| Error 2012-10-29 14:51:19,847 [http-bio-8443-exec-3] ERROR http11.Http11Processor - Error processing request
Message: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.
Line | Method
->> 886 | runTask in java.util.concurrent.ThreadPoolExecutor$Worker
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 908 | run in ''
^ 680 | run . . in java.lang.Thread
| Error 2012-10-29 14:51:19,850 [http-bio-8443-exec-3] ERROR http11.Http11Processor - Error finishing response
Message: An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers.
Line | Method
->> 886 | runTask in java.util.concurrent.ThreadPoolExecutor$Worker
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 908 | run in ''
^ 680 | run . . in java.lang.Thread
This happens very randomly in my local development environment (grails run-app -https). No matter what the browser is.
I'm running Grails 2.1.0 on Mac OSX with the following plugins:
aws-sdk 1.3.12 -- AWS SDK Grails Plugin
cookie-session 0.1.2 -- Cookie Session Plugin
hibernate 2.1.0 -- Hibernate for Grails
jquery 1.7.1 -- JQuery for Grails
jquery-ui 1.8.15 -- jQuery UI resources
mail 1.0 -- Provides Mail support to a running Grails application
newrelic 0.1 -- Newrelic Plugin
qrcode 0.3 -- QR Code plugin
quartz 1.0-RC2 -- Quartz plugin for Grails
resources 1.1.6 -- Resources
spring-security-core1.2.7.3 -- Spring Security Core Plugin
tomcat 2.1.0 -- Apache Tomcat plugin for Grails
webxml 1.4.1 -- WebXmlConfig
Any ideas what could cause this?
EDIT:
Noticed that this seems to happen after logging in (Spring security login form) when the browser is forwarded to j_spring_security_check. With Chrome & Firefox it's possible to stop this happening for a while by reseting the browser. IE doesn't behave similarly, instead just keeps giving this error (the error is shown only in grails console).
There's something that fills the headers. Possibly the cookie-session plugin?
Related
Following spring securty and saml plugin tutorial i have created a simple app.
Here are links to the tutorial i followed to create simple hello world app.
http://grails-plugins.github.io/grails-spring-security-core/2.0.x/guide/tutorials.html
https://www.wave-access.com/public_en/blog/2014/june/23/how-we-configured-saml-20-on-grails.aspx
I could finally make the saml plugin to configure.
The app now runs but is throwing 500 runtime error as shown below.
I have looked around for a while and havent found any useful solution. The app and plugins are both old because i have to use grails 2.2.
I am using grails 2.2.
I appreciate any insights as to what is causing this no thread bound request found exception.
For your reference i have published the code in github
https://github.com/learningcscience/saml
Thanks!
|Loading Grails 2.2.0
No mavenInfo file found.
|Configuring classpath
.
|Environment set to development
.................................
|Packaging Grails application
....
|Compiling 1 source files
.............
|Running Grails application
Configuring Spring Security Core ...
... finished configuring Spring Security Core
Configuring Spring Security SAML ...
Registering metadata key: ping and value: security/idp-local.xml
...finished configuring Spring Security SAML
|Server running. Browse to http://localhost:8080/bookstore
Error |
2021-09-19 12:47:23,330 [http-bio-8080-exec-3] ERROR [/bookstore].[gsp] - Servlet.service() for servlet [gsp] in context with path [/bookstore] threw exception
Message: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.
Line | Method
->> 1152 | runWorker in java.util.concurrent.ThreadPoolExecutor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 622 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 748 | run . . . in java.lang.Thread
Error |
2021-09-19 12:47:24,146 [http-bio-8080-exec-2] ERROR [/bookstore].[default] - Servlet.service() for servlet [default] in context with path [/bookstore] threw exception
Message: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.
Line | Method
->> 1152 | runWorker in java.util.concurrent.ThreadPoolExecutor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 622 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 748 | run . . . in java.lang.Thread
After taking a quick look at your configuration, it looks like You have not completed step 3 of your SAML on GRAILS tutorial:
3. Key manager settings
[....]
