|
[KubeCF] - RFD 8 Public Roadmap
Hey,
Inspired on some external projects, we are opening a discussion for the creation of KubeCF Roadmap:
https://github.com/cloudfoundry-incubator/kubecf/projects/2 All the details and motivation can be found on RFD 8 README and, I do invite everyone to join the discussion on the open pull request. Note: If you are not familiar with the KubeCF RFD process then I do invite you to check here for more information. Best regards, Jaime Gomes
|
|||||||||||
|
|
|||||||||||
|
Routing Release 0.208.0
Ryan Hall <hallr@...>
Howdy cf-dev!
Routing release 0.208.0 is now available.
Release Highlights:
Regards, CF for VMs Networking Team
|
|||||||||||
|
|
|||||||||||
|
C̶A̶B̶ ̶c̶a̶l̶l̶ Diversity Conversation! Wednesday October 21 @ 16:45
Heads up: The CAB meeting for October is cancelled.
Since the monthly CAB call takes place during CF Summit, and conflicts with the always informative and very essential Diversity Conversation https://sched.co/eacp ... we'll take a break this month. As always, please reach out to me directly or chime in on the #CAB Slack channel if you have anything you would like to present for the next call in November. Cheers, TT
|
|||||||||||
|
|
|||||||||||
|
Virtual Unconference at the CF Summit Europe
Ivana Scott
Hi all, The Unconference is back at CF Summit Europe 2020, on Tuesday 20th October, 6pm CEST. If you would like to attend, please register for the summit so you can access both events. We'll have talks (please submit proposals), and more importantly open space discussions (suggest topics too, please) where you can chat with peers about the hottest issues in the ecosystem. At the Unconference we want to give talks that weren't accepted at the summit a second chance, along with talks that are off-the-wall. The Unconference is also a great friendly crowd for new speakers. Please get involved. Thank you Best Regards, Ivana Scott - Business Operations Manager
|
|||||||||||
|
|
|||||||||||
|
Proposed deprecation of standalone Log Cache CLI
Jesse Weaver
Hello, folks.
We're considering dropping support for the standalone Log Cache CLI. This is separate from the Log Cache CF CLI plugin, which provides cf tail, cf log-meta and cf query. The standalone CLI was originally created to support a standalone Log Cache running
in K8s without CF, which is a use case that we do not see widely used at this time.
We're basing this decision on the very low download counts for the standalone plugin. It has represented less than 1% of downloads over all of the Log Cache CLI releases. (For instance, the long-standing 2.1.0 release had around 15,000 total downloads
of the CLI plugins for the various OSs, compared to less than 100 for all of the standalone command builds combined.)
This would take effect with the upcoming 4.0.0 release, which should be coming out within the month. If you rely on the standalone CLI, please give us that feedback.
Jesse Weaver
Product Manager, Logging and Metrics
|
|||||||||||
|
|
|||||||||||
|
Office Hours Tomorrow: CF K8s Networking
Shannon Coen
Members of the CF K8s Networking team will be on zoom tomorrow (Wednesday, September 30) from 10-10:30am PDT hosting office hours for
the project. We welcome questions related to routing, load balancing, and security of traffic for applications and platform APIs in all data paths; ingress, east-west, and egress. We'll also be happy to share what we're working on and where we're headed.
The zoom link can be found on the CFF community calendar at https://www.cloudfoundry.org/community-calendar/
Feel free to add topics to the agenda in advance: https://docs.google.com/document/d/196mRMMJuTMNIszBUSGA77yzjxNVDaeWz0ypOB5kYIaY/edit?usp=sharing
Best, Manager, Product Management scoen@... 875 Howard Street 5th Floor, San Francisco CA 94103 Mobile: +1.415.640.0272 
|
|||||||||||
|
|
|||||||||||
|
Re: KubeCF 2.5.0 Is Out
Dieu Cao
Congrats KubeCF team!
