Our application uses Waffle SpringBoot starter to identify the Active Directory user for user authentication of our application. However, everytime a user logs in, there is an error logged though it does not prevent authentication. This has resulted in ballooning of the log file very soon to 100s of MBs. The error I am getting is as follows
05-November 00:46:53 ERROR - Servlet.service() for servlet [dispatcherServlet] in context with path [/burganPMS] threw exception
java.lang.RuntimeException: Invalid Authorization header: Negotiate
at waffle.util.AuthorizationHeader.getSecurityPackage(AuthorizationHeader.java:94)
at waffle.spring.NegotiateSecurityFilter.doFilter(NegotiateSecurityFilter.java:104)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:92)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
I have tried to filter this error from being printed in Log4J2 by using RegexFilter on waffle.util.* but that has also not worked.
I need help to figure
- If this error is indicative of any wrong configuration?
- If not, how to turn off printing this error in log files using Log4J2?