Spring Boot Gateway app throwing UnknownHostExceptions accessing a registered host - spring

I am attempting to use Spring Cloud Gateway to access a working website.
My application.yml file is below:
server:
port: 8010
spring:
cloud:
gateway:
routes:
- id: f3ww
uri: http://testsite:8080
predicates:
Path=/factor3/**
discovery:
enabled: true
This is a simple test gateway, so I am only seeking to access the uri thrugh the path I have defined.
It should be noted that the domain "testsite" is registered on my DNS server. It is in my Intranet, and I can access it without problems.
I am, however, seeing a problem with the Gateway. While I can access the target site by doing:
http://testsite:8080
Attempts to access it using the Gateway:
http://localhost:8010/factor3
causes Spring Boot to generate the following exception:
java.net.UnknownHostException: failed to resolve 'testsite' after 4 queries
at io.netty.resolver.dns.DnsResolveContext.finishResolve(DnsResolveContext.java:1046) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Error has been observed at the following site(s):
|_ checkpoint ⇢ org.springframework.cloud.gateway.filter.WeightCalculatorWebFilter [DefaultWebFilterChain]
|_ checkpoint ⇢ HTTP GET "/testsite" [ExceptionHandlingWebHandler]
Stack trace:
at io.netty.resolver.dns.DnsResolveContext.finishResolve(DnsResolveContext.java:1046) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsResolveContext.tryToFinishResolve(DnsResolveContext.java:999) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsResolveContext.query(DnsResolveContext.java:417) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsResolveContext.onResponse(DnsResolveContext.java:628) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsResolveContext.access$400(DnsResolveContext.java:65) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsResolveContext$2.operationComplete(DnsResolveContext.java:461) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:578) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:571) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:550) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:491) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:616) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.setSuccess0(DefaultPromise.java:605) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.DefaultPromise.trySuccess(DefaultPromise.java:104) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsQueryContext.trySuccess(DnsQueryContext.java:201) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsQueryContext.finish(DnsQueryContext.java:193) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.resolver.dns.DnsNameResolver$DnsResponseHandler.channelRead(DnsNameResolver.java:1301) ~[netty-resolver-dns-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:103) ~[netty-codec-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.nio.AbstractNioMessageChannel$NioMessageUnsafe.read(AbstractNioMessageChannel.java:97) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) ~[netty-transport-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.67.Final.jar:4.1.67.Final]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
It is my understanding that enabling discovery should cause the application to do a DNS lookup. This does not appear to be happening. Is this a bug in the Spring Cloud Gateway, or am I missing something?

Related

Spring Boot Microservice zuul Forwarding error

I have created micro service using spring boot and implment zuul proxy so when I call url via zuul proxy and somehow my service is down I get com.netflix.zuul.exception.ZuulException
com.netflix.zuul.exception.ZuulException: Forwarding error at
org.springframework.cloud.netflix.zuul.filters.route.RibbonRoutingFilter.handleException(RibbonRoutingFilter.java:198)
~[spring-cloud-netflix-zuul-2.2.1.RELEASE.jar:2.2.1.RELEASE] at
org.springframework.cloud.netflix.zuul.filters.route.RibbonRoutingFilter.forward(RibbonRoutingFilter.java:173)
~[spring-cloud-netflix-zuul-2.2.1.RELEASE.jar:2.2.1.RELEASE] at
org.springframework.cloud.netflix.zuul.filters.route.RibbonRoutingFilter.run(RibbonRoutingFilter.java:119)
~[spring-cloud-netflix-zuul-2.2.1.RELEASE.jar:2.2.1.RELEASE] at
com.netflix.zuul.ZuulFilter.runFilter(ZuulFilter.java:117)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.FilterProcessor.processZuulFilter(FilterProcessor.java:193)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.FilterProcessor.runFilters(FilterProcessor.java:157)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.FilterProcessor.route(FilterProcessor.java:118)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.ZuulRunner.route(ZuulRunner.java:96)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.http.ZuulServlet.route(ZuulServlet.java:116)
~[zuul-core-1.3.1.jar:1.3.1] at
com.netflix.zuul.http.ZuulServlet.service(ZuulServlet.java:81)
~[zuul-core-1.3.1.jar:1.3.1] at
org.springframework.web.servlet.mvc.ServletWrappingController.handleRequestInternal(ServletWrappingController.java:166)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
org.springframework.cloud.netflix.zuul.web.ZuulController.handleRequest(ZuulController.java:45)
[spring-cloud-netflix-zuul-2.2.1.RELEASE.jar:2.2.1.RELEASE] at
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:52)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
[tomcat-embed-core-9.0.31.jar:9.0.31] at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
[spring-webmvc-5.2.4.RELEASE.jar:5.2.4.RELEASE] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
[tomcat-embed-core-9.0.31.jar:9.0.31]