-Dieu
From: cf-dev@... <cf-dev@...> on behalf of Krannich, Bernd via lists.cloudfoundry.org <bernd.krannich=sap.com@...>
Sent: Thursday, September 24, 2020 6:34 AM To: cf-dev@... <cf-dev@...> Subject: Re: [cf-dev] KubeCF 2.5.0 Is Out Congrats to the KubeCF team!
Cheers, Bernd
From: <cf-dev@...> on behalf of Chip Childers <cchilders@...>
On Thu, Sep 24, 2020 8:07 AM, Simon D Moser smoser@... wrote:
|
|||||||||||
|
|
|||||||||||
|
Stratos 4.1.0
Richard Cox
Hi All,
It gives me great pleasure to announce Stratos 4.1.0
Highlights include...
Full release notes are available from -
https://github.com/cloudfoundry/stratos/blob/master/CHANGELOG.md#410
We welcome your feedback, comments and bug reports. Please feel free to raise them in github (https://github.com/cloudfoundry/stratos) or reach out directly to us in slack (#stratos)
Regards,
Richard Cox
on behalf of the Stratos team
|
|||||||||||
|
|
|||||||||||
|
Re: KubeCF 2.5.0 Is Out
Krannich, Bernd
Congrats to the KubeCF team!
Cheers, Bernd
From: <cf-dev@...> on behalf of Chip Childers <cchilders@...>
On Thu, Sep 24, 2020 8:07 AM, Simon D Moser
smoser@... wrote:
|
|||||||||||
|
|
|||||||||||
|
Re: KubeCF 2.5.0 Is Out
Chip Childers <cchilders@...>
On Thu, Sep 24, 2020 8:07 AM, Simon D Moser smoser@... wrote: Awesome! Great Job team - and we have container 2 container networking now in KubeCF, which is really great! Go CF Community!
|
|||||||||||
|
|
|||||||||||
|
Re: KubeCF 2.5.0 Is Out
Simon D Moser
Awesome! Great Job
team - and we have container 2 container networking now in KubeCF, which
is really great! Go CF Community!
Mit freundlichen Grüßen / Kind regards Simon Moser Senior Technical Staff Member / IBM Master Inventor Bluemix Application Platform Lead Architect Dept. C727, IBM Research & Development Boeblingen ------------------------------------------------------------------------------------------------------------------------------------------- IBM Deutschland Research & Development GmbH Schoenaicher Str. 220 71032 Boeblingen Phone: +49-7031-16-4304 Fax: +49-7031-16-4890 E-Mail: smoser@... ------------------------------------------------------------------------------------------------------------------------------------------- Vorsitzender des Aufsichtsrats: Gregor Pillen Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 ******* ITIL has led people to think in siloes ("go fix change management"). Project Management has led people to think in finite units of work instead of streams of product. Both are fundamental dysfunctions of the framework model, not failures of execution. ⁃ Rob England From: "Jaime Gomes" <jaime.gomes@...> To: cf-dev@... Date: 24/09/2020 10:03 Subject: [EXTERNAL] [cf-dev] KubeCF 2.5.0 Is Out Sent by: cf-dev@... Hey, I am proud to announce another important milestone for KubeCF - the release of v2.5.0.This release reflects the intensive work integrating Eirini and the C2C networking support. So, I am inviting everyone to check first therelease notes, take it for a spin and share the experience through the Slack channel (#kubecf-dev), where the team is promptly replying to any question from the community, and on Github, for bugs and features requests. Thanks to everyone for the work and participation. KubeCF
|
|||||||||||
|
|
|||||||||||
|
KubeCF 2.5.0 Is Out
Hey, I am proud to announce another important milestone for KubeCF - the release of v2.5.0. This release reflects the intensive work integrating Eirini and the C2C networking support. So, I am inviting everyone to check first the release notes, take it for a spin and share the experience through the Slack channel (#kubecf-dev), where the team is promptly replying to any question from the community, and on Github, for bugs and features requests. Thanks to everyone for the work and participation.
|
|||||||||||
|
|
|||||||||||
|
Community awards nomination form - Respond by Monday!
