Setup:
Artifactory 7.33.12 with pro license
(satellite pass-though multiple Artifactorys)
Ubuntu 20.04 LTS
i switched all my artifactories to debug mode with logback.xml.
I changed all entries with level:info or with level:warn to level:debug
After these changes the artifactory server have began
right away to show passwords in plaintext: We have local and ldap user
Log snipped:
2022-04-04T10:46:57.758Z [jfrt ] [DEBUG] [bf2d7f554f68c503] [o.a.h.wire:87 ] [ttp-nio-8080-exec-75] - http-outgoing-145231 >> "{"username":"username1","password":"plaintext"}"
2022-04-04T10:00:59.763Z [jfrt ] [DEBUG] [e227b7e38f035f2b] [o.a.h.wire:87 ] [tp-nio-8080-exec-150] - http-outgoing-143844 >> "{"username":"username2","password":"plaintext"}"
The plaintext passwords was generated always if a user entered a wrong password (failed login)
this password was then in the artifactory logs in plaintext.
I switched immediately the logback.xml to level: warn and info and the passwords was encrypted again. Following log message looks weird:
./router-request.log:{"BackendAddr":"localhost:8040","ClientAddr":"127.0.0.1:38458","DownstreamContentSize":216532,"DownstreamStatus":200,"Duration":164389727,"RequestMethod":"GET","RequestPath":"/access/api/v1/users/?expand=passwords\u0026expand=encryptedData","StartUTC":"2022-04-08T09:52:53.86050316Z","level":"info","msg":"","request_Uber-Trace-Id":"28f3f17dc93f35c6:1b30ff214f5c8529:178287af7a330c6e:0","request_User-Agent":"JFrog Access Java Client/7.35.0 73500900 Artifactory/7.33.12 73312900","time":"2022-04-08T11:52:54+02:00"}
Did anyone know why this happened? Is that a bug?
I cant believe that was a intended behavior.
A production system can not display passwords in plaintext.
Anyone a Idea?
Please help
Related
I got the following issue while connecting to Mac Agent.
Previously when using Xcode 9.2 i got no such issues but later when updated to Xcode 9.3 the following log was showed.
Getting this error even when the Mac credentials are correct.
Xamarin.VisualStudio.TastyPackage|Information|0|Hooked up SDB tracing adapter
Xamarin.VisualStudio.TastyPackage|Information|0|Initialization finished
Xamarin|Information|0|Xamarin - 4.8.0.760-d15-5+fc93f3f5b
Xamarin.VisualStudio.Activation.AccountManager|Information|0|VS2017 Community
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|No license found for iOS
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|Running license sync for iOS
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|Not logged in, using iOS Community
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|No license found for Android
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|Running license sync for Android
Xamarin.VisualStudio.Activation.ActivationManager|Information|0|Not logged in, using Android Community
Xamarin.VisualStudio.TastyPackage|Information|0|Hooked up SDB tracing adapter
Xamarin.VisualStudio.TastyPackage|Information|0|Initialization finished
Xamarin.VisualStudio.Android.XamarinAndroidPackage|Warning|0|Initializing Xamarin.VisualStudio.Android.XamarinAndroidPackage
Xamarin.Inspector|Information|0|Inspector extension loaded
Xamarin.VisualStudio.TastyPackage|Information|0|Hooked up SDB tracing adapter
Xamarin.VisualStudio.TastyPackage|Information|0|Initialization finished
Xamarin.VisualStudio.IOS.XamarinIOSPackage|Warning|0|Initializing Xamarin.VisualStudio.IOS.XamarinIOSPackage.
Xamarin.VisualStudio.ProjectFixerRunner|Information|0|Solution loaded: 'App1'
Xamarin.VisualStudio.ProjectFixerRunner|Information|0|running fixup on project 'F:\Bharath\Project Materials\App1\App1\App1.Android\App1.Android.csproj'
Xamarin.VisualStudio.ProjectFixerRunner|Information|0|running fixup on project 'F:\Bharath\Project Materials\App1\App1\App1.iOS\App1.iOS.csproj'
Xamarin.VisualStudio.Android.ContinuousPlayerDeviceProvider|Information|0|Start()
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Server State transition from DisconnectedState to ConfiguringState on 192.168.XXX.XX (192.168.XXX.XX)
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Checking host configuration for connecting to '192.168.XXX.XX'...
