CAS 6.3.7 authentication throttling with hazelcast throws exception
78 views
Skip to first unread message
Udo Einspanier
Oct 13, 2021, 10:16:41 AM10/13/21
to CAS Community
Hi,
I am using CAS 6.3.7 and want to use authentication throttling with hazelcast. Every time the scheduler runs I get below exception. CAS calls a method in Hazelcast that is not supported for that class. Here my YAML configuration snippet:
throttle:
usernameParameter: username
schedule:
enabled: true
startDelay: PT10S
repeatInterval: PT120S
failure:
threshold: 1
rangeSeconds: 5
hazelcast:
cluster:
members: @cas.hazelcast.members@
instanceName: auththrottling
port: @cas.hazelcast.port@
tcpipEnabled: true
usernameParameter: username
schedule:
enabled: true
startDelay: PT10S
repeatInterval: PT120S
failure:
threshold: 1
rangeSeconds: 5
hazelcast:
cluster:
members: @cas.hazelcast.members@
instanceName: auththrottling
port: @cas.hazelcast.port@
tcpipEnabled: true
I guess disabling the throttle schedule is not an option since then it seems like the old entries remain in the map forever.
Has anyone used hazelcast successfully for authentication throttling?
Thanks,
Udo
2021-10-13 16:04:29,417 ERROR [org.springframework.scheduling.support.TaskUtils$LoggingErrorHandler] - <Unexpected error occurred in scheduled task>
java.lang.UnsupportedOperationException: null
at com.hazelcast.map.impl.query.QueryResultCollection.removeIf(QueryResultCollection.java:88) ~[hazelcast-4.1.jar:4.1]
at org.apereo.cas.web.support.AbstractInMemoryThrottledSubmissionHandlerInterceptorAdapter.decrement(AbstractInMemoryThrottledSubmissionHandlerInterceptorAdapter.java:62) ~[cas-server-support-throttle-core-6.3.7.jar:6.3.7]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) ~[spring-aop-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at com.sun.proxy.$Proxy172.decrement(Unknown Source) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) ~[?:?]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) ~[?:?]
at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) ~[?:?]
at org.apereo.cas.web.support.InMemoryThrottledSubmissionCleaner.run(InMemoryThrottledSubmissionCleaner.java:31) ~[cas-server-support-throttle-core-6.3.7.jar:6.3.7]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) ~[spring-context-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) ~[spring-context-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[?:?]
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) ~[?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
at java.lang.Thread.run(Thread.java:834) [?:?]
java.lang.UnsupportedOperationException: null
at com.hazelcast.map.impl.query.QueryResultCollection.removeIf(QueryResultCollection.java:88) ~[hazelcast-4.1.jar:4.1]
at org.apereo.cas.web.support.AbstractInMemoryThrottledSubmissionHandlerInterceptorAdapter.decrement(AbstractInMemoryThrottledSubmissionHandlerInterceptorAdapter.java:62) ~[cas-server-support-throttle-core-6.3.7.jar:6.3.7]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) ~[spring-aop-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at com.sun.proxy.$Proxy172.decrement(Unknown Source) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) ~[?:?]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) ~[?:?]
at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) ~[?:?]
at org.apereo.cas.web.support.InMemoryThrottledSubmissionCleaner.run(InMemoryThrottledSubmissionCleaner.java:31) ~[cas-server-support-throttle-core-6.3.7.jar:6.3.7]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) ~[spring-context-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) ~[spring-context-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[?:?]
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) ~[?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
at java.lang.Thread.run(Thread.java:834) [?:?]
wvub...@gmail.com
Nov 15, 2021, 3:53:20 PM11/15/21
to CAS Community, Udo Einspanier
I am getting the same error with 6.4.1. Have not found a solution yet.
chris
Udo Einspanier
Nov 16, 2021, 3:53:45 AM11/16/21
to CAS Community, wvub...@gmail.com, Udo Einspanier
Ok, thanks for the feedback.
Udo
Felix Schumacher
Nov 16, 2021, 3:00:38 PM11/16/21
to cas-...@apereo.org
I think this is a bug in the cas implementation of the generic throttler in combination with hazelcast. The used view returned by IMap#entrySet() is implemented as immutable (made more clear with https://github.com/hazelcast/hazelcast/issues/12198 ), but the generic implementation AbstractInMemoryThrottledSubmissionHandlerInterceptorAdapter#decrement() needs an mutable set to work on.
The thrown exception is used by hazelcast to make it clear, that the view (obtained by #entrySet) can't be modified.
It might have gone unnoticed in older versions, where hazelcast didn't throw an exception (at least, that is what I understood from reading the hazelcast issue 12198).
Felix
Am 15.11.21 um 21:53 schrieb
wvub...@gmail.com:
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a63a43c3-8d7f-44c1-9255-1dd51b500995n%40apereo.org.
Reply all
Reply to author
Forward
0 new messages