Hi, I've got an issue when trying to access actuator endpoints after deploying compiled this version (gradle.properties) : cas.version=7.2.0-RC1 springBootVersion=3.4.0-M3
Spring webflow and security logs say : *2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <No flow mapping found for request with URI '/cas/actuator/health'>2024-10-30 15:20:04,791 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /actuator/health>2024-10-30 15:20:04,792 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /actuator/health]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:20:04,793 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>2024-10-30 15:20:04,793 DEBUG [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - <Saved request https://172.16.17.50/cas/actuator/health?continue to session>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Trying to match using Or [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest], And [Not [MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@3fb51d90, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]]>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Match found! Executing org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint@5ae646b0>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]>2024-10-30 15:20:04,794 DEBUG [org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint] - <No match found. Using default entry point org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint@7e017a3a>2024-10-30 15:20:04,795 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /error>2024-10-30 15:20:04,795 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /error]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:20:04,796 DEBUG [org.springframework.security.web.FilterChainProxy] - <Secured GET /error>2024-10-30 15:20:04,798 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>* But, with the same clone (no git checkout), juste changing the version in the gradle.properties file with this value : cas.version=7.2.0-SNAPSHOT and rebuilding, makes it work again : My endpoints can be accessed with AUTHENTICATED and IP_ADDRESS access types. In this case, spring logs say : *2024-10-30 15:15:05,110 DEBUG [org.springframework.security.web.DefaultSecurityFilterChain] - <Will secure any request with filters: DisableEncodeUrlFilter, ChannelProcessingFilter, WebAsyncManagerIntegrationFilter, SecurityContextHolderFilter, CorsFilter, CsrfFilter, UsernamePasswordAuthenticationFilter, BasicAuthenticationFilter, RequestCacheAwareFilter, SecurityContextHolderAwareRequestFilter, AnonymousAuthenticationFilter, ExceptionTranslationFilter, AuthorizationFilter>2024-10-30 15:15:05,176 DEBUG [org.springframework.security.web.FilterChainProxy] - <Securing GET /actuator/health>2024-10-30 15:15:05,185 DEBUG [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Request: filter invocation [GET /actuator/health]; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]>2024-10-30 15:15:05,211 DEBUG [org.springframework.security.web.FilterChainProxy] - <Secured GET /actuator/health>* *2024-10-30 15:15:05,282 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - <Set SecurityContextHolder to anonymous SecurityContext>* I tried to play with springBootVersion to roll it back 3.4.0-M1 instead of M3, but it has no effect at all. These logs concern the health endpoint, but all the other endpoints are concerned. Regards, Regards, -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/62977d63-64ce-4b30-894d-d8c0f3fa915dn%40apereo.org.