Download and save sp.xml in grails-app/conf/security/folder. Copy ipd.xml, which we have generated on OpenAM server configuration, in the same folder. Add sp and idp settings in Config.groovy:
grails.plugins.springsecurity.saml.metadata.sp.file = 'security/sp.xml'
grails.plugins.springsecurity.saml.metadata.providers = [idp: 'security/idp.xml']
grails.plugins.springsecurity.saml.metadata.defaultIdp = 'idp'
grails.plugins.springsecurity.saml.metadata.sp.defaults = [
local: true,
alias: 'localSp',
securityProfile: 'metaiop',
signingKey: 'apollo',
encryptionKey: 'apollo',
requireArtifactResolveSigned: true,
requireLogoutRequestSigned: true,
requireLogoutResponseSigned: true
]
Note that the tutorial says "Copy ipd.xml", which probably is a typo. Should it be idp.xml instead?
I added rendering plugin as dependency in build.gradle for my grails 3 project as mentioned in https://grails.org/plugin/rendering
compile ":rendering:1.0.0"
When I execute 'gradle dependencies',it says failed. It did not give me any error message but it says failed when the dependencies are listed.
These are the default repositories generated with project
repositories {
mavenLocal()
maven { url "https://repo.grails.org/grails/core" }
}
I tried even this way but did not work
compile "rendering:rendering:1.0.0"
Let me know if I am missing anything or the syntax is wrong.
Version 1.0.0 of rendering plugin is not compatible with Grails 3. Compatible version is 2.0.0-SNAPSHOT and above.
compile "org.grails.plugins:rendering:2.0.0-SNAPSHOT"
in build.gradle should be good with the repository that is currently present.
With Grails 2.*, yes you would need to use this repo: http://repo.grails.org/grails/plugins/org/grails/plugins/rendering/1.0.0/.
maven { url "https://repo.grails.org/grails/plugins" }
We could resolve the dependency injection issue. There was some issue with the project we were working on.So, created a new project and it is working fine. Thankyou.
But we are still having issue with render method.We are calling the render method as below to get the generate the pdf. 'pdf' template is located atviews/render/_pdf.gsp
ByteArrayOutputStream baos = new ByteArrayOutputStream();
pdfRenderingService.render([template: '/render/pdf', model: [form:"Hello text"]],baos)
It is throwing the below exception. Can anyone let us know if we are calling render method in wrong way.
Line | Method
->> 1142 | runWorker in java.util.concurrent.ThreadPoolExecutor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 617 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 745 | run . . . in java.lang.Thread
Caused by NullPointerException: null
->> 1337 | getPublicDeclaredMethods in java.beans.Introspector
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 1197 | getTargetMethodInfo in ''
| 426 | getBeanInfo in ''
| 173 | getBeanInfo in ''
| 31 | init . . in grails.plugins.rendering.document.RenderEnvironment
| 68 | with in ''
| 60 | with . . in ''
| 65 | generateXhtml in grails.plugins.rendering.document.XhtmlDocumentService
| 35 | createDocument in ''
| 36 | render in grails.plugins.rendering.RenderingService
| 43 | buildPdf in RenderController.groovy
I'm using the spring-security-ldap:2.0-RC2 plugin with Grails 2.3.2. I'm trying to connect to an Active Directory server. I've configured the plugin as follows in config.groovy
grails.plugins.springsecurity.ldap.context.server = 'ldap://[ip]:389'
grails.plugins.springsecurity.ldap.context.managerDn = '[DN]'
grails.plugins.springsecurity.ldap.context.managerPassword = '[password]'
grails.plugins.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugins.springsecurity.ldap.authorities.retrieveDatabaseRoles = true
grails.plugins.springsecurity.ldap.search.filter = '(sAMAccountName={0})'
grails.plugins.springsecurity.ldap.search.base = [searchbase]
grails.plugins.springsecurity.ldap.search.searchSubtree = true
grails.plugins.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugins.springsecurity.ldap.search.attributesToReturn = ['name', 'mail']
I get a connection error. However, the connection is listed as localhost:389, not the AD server I've specified.
Caused by CommunicationException: localhost:389; nested exception is
javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException:
Connection refused: connect]
->> 76 | attemptAuthentication in
grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 49 | doFilter in ''
| 82 | doFilter . . . . . . in
grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . . . . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 745 | run in java.lang.Thread
Note: I've tried connecting (in a separate Groovy project) with Groovy-Ldap.jar
I make a connection with:
ldap = LDAP.newInstance('ldap://[ip]:389', '[DN]', '[password]')
and this works fine. I can connect to the AD.
