Hi, I've got an issue when trying to access actuator endpoints after deploying compiled this version (gradle.properties) : cas.version=7.2.0-RC1 springBootVersion=3.4.0-M3
Spring webflow and security logs say : *2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /actuator/health>2024-10-30 15:20:04,792 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /actuator/health]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:20:04,793 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>2024-10-30 15:20:04,793 DEBUG [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - <Saved request https://172.16.17.50/cas/actuator/health?continue to session>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Trying to match using Or [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest], And [Not [MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]]>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Match found! Executing org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint@5ae646b0>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <No match found. Using default entry point org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint@7e017a3a>2024-10-30 15:20:04,795 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /error>2024-10-30 15:20:04,795 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /error]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:20:04,796 DEBUG [org.springframework.security.web.FilterChainProxy] - <Secured GET /error>2024-10-30 15:20:04,798 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>* But, with the same clone (no git checkout), juste changing the version in the gradle.properties file with this value : cas.version=7.2.0-SNAPSHOT and rebuilding, makes it work again : My endpoints can be accessed with AUTHENTICATED and IP_ADDRESS access types. In this case, spring logs say : *2024-10-30 15:15:05,110 DEBUG [org.springframework.security.web.DefaultSecurityFilterChain] - <Will secure any request with filters: DisableEncodeUrlFilter, ChannelProcessingFilter, WebAsyncManagerIntegrationFilter, SecurityContextHolderFilter, CorsFilter, CsrfFilter, UsernamePasswordAuthenticationFilter, BasicAuthenticationFilter, RequestCacheAwareFilter, SecurityContextHolderAwareRequestFilter, AnonymousAuthenticationFilter, ExceptionTranslationFilter, AuthorizationFilter>2024-10-30 15:15:05,176 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /actuator/health>2024-10-30 15:15:05,185 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /actuator/health]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:15:05,211 DEBUG [org.springframework.security.web.FilterChainProxy] - <Secured GET /actuator/health>* *2024-10-30 15:15:05,282 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>* I tried to play with springBootVersion to roll it back 3.4.0-M1 instead of M3, but it has no effect at all. These logs concern the health endpoint, but all the other endpoints are concerned. Regards, Regards, -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/62977d63-64ce-4b30-894d-d8c0f3fa915dn%40apereo.org.
