Suppress the GET for /cas/v1/tickets
100 views
Skip to first unread message
Raheem Shaik
Dec 13, 2019, 2:40:04 PM12/13/19
to CAS Community
While doing POST for https://test.<domain>/cas/v1/tickets endpoint it is working fine and getting TGT ( 201 created)
But when we use GET for https://test.<domain>/cas/v1/tickets endpoint it is throwing below error
"status": 405,
"error": "Method Not Allowed",
"exception": "org.springframework.web.HttpRequestMethodNotSupportedException",
"message": "Request method 'GET' not supported",
"trace": "org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'GET' not supported\n\tat org.springframework.web.servlet.mvc.method.RequestMappingInfoHandlerMapping.handleNoMatch(RequestMappingInfoHandlerMapping.java:205)\n\tat org.springframework.web.servlet.handler.AbstractHandlerMethodMapping.lookupHandlerMethod(AbstractHandlerMethodMapping.java:374)\n\tat org.springframework.web.servlet.handler.AbstractHandlerMethodMapping.getHandlerInternal(AbstractHandlerMethodMapping.java:314)\n\tat org.springframework.web.servlet.handler.AbstractHandlerMethodMapping.getHandlerInternal(AbstractHandlerMethodMapping.java:61)\n\tat org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:352)\n\tat org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1160)\n\tat org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:940)\n\tat org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)\n\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)\n\tat org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:687)\n\tat org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:790)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:30)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:240)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:96)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:103)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)\n\tat org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:660)\n\tat org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679)\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)\n\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)\n\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tat java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)\n\tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)\n\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tat java.lang.Thread.run(Thread.java:748)\n",
"path": "/cas/v1/tickets"
}
As per the document https://apereo.github.io/cas/5.2.x/protocol/REST-Protocol.html
For POST if the successful response it gives `201` and for unsuccessful response it give `415`
Can you help me out how to suppress the error trace while calling GET for endpoint /cas/v1/tickets
Andy Ng
Dec 15, 2019, 8:35:47 PM12/15/19
to CAS Community
Hi Raheem,
I also encountered this issue on 5.2.x, not sure if this is still an issue on later CAS version, I suspect this issue is fixed on later version since it seems like a spring problem.
I used a very ugly method to suppress this message, basically I override the GET method and prevent the trace from giving out.
=====================================================================
MyCompanyTicketGrantingTicketResourceGetMapper.java
package my.company.cas.rest; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; @RestController("MyCompanyTicketGrantingTicketResourceGetMapper") public class MyCompanyTicketGrantingTicketResourceGetMapper { /** * Reject Get Response, without exposing error trace to client * * @return ResponseEntity representing Method Not Allowed */ @GetMapping("/v1/tickets") public ResponseEntity<String> rejectGetResponse() throws Exception { return new ResponseEntity<>("Method Not Allowed.", HttpStatus.METHOD_NOT_ALLOWED); } }
=====================================================================
MyCompanyRestConfiguraiton.java
package my.company.cas.rest; import org.apereo.cas.config.CasRestConfiguration; import org.apereo.cas.configuration.CasConfigurationProperties; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; @Configuration("myCompanyCasRestConfiguration") @Import(CasRestConfiguration.class) @EnableConfigurationProperties(CasConfigurationProperties.class) public class MyCompanyCasRestConfiguration { @Bean public MyCompanyTicketGrantingTicketResourceGetMapper myCompanyTicketGrantingTicketResourceGetMapper() { return new MyCompanyTicketGrantingTicketResourceGetMapper(); } }
=====================================================================
And also an in the Auto Configuration on the MyCompanyRestConfiguraiton config in spring.factories.
=====================================================================
It works for me, see if it helps you as well.
Cheers!
- Andy
Raheem Shaik
Dec 16, 2019, 2:00:17 AM12/16/19
to cas-...@apereo.org
Hi Andy,
Thank you for providing the steps.
But we are running cas on docker container, for that we are using docker image v5.2.6 from publicly and sending our config properties ( cas.properties, log4j2.xml, pom.xml, JWT.json, build.sh, run-cas.sh) to build our own image then running the cas.
So can you please let me know how i can suppress these alerts in our scenario.
So can you please let me know how i can suppress these alerts in our scenario.
