Recently we moved our application written using spring security and the OAuth2 extensions (2.0.4) form jdk 7 to jdk 8.
The over application is built on spring boot 1.2, spring cloud, and spring framework 4.1.4
We started getting OAuth2 failures. The actual error we were getting was:
Failed to process request Error requesting access token.
org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Error requesting access token.
at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:144) ~[spring-security-oauth2-2.0.4.RELEASE.jar:n
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://ccccc/oauth20/token":Remote host closed connection during handshake; nested exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
When we added this on the command line -Dhttps.protocols=TLSv1, it start working.
I note this blog post form Oracle: https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https
I would rather not have to run our apps with this command line switch. Any workaround for it? Such as an application setting?
Related
I have an instance of Azure Hybrid Connections running on a server where SQL Server is installed.
I hosted an WebApp on azure, set up the hybrid connection and I'm consistently getting the same SSPI Handshake error
SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The operating system error code indicates the cause of failure. The logon attempt failed [CLIENT: 1x.xx.xx.xxx]
As described here I added the clients ip in the local security policy.
I also tried adding the DisableLoopbackCheck=1 in HKLM\System\CurrentControlSet\Control\LSA, but it didn't help either.
Do I have to fix it on a database level perhaps?
As per https://github.com/Huachao/azure-content/blob/master/articles/app-service-web/web-sites-hybrid-connection-connect-on-premises-sql-server.md
[AZURE.NOTE] To ensure that your application uses the database that you created in SQL Server Express, and not the one in Visual Studio's default LocalDB, it is important that you complete this step before running your project.
Edit the connectionStrings section to point to the SQL Server database on your local machine, following the syntax in the following example:
I added user credentials to my connection string in appsettings.json and it now works.
As in rails 5, action cable can be used as a layer above the application to provide persistent connection (WebSocket). So I created an application and tested locally then deployed it to Google AppEngine flexible environment Ruby runtime. the application runs fine except the WebSocket part.
I checked the console in the browser and found that it keeps giving this error:
WebSocket connection to 'ws://mydomain.com/cable' failed: Error during WebSocket handshake: Unexpected response code: 400
I'm trying to get most basic example for Spring Cloud Dataflow running on CloudFoundry.
I've followed the steps here: http://docs.spring.io/spring-cloud-dataflow-admin-cloudfoundry/docs/current-SNAPSHOT/reference/htmlsingle/#getting-started to make the admin app available in my org/space.
Then I tried to create the most basic example from http://cloud.spring.io/spring-cloud-dataflow/, namely to create the "ticktock" stream:
dataflow:>stream create ticktock --definition "time | log" --deploy
I can see that both apps ticktock-time and ticktock-log are created in the space, the needed service "redis" is bound to these apps and they try to start. Unfortunately they don't start completely, because they have problem to access "redis" service. In the log we find:
Exception encountered during context initialization - cancelling
refresh attempt:
org.springframework.context.ApplicationContextException: Failed to
start bean 'outputBindingLifecycle'; nested exception is
org.springframework.context.ApplicationContextException: Failed to
start bean 'inputBindingLifecycle'; nested exception is
org.springframework.data.redis.RedisConnectionFailureException: Cannot
get Jedis connection; nested exception is
redis.clients.jedis.exceptions.JedisConnectionException: Could not get
a resource from the pool
which eventually is caused by
Caused by: redis.clients.jedis.exceptions.JedisConnectionException:
java.net.ConnectException: Connection refused
Am I missing some configuration step in between?
Alexander
There seems to be an issue with our deployer using the master branch of the Java buildpack. Try these settings for the Dataflow Server:
cf set-env s-c-dataflow-server CLOUDFOUNDRY_BUILDPACK https://github.com/cloudfoundry/java-buildpack.git#v3.6
cf restage s-c-dataflow-server
Also, be aware that we currently launch apps using "streamname-module" as part of the URL so unless you use unique stream names you might collide with other users and get a "400 Bad Request" error.
The use of anonymous queues seems to be broken in Java 8. Running with Java 7 works fine. The problem appears to be with the call in AmqpAdmin.declareQueue(). This call results in a connection exception. I have a project which demonstrates it here.
Environment:
MacOS Yosemite
Java 1.8.0_20
Spring AMQP 1.4.3 (plus Spring Boot for convenience)
** Update **
It appears as though connecting as localhost is the problem with Java 8 - when I override the default ConnectionFactory and create my own and explicitly set the host to 127.0.0.1 the connection refused error goes away. There must be some difference in handling with Java's InetSocketAddress as the exception occurs in the Spring AMQP's FrameHandlerFactory line 32 where it tries to create the connection using the host name (which was localhost before). I updated the github project with the change.
I'm trying to deploy my Grails application to AppFog using CloudFoundry plugin (ver. 1.1) in Spring Source Suites (STS 2.9.2).
I'm using https://api.appfog.com as server address and MYAPPNAME.aws.af.cm for application address when deploying app.
Application is pushed and started, services are bounded but, after that, I recive error saying that:
Communication with server failed: I/O error: Server returned HTTP response code: 405 for URL: https://api.appfog.com/apps/MYAPPNAME/application
Also, when I try to create Caldecott tunnel toward database I recive response "The URIs: caldecott-85393a.appfog.com have already been taken or reserved. (404 Not Found)" which I also saw when (by mistake) treid to deploy application to MYAPPNAME.api.appfog.com (default AF name instead of particular infrastructure adress).
I suppose that CloudFoundry plugin uses default server address to reach application and also trying to create Caldecott tunnel on default server address (caldecott-85393a.appfog.com instead of caldecott-85393a.aws.af.cm)
Does anybody have idea how to circumvent this situation?
BR
Zoran
this doesn't sound like an issue with the plugin itself but the response coming back from AppFog's cloud. I would take this up as an issue with them and clarify you can use that plugin with their cloud.
AppFog had issues recently with their Java deployments that was specifically affecting Grails apps. This has been resolved and should be working seamlessly as expected now. You can always reach out for more information in the active google group as well: https://groups.google.com/forum/#!forum/appfog-users