Xamarin.Messaging.Ssh.SshCommandRunner|Warning|0|Failed to execute 'grep "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJ0uNVUuKpZY5t3ea5q5JjTFn7AGfrSHeyDGJ0S83Plh05t4neDyk8jtt7WSqFM8FeY31i5N55FaYOnxwRvzcYJxo01PWuudNKtB6L4pk0PxN1cYTG8RqCLw0DM9GVL4cULgENsofpkxCu648qpIbbXl+Bwj7ScP8JV8b9vMFART59iWYlF1iuzFoLt4NE3uX24m7R/W2G9ypxDRHRB5YAAeVXPm9j5BlHzLHaCmIQezJr7T/d0PEr/09IV1CrQ56Q11RPMH7YHXILzHKhmYO+gwEUrgwvYo68/9P7E3nbzCVEikOHIdxAYHjd59Ma7y/u2iicEjfzwXXoMbkhuyZB GD#GD-MacBook-Pro.local" /Users/GD/.ssh/authorized_keys': ExitStatus = 1
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Checking host configuration for connecting to '192.168.XXX.XX'...
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Server State transition from ConfiguringState to ConfiguredState on 192.168.XXX.XX (192.168.XXX.XX)
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Host '192.168.XXX.XX' is configured correctly
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Server State transition from ConfiguredState to ConnectingState on 192.168.XXX.XX (192.168.XXX.XX)
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Starting connection to '192.168.XXX.XX'...
Xamarin.Messaging.Ssh.MessagingService|Information|0|Starting connection to 192.168.XXX.XX...
Xamarin.Messaging.Integration.State.ServerStateContext|Information|0|Starting connection to '192.168.XXX.XX'...
Xamarin.Messaging.Integration.State.ServerStateContext|Error|0|Unable to authenticate with SSH keys. Please try to log in with credentials first
Xamarin.Messaging.Ssh.Exceptions.MessagingAuthenticationException: Could not authenticate the user 'GD'R with SSH keys. Please check that both $HOME folder and ~/.ssh/authorized_keys have the appropiate permissions to use SSH. More details: Permission denied (publickey). ---> Renci.SshNet.Common.SshAuthenticationException: Permission denied (publickey).
at Renci.SshNet.ClientAuthentication.Authenticate(IConnectionInfoInternal connectionInfo, ISession session)
at Renci.SshNet.ConnectionInfo.Authenticate(ISession session, IServiceFactory serviceFactory)
at Renci.SshNet.Session.Connect()
at Renci.SshNet.BaseClient.Connect()
at Xamarin.Messaging.Ssh.SshMessagingConnection.ConnectSsh(Boolean forwardTcpPort) in C:\d\lanes\5409\fc93f3f5\source\xamarinvs\External\messaging\src\Xamarin.Messaging.Ssh\SshMessagingConnection.cs:line 138
at Xamarin.Messaging.Ssh.MessagingService.<ConnectAsync>d__66.MoveNext() in C:\d\lanes\5409\fc93f3f5\source\xamarinvs\External\messaging\src\Xamarin.Messaging.Ssh\MessagingService.cs:line 225
--- End of inner exception stack trace ---
Xamarin.Messaging.Ssh.SshMessagingConnection|Error|0|An unexpected error occurred with the current SSH Session
Renci.SshNet.Common.SshConnectionException: An established connection was aborted by the server.
at Renci.SshNet.Session.SocketRead(Int32 length, Byte[] buffer)
at Renci.SshNet.Session.ReceiveMessage()
at Renci.SshNet.Session.MessageListener()
You always have to open XCode after you have updated it. It the most case it will install additional components and sometimes you have to accept new terms.
How to MonetDB log settings.
I want to change the log level of "merovingian.log".
I want to output the ERROR and WARN the merovingian.log.
But now merovingian.log is outputting only MSG log.
2016-07-22 18:12:03 MSG merovingian[7825]: proxying client x.x.x.x:51609 for database 'test' to mapi:monetdb:///var/MonetDB/dbfarm/test/.mapi.sock?database=test
2016-07-22 18:12:03 MSG merovingian[7825]: target connection is on local UNIX domain socket, passing on filedescriptor instead of proxying
OS is "CentOS 6.4",
MonetDB version is "MonetDB-11.19.7".
Any advice how to solve this problem?
No fine-tuning is provided in where log information ends up.
Our sonarqube server is behind http basic authentication and local runner fails with 401 error. Is it somehow possible to provide credentials to it? AOfficial docs shows how to provide sonarqube's internal user...