Chip Childers <cchilders@...>
|
|||||||||||
|
|
|||||||||||
|
Re: Cloud Foundry Summit Europe 2020 CFP Co-Chair Voting Form
Chip Childers <cchilders@...>
On Wed, Sep 23, 2020 4:09 PM, Chip Childers cchilders@... wrote:
|
|||||||||||
|
|
|||||||||||
|
Re: Cloud Foundry Summit Europe 2020 CFP Co-Chair Voting Form
Chip Childers <cchilders@...>
On Wed, Sep 2, 2020 2:58 PM, Paige O'Connor poconnor@... wrote:
|
|||||||||||
|
|
|||||||||||
|
Cloud Foundry Summit Europe Virtual Schedule is Now Live!
Chip Childers <cchilders@...>
|
|||||||||||
|
|
|||||||||||
|
Re: UAA api /introspect does not seem to be workign as expected
#uaa
Shetty, Viraj S [CTR]
Jeremy,
Thanks for your help ! I found what the problem was. I ran a local copy of the UAA on my laptop, pointing to the cloud database and ran your testcases; it all worked as expected ! I was able to use the /introspect endpoint with the bearer token. So, I started comparing the differences in the uaa.yml file (default and our yaml) and found that the problem was the setting in my uaa.yml file which excluded authorities in the tokens. claims:
exclude:
- authorities
The default uaa.yml had this commented and I just uncommented it while deploying our UAA When I removed this setting, I am able to use the /introspect with the bearer token. I could also see that the token for the client introspect-test now has the authorities set as below. Looks like the UAA code is looking at "authorities" claim and not the "scope" claim. Is that expected ? "authorities": [
"uaa.resource"
],
"scope": [
"uaa.resource"
],
I am just wondering why that option (exclude authorities) is there in the first place and if removing that option affects anything else. Thanks, Viraj
|
|||||||||||
|
|
|||||||||||
|
Re: TLS for everything
caitlyny@...
Hi Jon,
I provided an update for #2 within the issue on Github. Caitlyn
|
|||||||||||
|
|
|||||||||||
|
Re: TLS for everything
Jon Price
Hi David,
Done – Issue 906.
I too have been involved in several conversations over the past several years about this, back in 2015 we had a meeting with Dieu Cao (Hi Dieu!) and the former chief security officer a Pivotal, Justin Smith about this and I also did a talk at the 2015 CF Summit about using IPsec.
It’s exciting to see how close we are getting to securing every endpoint, only a few more thousand lines of PEM text in the deployment manifest and we are done!
-- Jon Price
From: cf-dev@... <cf-dev@...>
On Behalf Of David McClure
Sent: Tuesday, September 15, 2020 4:36 PM To: cf-dev@... Subject: Re: [cf-dev] TLS for everything
Hi everyone,
Glad to see this conversation happening. I've been involved in several conversations about this over the years but I'm not sure what public artifacts exist about these efforts. Historically, it has been a challenge to organize so-called "cross-cutting efforts" that require the involvement of many different teams and it may be especially challenging now that much of the community has shifted its focus to developing cf-for-k8s.
That said, here's a thought: perhaps we can approach this feature request and other "cross-cutting" features for cf-for-vms with the following strategy going forward:
Jon, would you like to do the honors as the thread starter here?
From:
cf-dev@... <cf-dev@...> on behalf of Miki Mokrysz via lists.cloudfoundry.org <miki.mokrysz=digital.cabinet-office.gov.uk@...>
+1 on desiring everything to be encrypted on the network.