Any idea what can be wrong and why localhost:389 is tried and the AD I specified?
Note: in my Grails project I am using a ProxySettings.groovy file with several entries in http.nonProxyHosts (all servers that need to be accessed in the internal network). I've tried including the AD server in the nonProxyHosts but this makes no difference.
Regards,
Jan-Willem Klomp
You should be getting a warning in the output telling you that you're using grails.plugins.springsecurity as the property prefix but that it's been changed in 2.0 to grails.plugin.springsecurity. Your custom properties are being ignored and only the defaults are being used.
I have a project in Grails 2.2.3 using Groovy 2.0. I have it set up with Spring Security to use CAS for authentication and LDAP for user roles. When I run the app, everything works as it should: accessing /appcontext/ is allowed by anyone and anything under /appcontext/admin/ is secured by CAS and an admin role from LDAP. I am trying to use the newest versions of Grails and Groovy now. I installed GGTS 3.4.0.RELEASE and am using Grails 2.3.0 and Groovy 2.1. I created a new project, made a simple domain class and controller and added in the security settings.
Here is my output when running the app with GGTS 3.3.0.RELEASE, using Grails 2.2.3 and Groovy 2.0: (note the location of the "Server Running" message)
| Loading Grails 2.2.3
| Configuring classpath.
| Environment set to development.....
| Packaging Grails application.....
| Running Grails application
Configuring Spring Security Core ...
... finished configuring Spring Security Core
Configuring Spring Security CAS ...
... finished configuring Spring Security CAS
Configuring Spring Security LDAP ...
... finished configuring Spring Security LDAP
| Server running. Browse to http://localhost:8080/appcontext
Here is my output when running the app with GGTS 3.4.0.RELEASE, using Grails 2.3.0 and Groovy 2.1 (note the location of the "Server Running" message):
| Loading Grails 2.3.0
| Configuring classpath.
| Environment set to development.....
| Packaging Grails application.....
| Compiling 1 source files.....
| Running Grails application
| Server running. Browse to http://localhost:8080/appcontext
Configuring Spring Security Core ...
... finished configuring Spring Security Core
Configuring Spring Security LDAP ...
... finished configuring Spring Security LDAP
Error initializing the application: No bean named 'casAuthenticationProvider' is defined
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'casAuthenticationProvider' is defined
at SpringSecurityCoreGrailsPlugin$_createBeanList_closure22.doCall(SpringSecurityCoreGrailsPlugin.groovy:686)
at SpringSecurityCoreGrailsPlugin.createBeanList(SpringSecurityCoreGrailsPlugin.groovy:686)
at SpringSecurityCoreGrailsPlugin$_closure4.doCall(SpringSecurityCoreGrailsPlugin.groovy:615)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
| Error 2013-10-15 11:33:02,925 [localhost-startStop-1] ERROR context.GrailsContextLoader - Error initializing the application: No bean named 'casAuthenticationProvider' is defined
Message: No bean named 'casAuthenticationProvider' is defined
Line | Method
->> 686 | doCall in SpringSecurityCoreGrailsPlugin$_createBeanList_closure22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 615 | doCall in SpringSecurityCoreGrailsPlugin$_closure4
| 303 | innerRun . . . in java.util.concurrent.FutureTask$Sync
| 138 | run in java.util.concurrent.FutureTask
| 886 | runTask . . . in java.util.concurrent.ThreadPoolExecutor$Worker
| 908 | run in ''
^ 662 | run . . . . . in java.lang.Thread
schema export unsuccessful
org.h2.jdbc.JdbcSQLException: Database is already closed (to disable automatic closing at VM shutdown, add ";DB_CLOSE_ON_EXIT=FALSE" to the db URL) [90121-170]
at org.h2.message.DbException.getJdbcSQLException(DbException.java:329)
at org.h2.message.DbException.get(DbException.java:169)
at org.h2.message.DbException.get(DbException.java:146)
at org.h2.message.DbException.get(DbException.java:135)
at org.h2.jdbc.JdbcConnection.checkClosed(JdbcConnection.java:1391)
at org.h2.jdbc.JdbcConnection.checkClosed(JdbcConnection.java:1366)
at org.h2.jdbc.JdbcConnection.getAutoCommit(JdbcConnection.java:424)
at java.lang.Thread.run(Thread.java:662)
| Error 2013-10-15 11:33:03,071 [Thread-9] ERROR hbm2ddl.SchemaExport - schema export unsuccessful
Message: Database is already closed (to disable automatic closing at VM shutdown, add ";DB_CLOSE_ON_EXIT=FALSE" to the db URL) [90121-170]