UPD #1:
sonarqube: v5.3,
sonar-runner: v2.5
Debug log of runner:
INFO: Scanner configuration file: /Users/user/Documents/Projects/Project1/sonar-scanner-2.5/conf/sonar-runner.properties
INFO: Project configuration file: /Users/user/Documents/Projects/Project1/sonar-project.properties
INFO: SonarQube Scanner 2.5
INFO: Java 1.8.0_45 Oracle Corporation (64-bit)
INFO: Mac OS X 10.11.3 x86_64
INFO: Error stacktraces are turned on.
DEBUG: cache: /Users/user/.sonar/ws_cache/https%3A%2F%2Fexample.com%2Fsonar%2F/global
INFO: User cache: /Users/user/.sonar/cache
DEBUG: Extract sonar-runner-batch in temp...
DEBUG: Get bootstrap index...
DEBUG: Download: https://example.com/sonar/batch_bootstrap/index
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 1.171s
INFO: Final Memory: 5M/245M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
org.sonar.runner.impl.RunnerException: Unable to execute SonarQube
at org.sonar.runner.impl.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:100)
at org.sonar.runner.impl.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:87)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonar.runner.impl.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:87)
at org.sonar.runner.impl.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:83)
at org.sonar.runner.api.EmbeddedRunner.doStart(EmbeddedRunner.java:249)
at org.sonar.runner.api.EmbeddedRunner.start(EmbeddedRunner.java:187)
at org.sonar.runner.api.EmbeddedRunner.start(EmbeddedRunner.java:182)
at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:66)
Caused by: java.lang.IllegalStateException: Fail to download libraries from server
at org.sonar.runner.impl.Jars.downloadFiles(Jars.java:93)
at org.sonar.runner.impl.Jars.download(Jars.java:70)
at org.sonar.runner.impl.JarDownloader.download(JarDownloader.java:40)
at org.sonar.runner.impl.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:91)
... 9 more
Caused by: java.lang.IllegalStateException: Status returned by url [https://example.com/sonar/batch_bootstrap/index] is not valid: [401]
at org.sonar.runner.impl.ServerConnection.callUrl(ServerConnection.java:186)
at org.sonar.runner.impl.ServerConnection.downloadString(ServerConnection.java:121)
at org.sonar.runner.impl.ServerConnection.tryServerFirst(ServerConnection.java:148)
at org.sonar.runner.impl.ServerConnection.download(ServerConnection.java:112)
at org.sonar.runner.impl.Jars.downloadFiles(Jars.java:78)
... 12 more
No it doesn't look like sonar-runner supports proxy authentication. SonarQube has built-in access control so I'm not sure why you'd need proxy authentication on top of that. Maybe you could disable proxy authentication for SonarQube's URL.
The sonar-runner, even if configured with credentials, does not use these to make it's first call to the server. The endpoint is /batch/index. You have to allow public access to that endpoint. For all other urls basic auth is fine.
More details about my working setup in my answer here: https://stackoverflow.com/a/60132667/1838233
I've tried that setup with the runner and a sonar-project.properties file containing:
sonar.host.url=https://myserver/sonar/
sonar.login=${env.SONARUSER}
sonar.password=${env.SONARPWD}
and could access Sonar behind Apache basic auth that way.
I have been looking for this too and failed to find any options to allow this. One use case I can think of for needing this is you have the sonar client running on the far end of a GCP IAP away from the sonar server. You'd need to have the client pass through the initial proxy to get to the sonar server. Even if the sonar server supports this auth natively you need some way for the client to pass an auth header.
This is for scenarios where you either don't trust sonar or you don't trust the deployment of sonar by some novice, but you do trust a zero-trust protected proxy by gcp's platform
I follow the basic installation tutorial on for the mean stack on OS X.
MongoDB is running and all dependencies are believed to be installed.
During init of my first app, the script fails when asking for the admin user password (it fails before I am allowed to input anything as my admin password):
$ mean init myApp
? What would you name your mean app? myApp
? The Mean project is currently in developer preview. To help improve the -
quality of this product, we collect anonymized data on how the mean-cli is used -
You may choose to opt out of this collection now (by choosing 'N' at the below prompt)
or at any time in the future by running the following command:
mean disable user-reporting
Do you want to help us improve the mean network (Y/n)? Y
? Please provide your email so we can create your first admin user: joe#doe.com
? Please provide your username so we can create your first admin user: admin
Cloning branch: master into destination folder: myApp
git clone --depth 1 -bmaster https://github.com/linnovate/mean.git "myApp"
Cloning into 'myApp'...
##############################################################
#
# !!! MONGOOSE WARNING !!!
#
# This is an UNSTABLE release of Mongoose.
# Unstable releases are available for preview/testing only.
# DO NOT run this in production.
#
##############################################################
DB connection successful!
