basic auth fails with missing spring auth methods -> backend build drags two conflicting versions of spring-security #10611
Comments
|
just as a sidenote: according to https://stackoverflow.com/questions/74177440/java-lang-nosuchmethoderror-authentication-usernamepasswordauthenticationtoke it's due to multiple versions of spring jars, so somewhere in the doc it should be mentioned that the various target subdirs in |
|
running the full build.sh script effectively removes some spring 5.3.18 jars from 2023 in the various target subdirs, now i only have jars for spring versions 5.6.12 & 5.7.12... but i still get the same traceback when trying to login. will trash all target subdirs and retry. |
|
same thing from a clean build without any leftovers from previous builds... |
|
i have something that works again with this dummy diff: maybe a recent commit to java dependencies bumped something and now drags spring-security 5.7.12, and we end up with both versions installed which now conflict ? with that diff, i have only one version of spring-security installed, and logging as admin/admin works again. |
landryb
changed the title
|
Same behavior here. |
landryb
added a commit
to landryb/MapStore2
that referenced
this issue
Oct 11, 2024
somehow something in the build already drags this version, and we end up with two conflicting versions of spring-security in the war which results in at least failure to authenticate with basic auth.
6 tasks
|
as found out by @pierrejego, apparently the other 5.7.12 spring-security version might be dragged by geostore 2.2, per https://github.com/geosolutions-it/geostore/blob/2.2.x/src/pom.xml#L49 ? |
tdipisa
added
the
BackportNeeded
tdipisa
pushed a commit
that referenced
this issue
Oct 11, 2024
6 tasks
tdipisa
removed
the
BackportNeeded
12 tasks
12 tasks
offtherailz
pushed a commit
that referenced
this issue
Oct 11, 2024
jnewmoyer
pushed a commit
to ngsllc/MapStore2
that referenced
this issue
Oct 17, 2024
* Update Changelog for version 2024.02.00 (geosolutions-it#10602) Co-authored-by: github-actions <github-actions@github.com> * Bump commons-io:commons-io from 2.7 to 2.14.0 (geosolutions-it#10593) * Removed react-confirm-button unused dependency (geosolutions-it#10495) * Update release_steps.md (geosolutions-it#10568) * Remove istambul loader (geosolutions-it#10491) * Attempt to remove instambul loader * removed also package dependency * Apply suggestions from code review clean * Remove jsonpath (geosolutions-it#10494) jsonpath is not needed. It is a dependency of geosolutions-it/patcher actually. Having this dependency here is only confusing for dependency analyisis * Fix geosolutions-it#10595 add missing 'FORMAT' parameter to WMTS GetFeatureInfo requests (geosolutions-it#10596) * add missing 'FORMAT' parameter to WMTS GetFeatureInfo requests this is required by the WMTS spec to be the same format as would be used for a GetTile request, and this allows GFI requests to succeed on https://data.geopf.fr/wmts. * fix mapinfo wmts utils test * Fix geosolutions-it#10505 Allow to specify use of proxy or cors at layer level (geosolutions-it#10526) * fix: remove ui element for force proxy and Allow not secure layers * fix: ajax logic changed, autoDetectCORS is set to true by default * new central CORS util file created and used in ajax * checking CORS before adding in common layer file * null check on getProxyUrl * updated individual layer considring to use proxy if needed * avoid proxy cache to update if response is not okey * enable user to add http url, show warning instead of error, warning text updated * test cases updated * fix: resolve conflicts with url check * fixed the failed test * review cesium layers * include add method in model layer * improve http check for openlayers wms layer * fix tests --------- Co-authored-by: allyoucanmap <stefano.bovio@geosolutionsgroup.com> * Update openId.md (geosolutions-it#10610) * Bump spring-security version to 5.7.12 (fixes geosolutions-it#10611) (geosolutions-it#10612) somehow something in the build already drags this version, and we end up with two conflicting versions of spring-security in the war which results in at least failure to authenticate with basic auth. * Visibility limits - The resolution option is not retained as Limits type geosolutions-it#10391 (geosolutions-it#10598) * Add lib check release step (geosolutions-it#10614) * geosolutions-it#4675 Remove unused code (geosolutions-it#10442) * geosolutions-it#4675 Remove unused code * remove additional code from review * fix tests folder * remove additional unused files * geosolutions-it#10545: Option to disable identify popup in case of no results (geosolutions-it#10557) * geosolutions-it#10545: Option to disable identify popup in case of no results Description: - handle adding an option called 'hidePopupIfNoResults' to hide the identify popup - add unit tests - add jsdoc * geosolutions-it#10545: Option to disable identify popup in case of no results Description: - revert changes in popupSupport files for ol and leaflet + related tests files - handle hide popup for map viewer with css for openlayers and leaflet approach - add unit tests - edit map-popup.less file to handle hide the popup * geosolutions-it#10545: revert unnecessary changes * Fix geosolutions-it#10615 removed eval from marker utils (geosolutions-it#10616) * geosolutions-it#10545: remove marker in case no results + hover identify mode active and hideEmptyPopupOption with true (geosolutions-it#10619) --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lorenzo Natali <lorenzo.natali@geosolutionsgroup.com> Co-authored-by: Landry Breuil <landryb@users.noreply.github.com> Co-authored-by: RowHeat <40065760+rowheat02@users.noreply.github.com> Co-authored-by: allyoucanmap <stefano.bovio@geosolutionsgroup.com> Co-authored-by: mahmoud adel <58145645+mahmoudadel54@users.noreply.github.com> Co-authored-by: Matteo V. <matteo.velludini@geosolutionsgroup.com>
offtherailz
pushed a commit
that referenced
this issue
Oct 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
running
npm start frommaster (eg 175c2b9), the web ui on port 8081 works fine, but trying to auth as admin/admin locally, i get a 500 code on/rest/geostore/session/loginfrom the backend running on port 8080How to reproduce
Expected Result
i should be logged in as admin to test/debug admin-only features
Current Result
full trace of the 500 error below
I've tested with the backend running with java 11 and java 17, same error. Tried from two different firefox on different hosts, same thing.
Other useful information
The text was updated successfully, but these errors were encountered: