When we start CAS 7, a number of warnings are logged. Advice on how to resolve them where feasible would be appreciated.
** WARN [com.hazelcast.cp.CPSubsystem] - <[cas.example.edu]:5701 [dev] [5.2.3] CP Subsystem is not enabled. CP data structures will operate in UNSAFE mode! Please note that UNSAFE mode will not provide strong consistency guarantees.> We've seen this in previous versions of CAS as well, but could never determine what the CP Subsystem was nor what if anything to do with this. ** WARN [org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration] - < Using generated security password: ******-****-****-****-************ This generated password is for development use only. Your security configuration must be updated before running your application in production. > Not sure where to find documentation for this or what property is relevant And finally, we have a bunch or these: ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/login**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/logout**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/validate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/serviceValidate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/p3/serviceValidate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/proxyValidate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/p3/proxyValidate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/proxy**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/v1**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/samlValidate**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/webjars/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/themes/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/js/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/css/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/images/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/static/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/error']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/favicon.ico']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> ** WARN [org.springframework.security.config.annotation.web.builders.WebSecurity] - <You are asking Spring Security to ignore Mvc [pattern='/actuator']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.> -- Baron Fujimoto <ba...@hawaii.edu> ::: UH Information Technology Services minutas cantorum, minutas balorum, minutas carboratum descendus pantorum -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL1e6sRjAQfyP9uDdCCacknwGx4ouiUtgwLhm5k_nJvA1A%40mail.gmail.com.