We’re under the impression that Silk (apps.internal) traffic between cells is also unencrypted.
|
|||||||||||
|
|
|||||||||||
|
Re: UAA api /introspect does not seem to be workign as expected
#uaa
Hi Jeremy,
Thanks for that testcase. I followed your testcase on our UAA Server except with one change; since we are setup with MFA, I used the uaac token sso to get Marissas token. The UAA app version is 74.24.0 and the UAAC version is 4.2.0. You can see I got the access denied error that I received with Postman. I attached snippet of the log errors. Also, I upgraded to UAA 74.24.0 by downloading source from https://github.com/cloudfoundry/uaa/archive/v74.24.0.zip and compiling it using gradle. I am wondering if I am doing something incorrect during installation. Next I will try with a brand new intallation and see if that works. ----- Command entered ----- COMMAND> uaac version
UAA client 4.2.0
COMMAND> uaac info
Unknown key: Max-Age = 86400
app
version: 74.24.0
{truncated}
COMMAND> uaac token client get admin
Client secret: ************************
Successfully fetched token via client credentials grant.
Target: https://*****************
Context: admin, from client admin
COMMAND> uaac client add introspect-test --scope uaa.none --authorized_grant_types client_credentials --authorities uaa.resource
New client secret: ***************
Verify new client secret: ***************
scope: uaa.none
client_id: introspect-test
resource_ids: none
authorized_grant_types: client_credentials
autoapprove:
authorities: uaa.resource
name: introspect-test
required_user_groups:
lastmodified: 1600268652000
id: introspect-test
PS C:\Users\vshetty\source\repos\pservices-cyberark-api\bin> uaac user add marissa --given_name marissa --family_name koala
--emails marisa@...
Password: *****
Verify password: *****
user account successfully added
COMMAND> uaac token sso get seswt-uaa-cli
Client secret:
Passcode (from https://********/passcode): ******
Successfully fetched token via owner passcode grant.
Target: https://***************
Context: marissa, from client seswt-uaa-cli
COMMAND> uaac context marissa
{ captured Marissa's token }
COMMAND> uaac token client get introspect-test
Client secret: ***************
{ double checked that the token has the uaa.resource scope }
Successfully fetched token via client credentials grant.
Target: https://**************
Context: introspect-test, from client introspect-test
# MARISSA-TOKEN is actual token
COMMAND> uaac curl --trace /introspect -X POST -d "token=MARISSA-TOKEN"
POST https://*****/introspect
REQUEST BODY: "token=MARISSA-TOKEN"
403 Forbidden
RESPONSE HEADERS:
Date: Wed, 16 Sep 2020 15:18:29 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Cache-Control: no-store
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 86dbda61-e43d-43e9-650f-2150836c4ea0
X-Xss-Protection: 1; mode=block
X-Frame-Options: DENY
RESPONSE BODY:
{
"error": "access_denied",
"error_description": "Access is denied"
} --- Log file contents --- 2020-09-16T11:55:55.44-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.448] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- JdbcTemplate: Executing prepared SQL query
2020-09-16T11:55:55.44-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.448] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- JdbcTemplate: Executing prepared SQL statement [select id,version,created,lastmodified,name,subdomain,description,config,active from identity_zone where subdomain=? and active = ?]
2020-09-16T11:55:55.44-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.449] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- DataSourceUtils: Fetching JDBC Connection from DataSource
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.451] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- StatementCreatorUtils: Setting SQL statement parameter value: column index 1, parameter value [], value class [java.lang.String], SQL type unknown
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.451] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- StatementCreatorUtils: Setting SQL statement parameter value: column index 2, parameter value [true], value class [java.lang.Boolean], SQL type unknown
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.458] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 7 of 20 in additional filter chain; firing Filter: 'DisableIdTokenResponseTypeFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.458] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- DisableIdTokenResponseTypeFilter: Processing id_token disable filter
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.458] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- DisableIdTokenResponseTypeFilter: pre id_token disable:false pathinfo:null request_uri:/introspect response_type:null
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.458] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- DisableIdTokenResponseTypeFilter: post id_token disable:false pathinfo:null request_uri:/introspect response_type:null
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.458] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 8 of 20 in additional filter chain; firing Filter: 'HttpsEnforcementFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- SecurityFilterChainPostProcessor$HttpsEnforcementFilter: Filter chain 'introspectSecurity' processing request POST /introspect
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 9 of 20 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 10 of 20 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 11 of 20 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 12 of 20 in additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter'
2020-09-16T11:55:55.45-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.459] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- SESSION_LOGGER: No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.462] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- JdbcTemplate: Executing prepared SQL query
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.463] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- JdbcTemplate: Executing prepared SQL statement [select client_id, client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove, lastmodified, required_user_groups from oauth_client_details where client_id = ? and identity_zone_id = ?]