Line | Method
->> 329 | getJdbcSQLException in org.h2.message.DbException
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 169 | get in ''
| 146 | get . . . . . . . . in ''
| 135 | get in ''
| 1391 | checkClosed . . . . in org.h2.jdbc.JdbcConnection
| 1366 | checkClosed in ''
| 424 | getAutoCommit . . . in ''
^ 662 | run in java.lang.Thread
| Error Forked Grails VM exited with error
Here is my basic security setup:
conf/spring/resources.groovy
import org.apache.commons.lang.StringEscapeUtils
// Place your Spring DSL code here
beans = {
// load ldap roles from spring security
def ldapUrl = StringEscapeUtils.escapeJava('${ldap.defaultUrl}')
def ldapUser = StringEscapeUtils.escapeJava('${ldap.username}')
def ldapPassword = StringEscapeUtils.escapeJava('${ldap.password}')
def ldapBase = StringEscapeUtils.escapeJava('${ldap.base}')
def ldapRoleSearchBase = StringEscapeUtils.escapeJava('${ldap.roleSearchBase}')
initialDirContextFactory(org.springframework.security.ldap.DefaultSpringSecurityContextSource, ldapUrl){
userDn = ldapUser
password = ldapPassword
}
ldapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch,
ldapBase, 'sAMAccountName={0}', initialDirContextFactory){ }
ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator,
initialDirContextFactory, ldapRoleSearchBase){
groupRoleAttribute = 'cn'
groupSearchFilter = 'member={0}'
searchSubtree = true
rolePrefix = 'ROLE_'
convertToUpperCase = true
ignorePartialResultException = true
}
userDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService,ldapUserSearch,ldapAuthoritiesPopulator){ }
}
conf/Config.groovy
def appName = grails.util.Metadata.current.getApplicationName()
environments {
development {
grails.logging.jul.usebridge = true
host.ip = "12.34.56.78"
host.port = "8080"
host.securePort = "8080"
ldap.username = "ldapUsername"
ldap.password = "ldapPassword"
ldap.base = "DC=foo,DC=company,DC=com"
ldap.roleSearchBase = "OU=bar,DC=foo,DC=company,DC=com"
ldap.defaultUrl = "ldap://123.45.67.89:389"
ldap.urls = "ldap://123.45.67.89:389 ldap://123.45.67.89:389"
cas.url = "https://sso.company.com/cas/"
cas.loginUrl = "https://sso.company.com/cas/login"
cas.logoutUrl = "https://sso.company.com/cas/logout"
grails.plugins.springsecurity.cas.serviceUrl = 'http://${host.ip}:${host.securePort}/' + appName +'/j_spring_cas_security_check'
grails.plugins.springsecurity.cas.proxyCallbackUrl = 'http://${host.ip}:${host.securePort}/' + appName +'/secure/receptor'
}
production {
grails.logging.jul.usebridge = false
grails.plugins.springsecurity.cas.serviceUrl = 'https://${host.ip}:${host.securePort}/' + appName +'/j_spring_cas_security_check'
grails.plugins.springsecurity.cas.proxyCallbackUrl = 'https://${host.ip}:${host.securePort}/' + appName +'/secure/receptor'
}
}
//spring security core config
grails.plugins.springsecurity.providerNames = ['casAuthenticationProvider']
grails.plugins.springsecurity.rejectIfNoRule = true
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugins.springsecurity.interceptUrlMap = [
'/js/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/css/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/images/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/admin/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/admin/logout/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/admin/**': ['hasAnyRole("ROLE_ADMIN")'],
'/**': ['IS_AUTHENTICATED_ANONYMOUSLY']
]
//cas config
grails.plugins.springsecurity.cas.loginUri = 'login'
grails.plugins.springsecurity.cas.serverUrlPrefix = '${cas.url}'
grails.plugins.springsecurity.cas.proxyReceptorUrl = '/secure/receptor'
conf/BuildConfig.groovy
compile ":spring-security-core:1.2.7.3"
compile ":spring-security-cas:1.0.5"
compile ":spring-security-ldap:1.0.6"
EDIT
Using the advice of the accepted answer below, I was able to get Spring Security CAS to configure correctly, but my controllers were still unsecured. I figured that it had to do with that weird load order where the app server says it's running and THEN it loads Spring Security, LDAP, and CAS. A coworker suggested taking out my InterceptUrlMap and using #Secured annotations to see if it was the loading order (since InterceptUrlMap can't be updated after everything is up and running). I got rid of the rejectIfNoRule, securityConfigType, and interceptUrlMap settings and added a #Secured(['ROLE_ADMIN']) to the controller. The app now works as expected and that controller is secured.