Please provide password so we can create your first admin user
prompt: password: /usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/connection/base.js:246
throw message;
^
TypeError: Cannot read property 'length' of undefined
at processResults (/usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/db.js:1581:31)
at /usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/db.js:1619:20
at /usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/db.js:1157:7
at /usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/db.js:1890:9
at Server.Base._callHandler (/usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/connection/base.js:448:41)
at /usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/connection/server.js:481:18
at MongoReply.parseBody (/usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/responses/mongo_reply.js:68:5)
at null.<anonymous> (/usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/connection/server.js:439:20)
at emit (events.js:107:17)
at null.<anonymous> (/usr/local/lib/node_modules/mean-cli/node_modules/mongoose/node_modules/mongodb/lib/mongodb/connection/connection_pool.js:201:13)
I am able to create users manually in the resulting app folder.
But the resulting application seems to be incomplete and I cannot start it.
$ mean user joe#doe.com --addRole admin;
Adding role `admin` to user `joe#doe.com`
##############################################################
#
# !!! MONGOOSE WARNING !!!
#
# This is an UNSTABLE release of Mongoose.
# Unstable releases are available for preview/testing only.
# DO NOT run this in production.
#
##############################################################
DB connection successful!
successfully updated
You need to install mongo database.
http://www.liquidweb.com/kb/how-to-install-mongodb-on-ubuntu-14-04/
I'm having a setup where I run JBehave tests during a Maven build.
Test steps include sending requests to a web service with the SoapUI Java classes.
Everything is working fine, testwise. My problem is that the SoapUI part of the progress seems to overwrite the log4j settings so that subsequent log calls doesn't get printed to console (nor files).
I've tried the workaround where I call
ClassLoader loader = this.getClass().getClassLoader();
URL resource = loader.getResource("log4j.xml");
PropertyConfigurator.configure(resource);
to try to reset the configuration to my original one, but no success so far.
Log4j (1.2) and SoapUI (4.5.1) uses plain settings in pom. The logger is created as
protected final Log log = LogFactory.getLog(getClass());
The console output I get follows:
pool-1-thread-1 16:36:08,212 DEBUG ästeps.LoginSteps:25 - logging in user: testfir
pool-1-thread-1 16:36:08,213 DEBUG äpages.LoginPage:26 - Create LoginPage
pool-1-thread-1 16:36:08,985 DEBUG äpages.LoginPage:38 - login user: testfir
pool-1-thread-1 16:36:10,343 DEBUG äpages.WorkspacePage:36 - creating WorkspacePage
Givet user testfir has logged in
16:36:11,634 WARN [SoapUI] Missing folder [D:\proj\src\test\functional-tests\.\ext] for external libraries
16:36:11,809 INFO [DefaultSoapUICore] initialized soapui-settings from [C:\Users\xxx\soapui-settings.xml]
16:36:12,176 INFO [WsdlProject] Loaded project from [file:/D:/proj/src/test/functional-tests/src/test/resources/ReceiveCase-soapui.xml]
16:36:12,640 DEBUG [HttpClientSupport$SoapUIHttpClient] Attempt 1 to execute request
16:36:12,640 DEBUG [SoapUIMultiThreadedHttpConnectionManager$SoapUIDefaultClientConnection] Sending request: POST /soa-infra/services/default/ReceiveCases/ReceiveCase_v1_0_ep HTTP/1.1
16:36:13,841 DEBUG [SoapUIMultiThreadedHttpConnectionManager$SoapUIDefaultClientConnection] Receiving response: HTTP/1.1 200 OK
16:36:13,842 DEBUG [HttpClientSupport$SoapUIHttpClient] Connection can be kept alive indefinitely
And a case exists
When case is choosen
16:36:46,832 DEBUG [SoapUIMultiThreadedHttpConnectionManager$SoapUIDefaultClientConnection] Connection closed
Then the details are displyed
And I'm expecting a log output with
Setting case Id to: 123456
in the same manner as "Create login page".
Can't understand why this is and what to do to get my log entries to show up. Any ideas out there?
Best regards, Christian
Managed to find the root of the problem.
It was Maven that distorted the file encoding. Adding
<configuration>
<encoding>UTF-8</encoding>
<inputEncoding>UTF-8</inputEncoding>
<outputEncoding>UTF-8</outputEncoding>
<argLine>-Dfile.encoding=UTF-8</argLine>
</configuration>
to the maven-surefire-plugin part in pom file solved my issue.
/Cheers