This may be related to Spring Security--although I'm quite sure I
built with the -Dopenaccess-security flag.
Log snippet:
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
Secure object: FilterInvocation: URL: /eureka.nocache.js?
1300997855067; ConfigAttributes: [ROLE_USER]
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource
- Candidate is: '/scripts/external-js-min.js'; pattern is /style/**;
matched=false
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource
- Candidate is: '/scripts/external-js-min.js'; pattern is /scripts/**;
matched=true
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
Previously Authenticated:
org.springframework.security.providers.anonymous.AnonymousAuthenticationToken@69ec09e9:
Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true;
Details:
org.springframework.security.ui.WebAuthenticationDetails@957e:
RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
Secure object: FilterInvocation: URL: /scripts/external-js-min.js?
1300997855067; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
Previously Authenticated:
org.springframework.security.providers.anonymous.AnonymousAuthenticationToken@69ec09e9:
Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true;
Details:
org.springframework.security.ui.WebAuthenticationDetails@957e:
RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
Authorization successful
2011-03-25 10:43:44,149 DEBUG
org.springframework.security.intercept.AbstractSecurityInterceptor -
RunAsManager did not change Authentication object
2011-03-25 10:43:44,150 DEBUG
org.springframework.security.util.FilterChainProxy - /scripts/external-
js-min.js?1300997855067 reached end of additional filter chain;
proceeding with original chain
2011-03-25 10:43:44,152 DEBUG
org.springframework.security.ui.ExceptionTranslationFilter - Chain
processed normally
2011-03-25 10:43:44,154 DEBUG
org.springframework.security.context.HttpSessionContextIntegrationFilter
- HttpSession is null, but SecurityContextHolder has not changed from
default: '
org.springframework.security.context.SecurityContextImpl@ffffffff:
Null authentication'; not creating HttpSession or storing
SecurityContextHolder contents
2011-03-25 10:43:44,154 DEBUG
org.springframework.security.context.HttpSessionContextIntegrationFilter
- SecurityContextHolder now cleared, as request processing completed
2011-03-25 10:43:44,154 DEBUG
org.springframework.security.ui.ExceptionTranslationFilter - Access is
denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.AccessDeniedException: Access is denied
at
org.springframework.security.vote.AffirmativeBased.decide(AffirmativeBased.java:
68)
at
org.springframework.security.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:
262)
at
org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:
106)
at
org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:
83)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:
52)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.oauth.provider.OAuthProviderProcessingFilter.doFilter(OAuthProviderProcessingFilter.java:
173)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.oauth.provider.OAuthProviderProcessingFilter.doFilter(OAuthProviderProcessingFilter.java:
193)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:
278)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.oauth.provider.OAuthProviderProcessingFilter.doFilter(OAuthProviderProcessingFilter.java:
193)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:
101)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:
105)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:
109)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:
91)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:
174)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:
278)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:
89)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:
235)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:
53)
at org.springframework.security.util.FilterChainProxy
$VirtualFilterChain.doFilter(FilterChainProxy.java:406)
at
org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:
185)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:
236)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:
167)
at org.mortbay.jetty.servlet.ServletHandler
$CachedChain.doFilter(ServletHandler.java:1088)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:
360)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:
216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:
181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:
729)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:
405)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:
206)
at
org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:
114)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:
152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:
505)
at org.mortbay.jetty.HttpConnection
$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:513)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:
395)
at org.mortbay.thread.QueuedThreadPool
$PoolThread.run(QueuedThreadPool.java:488)
2011-03-25 10:43:44,164 DEBUG
org.springframework.security.ui.ExceptionTranslationFilter -
Authentication entry point being called; SavedRequest added to
Session: SavedRequest[
http://localhost:8080/eureka.nocache.js?
1300997855067]
2011-03-25 10:43:44,168 DEBUG
org.springframework.security.context.HttpSessionContextIntegrationFilter
- SecurityContextHolder now cleared, as request processing completed