4.6.2 which had the Spring version update and started hitting startup > issues during startup related to bean initialisation. > > Can you give some pointers on how to fix the same? > > Stacktrace: > > 2022-04-07 09:59:37,525 WARN [org.apereo.cas.web.CasWebApplicationContext] > - <Exception encountered during context initialization - cancelling refresh > attempt: org.springframework.beans.factory.BeanCreationException: > Error creating bean with name 'serviceTicketResource' defined in class > path resource [org/apereo/cas/config/CasRestConfiguration.class]: > Bean instantiation via factory method failed; > nested exception is org.springframework.beans.BeanInstantiationException: > Failed to instantiate > [org.apereo.cas.support.rest.resources.ServiceTicketResource]: > Factory method 'serviceTicketResource' threw exception; > nested exception is > org.springframework.beans.factory.BeanCreationException: > Error creating bean with name 'restHttpRequestCredentialFactory' defined > in class path resource > [org/apereo/cas/rest/config/CasCoreRestConfiguration.class]: > Bean instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.apereo.cas.rest.factory.RestHttpRequestCredentialFactory]: > Factory method 'restHttpRequestCredentialFactory' threw exception; nested > exception is java.lang.ClassCastException: class com.sun.proxy.$Proxy282 > cannot be cast to class > org.apereo.cas.rest.plan.RestHttpRequestCredentialFactoryConfigurer > (com.sun.proxy.$Proxy282 and > org.apereo.cas.rest.plan.RestHttpRequestCredentialFactoryConfigurer are in > unnamed module of loader > org.springframework.boot.loader.LaunchedURLClassLoader @3cbbc1e0)> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3cf97389-e42c-406f-899d-d6fd8d463af4n%40apereo.org.