Regards,
Raheem Shaik
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9fbecda0-bd9a-4423-8585-dc5233b0b5db%40apereo.org.
********************************************
Inmar Confidentiality Note: This e-mail and any attachments are confidential and intended to be viewed and used solely by the intended recipient. If you are not the intended recipient, be aware that any disclosure, dissemination, distribution, copying or use of this e-mail or any attachment is prohibited. If you received this e-mail in error, please notify us immediately by returning it to the sender and delete this copy and all attachments from your system and destroy any printed copies. Thank you for your cooperation.
Notice of Protected Rights: The removal of any copyright, trademark, or proprietary legend contained in this e-mail or any attachment is prohibited without the express, written permission of Inmar, Inc. Furthermore, the intended recipient must maintain all copyright notices, trademarks, and proprietary legends within this e-mail and any attachments in their original form and location if the e-mail or any attachments are reproduced, printed or distributed.
********************************************
Andy Ng
Dec 16, 2019, 3:57:55 AM12/16/19
to CAS Community
Hi Raheem,
Where did you find the public CAS 5.2.x docker image?
In any case, since you are able to create file and put it in the structure, maybe the following will work:
==================================================
- Put a spring.factories in the following directory:
your_project/src/main/resources/spring.factories
org.springframework.boot.autoconfigure.EnableAutoConfiguration=my.company.cas.rest.MyCompanyRestConfiguraiton.java
==================================================
- Put the Java file in place
your_project/src/main/my/company/cas/rest/MyCompanyRestConfiguraiton.java
your_project/src/main/my/company/cas/rest/MyCompanyTicketGrantingTicketResourceGetMapper.java==================================================
Then the logic should be activated.
As for where is the `your_project` directory located when using docker, I don't know specifically since I don't know the "docker image v5.2.6 from publicly".
If you cannot locate `your_project`, please provide this "docker image v5.2.6 from publicly" so I can point you to the correct directory..
See if the above helps...
Cheers!
- Andy
Raheem Shaik
Dec 16, 2019, 4:26:10 AM12/16/19
to cas-...@apereo.org
Hi Andy,
Thanks for providing the steps, i will try to implement provided steps.
Below is the process we are following
# docker pull apereo/cas:v5.2.6 - > you will get the docker image
After that I am following the steps provided by cas-overlay-template https://github.com/apereo/cas-overlay-template/tree/5.2 to build my own image.
In my project code in Dockerfile is like beowFROM apereo/cas:v5.2.6
# docker pull apereo/cas:v5.2.6 - > you will get the docker image
After that I am following the steps provided by cas-overlay-template https://github.com/apereo/cas-overlay-template/tree/5.2 to build my own image.
In my project code in Dockerfile is like beowFROM apereo/cas:v5.2.6
RUN keytool -genkeypair -alias cas -keyalg RSA *************************
COPY cas.properties /cas-overlay/etc/cas/config/cas.properties
COPY pom.xml /cas-overlay/pom.xml
COPY JWTServices.json /cas-overlay/etc/cas/services/JWTServices.json
COPY log4j2.xml /cas-overlay/etc/cas/config/log4j2.xml
COPY run-cas.sh cas-overlay/bin/run-cas.sh
COPY build.sh /cas-overlay/build.sh
COPY pom.xml /cas-overlay/pom.xml
COPY JWTServices.json /cas-overlay/etc/cas/services/JWTServices.json
COPY log4j2.xml /cas-overlay/etc/cas/config/log4j2.xml
COPY run-cas.sh cas-overlay/bin/run-cas.sh
COPY build.sh /cas-overlay/build.sh
If possible please provide me the steps as per above steup
Regards,
Raheem Shaik
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/36b21d1f-6eca-4697-85da-765c03e3ce29%40apereo.org.
Raheem Shaik
Dec 16, 2019, 6:22:28 AM12/16/19
to cas-...@apereo.org
Hi Andy,
added the files to my Dockerfile like below
RUN mkdir -p /cas-overlay/src/main/resources/
RUN cd /cas-overlay/src/main
RUN mkdir -p my/company/cas/rest/
COPY spring.factories /cas-overlay/src/main/resources/spring.factories
COPY MyCompanyRestConfiguraiton.java /cas-overlay/src/main/my/company/cas/rest/MyCompanyRestConfiguraiton.java
COPY MyCompanyTicketGrantingTicketResourceGetMapper.java /cas-overlay/src/main/my/company/cas/rest/MyCompanyTicketGrantingTicketResourceGetMapper.java
I have tried with provided steps by you but still getting the same error message.
added the files to my Dockerfile like below
FROM apereo/cas:v5.2.6
# A keypair is needed for SSL, and CAS simply will not work if you can't do SSL regardless of whether you actually need it.
