Re: CF CLI authentication issue

Madhura Bhave

Hi Stephan,

Could you send us the entire log for the UAA?


On Tue, Jun 16, 2015 at 9:04 AM, Benjamin Black <bblack(a)> wrote:


Have you verified the clocks are in sync, perhaps using ntp, across all
the systems involved?


On Tue, Jun 16, 2015 at 8:42 AM, Klevenz, Stephan <stephan.klevenz(a)

I am having a strange issue with the cf cli. Sometimes am doing a cf
login and then a cf push immediately as a next step. Then push fails and
reports "Authentication has expired. Please log back in to
re-authenticate." The behavior is completely random. Automized app
deployment triggered by CI jobs do fail very often.

I did an analysis of UAA logs and found the entries below. UAA means
that the password of user has changed because of last modified date of user
doesn't fit to issue date of token. Actually the user credentials are not
changed. At least not by purpose.

The CF version is 198.

Do you have any hints what could cause this issue? Any reply is welcome.


*[2015-06-16 13:00:52.885] uaa - 59331 [http-bio-8080-exec-1] ....
DEBUG --- UaaTokenServices: User was last modified at 2015-06-16
12:58:52.302 refresh token was issued at Tue Jun 16 12:58:03 UTC 2015*
*[2015-06-16 13:00:52.885] uaa - 59331 [http-bio-8080-exec-1] .... DEBUG
--- ExceptionHandlerExceptionResolver: Resolving exception from handler
java.lang.String>)]: error="invalid_token", error_description="Invalid
refresh token (password changed):

cf-dev mailing list

cf-dev mailing list

Join { to automatically receive all group messages.