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.463] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- DataSourceUtils: Fetching JDBC Connection from DataSource
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.464] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- StatementCreatorUtils: Setting SQL statement parameter value: column index 1, parameter value [introspect-test], value class [java.lang.String], SQL type unknown
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.464] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- StatementCreatorUtils: Setting SQL statement parameter value: column index 2, parameter value [uaa], value class [java.lang.String], SQL type unknown
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- OAuth2AuthenticationProcessingFilter: Authentication success: org.cloudfoundry.identity.uaa.oauth.UaaOauth2Authentication@37a34f31: Principal: introspect-test; Credentials: [PROTECTED]; Authenticated: true; Details: remoteAddress=************, tokenType=BearertokenValue=; Granted Authorities: password.write, scim.userids, scim.me, openid, oauth.approvals, uaa.offline_token, profile, roles, user_attributes, uaa.user
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 13 of 20 in additional filter chain; firing Filter: 'IdentityZoneSwitchingFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 14 of 20 in additional filter chain; firing Filter: 'DisableUserManagementSecurityFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 15 of 20 in additional filter chain; firing Filter: 'DisableInternalUserManagementFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 16 of 20 in additional filter chain; firing Filter: 'ClientBasicAuthenticationFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 17 of 20 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 18 of 20 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.466] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterChainProxy: /introspect at position 19 of 20 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.467] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterSecurityInterceptor: Secure object: FilterInvocation: URL: /introspect; Attributes: [#oauth2.throwOnError(hasAuthority('uaa.resource'))]
2020-09-16T11:55:55.46-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.467] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- FilterSecurityInterceptor: Previously Authenticated: org.cloudfoundry.identity.uaa.oauth.UaaOauth2Authentication@37a34f31: Principal: introspect-test; Credentials: [PROTECTED]; Authenticated: true; Details: remoteAddress=**************, tokenType=BearertokenValue=; Granted Authorities: password.write, scim.userids, scim.me, openid, oauth.approvals, uaa.offline_token, profile, roles, user_attributes, uaa.user
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.499] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@17088b23, returned: -1
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.500] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- ReloadableResourceBundleMessageSource: Loading properties [messages.properties]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.503] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- ReloadableResourceBundleMessageSource: No properties file found for [classpath:messages_en] - neither plain properties nor XML
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.504] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- ReloadableResourceBundleMessageSource: No properties file found for [classpath:messages_en_US] - neither plain properties nor XML
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.505] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- DefaultListableBeanFactory: Returning cached instance of singleton bean 'scimUserBootstrap'
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.505] uaa - 40 [http-nio-8080-exec-5] .... TRACE --- DefaultListableBeanFactory: Returning cached instance of singleton bean 'delegatingApplicationListener'
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT [2020-09-16 15:55:55.505] uaa - 40 [http-nio-8080-exec-5] .... DEBUG --- ExceptionTranslationFilter: Access is denied (user is not anonymous); delegating to AccessDeniedHandler
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT org.springframework.security.access.AccessDeniedException: Access is denied
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84) ~[spring-security-core-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233) ~[spring-security-core-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123) ~[spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90) ~[spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118) [spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158) [spring-security-web-5.3.2.RELEASE.jar:5.3.2.RELEASE]
2020-09-16T11:55:55.50-0400 [APP/PROC/WEB/0] OUT at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChai
|
|||||||||||
|
|