RUN keytool -genkeypair -alias cas -keyalg RSA **************************************************************************
# A keypair is needed for SSL, and CAS simply will not work if you can't do SSL regardless of whether you actually need it.
RUN keytool -genkeypair -alias cas -keyalg RSA **************************************************************************
RUN mkdir -p /cas-overlay/src/main/resources/
RUN cd /cas-overlay/src/main
RUN mkdir -p my/company/cas/rest/
COPY spring.factories /cas-overlay/src/main/resources/spring.factories
COPY MyCompanyRestConfiguraiton.java /cas-overlay/src/main/my/company/cas/rest/MyCompanyRestConfiguraiton.java
COPY MyCompanyTicketGrantingTicketResourceGetMapper.java /cas-overlay/src/main/my/company/cas/rest/MyCompanyTicketGrantingTicketResourceGetMapper.java
COPY cas.properties /cas-overlay/etc/cas/config/cas.properties
COPY pom.xml /cas-overlay/pom.xml
COPY JWTServices.json /cas-overlay/etc/cas/services/JWTServices.json
COPY log4j2.xml /cas-overlay/etc/cas/config/log4j2.xml
COPY run-cas.sh cas-overlay/bin/run-cas.sh
COPY build.sh /cas-overlay/build.sh
Can you let me know if I have missed any steps or please provide the steps as per the setup so that i can place these three files in appropriate folder.
Regards,
Raheem Shaik
Andy Ng
Dec 16, 2019, 11:08:18 PM12/16/19
to CAS Community
Hi Raheem,
I don't have time today to do a full test, but I suspect the problem exists in the pathing:
├── cas
│ └── src
│ └── main
│ └── resources
│ ├── hbmsu.properties
│ ├── services
│ │ └── testJSONFILE-123.json
│ ├── static
│ │ └── themes
│ │ └── hbmsu
│ └── templates
See this for more detail: https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/Andy$20%22cas$2Fsrc$2Fmain$2Fresources%22|sort:date/cas-user/wkaESyEDyZo/5_vew52XBAAJ
Soo, I suspect maybe if you put it like so it would work? I didn't try it since don't have time to setup:
FROM apereo/cas:v5.2.6
# A keypair is needed for SSL, and CAS simply will not work if you can't do SSL regardless of whether you actually need it.
RUN keytool -genkeypair -alias cas -keyalg RSA **************************************************************************
# A keypair is needed for SSL, and CAS simply will not work if you can't do SSL regardless of whether you actually need it.
RUN keytool -genkeypair -alias cas -keyalg RSA **************************************************************************
RUN mkdir -p /cas-overlay/src/main/resources/
RUN cd /cas-overlay/cas/src/main
RUN mkdir -p my/company/cas/rest/
COPY spring.factories /cas-overlay/cas/src/main/resources/spring.factories
COPY MyCompanyRestConfiguraiton.java /cas-overlay/cas/src/main/my/company/cas/rest/MyCompanyRestConfiguraiton.java
COPY MyCompanyTicketGrantingTicketResourceGetMapper.java /cas-overlay/cas/src/main/my/company/cas/rest/MyCompanyTicketGrantingTicketResourceGetMapper.java
COPY cas.properties /cas-overlay/etc/cas/config/cas.properties
COPY pom.xml /cas-overlay/pom.xml
COPY JWTServices.json /cas-overlay/etc/cas/services/JWTServices.json
COPY log4j2.xml /cas-overlay/etc/cas/config/log4j2.xml
COPY run-cas.sh cas-overlay/bin/run-cas.sh
COPY build.sh /cas-overlay/build.sh
Just speculation, might or might not work, but worth a try if you have time.
- Andy
Raheem Shaik
Feb 7, 2020, 1:11:44 AM2/7/20
to CAS Community
This issue has been suppressed or fixed in cas 6 version
@Andy, thank you very much for the help
Reply all
Reply to author
Forward
0 new messages