So, there is still an issue with the order of events with Grails 2.3.0 and Spring Security, but this is a workaround.
Related question: https://stackoverflow.com/questions/19411102/grails-2-3-0-spring-security-ldap-and-cas-load-after-server-starts
I see the same thing. Looks like the CAS plugin defaults from DefaultCasSecurityConfig.groovy are not merged properly under Grails 2.3.0. Possibly worth a JIRA. In the meantime, you may be able to move forward by adding the defaults to Config.groovy (overriding for your environment):
grails.plugins.springsecurity.cas.active = true
grails.plugins.springsecurity.cas.loginUri = null // must be set, e.g. '/login'
grails.plugins.springsecurity.cas.sendRenew = false
grails.plugins.springsecurity.cas.serviceUrl = null // must be set, e.g. 'http://localhost:8080/myapp/j_spring_cas_security_check'
grails.plugins.springsecurity.cas.serverUrlPrefix = null // must be set, e.g. 'http://localhost:9090/cas'
grails.plugins.springsecurity.cas.serverUrlEncoding = 'UTF-8'
grails.plugins.springsecurity.cas.key = 'grails-spring-security-cas'
grails.plugins.springsecurity.cas.artifactParameter = 'ticket'
grails.plugins.springsecurity.cas.serviceParameter = 'service'
grails.plugins.springsecurity.cas.filterProcessesUrl = '/j_spring_cas_security_check'
grails.plugins.springsecurity.cas.proxyCallbackUrl = null // should be set, e.g. 'http://localhost:8080/myapp/secure/receptor'
grails.plugins.springsecurity.cas.proxyReceptorUrl = null // should be set, e.g. '/secure/receptor'
grails.plugins.springsecurity.cas.useSingleSignout = true
I know this thread is a bit old, but I just stumbled on it when hit with the same problem in 2.0-RC1.
What I found was the default configuration wasn't being loaded in SpringSecurityCasGrailsPlugin.groovy. This was an issue that happened when deploying .War files on Tomcat that was fixed long ago. The code added for that fix, if allowed to execute, fixed this new issue for me. I simply forced the if condition to always be true, as shown below (the code is from around line 105 in SpringSecurityCasGrailsPlugin.groovy):
if (true /*application.warDeployed*/) {
// need to load secondary here since web.xml was already built, so
// doWithWebDescriptor isn't called when deployed as war
SpringSecurityUtils.loadSecondaryConfig 'DefaultCasSecurityConfig'
conf = SpringSecurityUtils.securityConfig
}
(Only the if statement is change, the rest of the code is for illustration).
I don't know what side effects this may introduce (none that I can tell yet...). It seems like there is may be a difference in the run-app command making it behave like a .war deployment or something. Anyway, I certainly would be hesitant to deploy a production app this way, and would opt for creating all the configuration options by hand like in the accepted answer. But maybe this will give insight to someone who can figure out the real issue.
I'm upgrading my application to Grails 2.0.0 RC3.
Now, I want to downgrade my application to Grails 2.0.0 RC1 but when I run it I have this error:
Error 500: Internal Server Error
URI
/directory/
Class
java.lang.IllegalStateException
Message
No thread-bound request found: Are you referring to request attributes outside of an actual web
request, or processing a request outside of the originally receiving thread? If you are actually
operating within a web request and still receive this message, your code is probably running
outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or
RequestContextFilter to expose the current request.
Trace
Line | Method
->> 886 | runTask in java.util.concurrent.ThreadPoolExecutor$Worker
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 908 | run in ''
^ 662 | run . . in java.lang.Thread
I have no idea how to get rid of it.