Zuul API gateway has been deprecated and now in maintenance mode. so it not recommended to use it.
You should use latest Spring Cloud Gatway in your project. if you want to use gateway
learn more about spring cloud gateway here :https://www.baeldung.com/spring-cloud-gateway

No buffer space available (maximum connections reached?) issue when triggering external Rest API using Camel and netty-http

I am using Camel and netty-http to consume the external rest api's of azure.
I have configured camel-cron to run my api 3 hours once, which will trigger azure api to pull all the builds and then for each of the build it will trigger subsequent azure rest api to get further details.
I have implemented this on top of Spring boot and deployed into Tomcat server.
It works well for 2 days then the below error is getting occur while triggering the external rest-api,
Reason: java.lang.IllegalStateException: failed to create a child event loop
at org.apache.camel.support.cache.DefaultProducerCache.acquireProducer(DefaultProducerCache.java:155)
at org.apache.camel.support.cache.DefaultProducerCache.doInAsyncProducer(DefaultProducerCache.java:283)
at org.apache.camel.processor.SendDynamicProcessor.process(SendDynamicProcessor.java:182)
at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:388)
at org.apache.camel.processor.Pipeline$PipelineTask.run(Pipeline.java:107)
at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:181)
at org.apache.camel.impl.engine.DefaultReactiveExecutor.schedule(DefaultReactiveExecutor.java:57)
at org.apache.camel.impl.engine.CamelInternalProcessor$AsyncAfterTask.done(CamelInternalProcessor.java:264)
at org.apache.camel.support.cache.DefaultProducerCache.lambda$doInAsyncProducer$4(DefaultProducerCache.java:329)
at org.apache.camel.processor.SendDynamicProcessor$1.done(SendDynamicProcessor.java:213)
at org.apache.camel.component.netty.http.NettyHttpProducer$NettyHttpProducerCallback.done(NettyHttpProducer.java:175)
at org.apache.camel.component.netty.NettyProducer$NettyProducerCallback.done(NettyProducer.java:571)
at org.apache.camel.component.netty.NettyCamelState.callbackDoneOnce(NettyCamelState.java:55)
at org.apache.camel.component.netty.handlers.ClientChannelHandler.channelRead0(ClientChannelHandler.java:223)
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:103)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:103)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436)
at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:324)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:296)
at io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:251)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1533)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:501)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:440)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.IllegalStateException: failed to create a child event loop
at io.netty.util.concurrent.MultithreadEventExecutorGroup.<init>(MultithreadEventExecutorGroup.java:88)
at io.netty.util.concurrent.MultithreadEventExecutorGroup.<init>(MultithreadEventExecutorGroup.java:58)
at io.netty.util.concurrent.MultithreadEventExecutorGroup.<init>(MultithreadEventExecutorGroup.java:47)
at io.netty.channel.MultithreadEventLoopGroup.<init>(MultithreadEventLoopGroup.java:59)
at io.netty.channel.nio.NioEventLoopGroup.<init>(NioEventLoopGroup.java:86)
at io.netty.channel.nio.NioEventLoopGroup.<init>(NioEventLoopGroup.java:81)
at io.netty.channel.nio.NioEventLoopGroup.<init>(NioEventLoopGroup.java:68)
at org.apache.camel.component.netty.NettyWorkerPoolBuilder.build(NettyWorkerPoolBuilder.java:79)
at org.apache.camel.component.netty.NettyProducer.doStart(NettyProducer.java:137)
at org.apache.camel.support.service.BaseService.start(BaseService.java:115)
at org.apache.camel.support.service.ServiceHelper.startService(ServiceHelper.java:113)
at org.apache.camel.support.service.ServiceHelper.startService(ServiceHelper.java:130)
at org.apache.camel.component.rest.RestProducer.doStart(RestProducer.java:261)
at org.apache.camel.support.service.BaseService.start(BaseService.java:115)
at org.apache.camel.support.service.ServiceHelper.startService(ServiceHelper.java:113)
at org.apache.camel.impl.engine.AbstractCamelContext.internalAddService(AbstractCamelContext.java:1476)
at org.apache.camel.impl.engine.AbstractCamelContext.addService(AbstractCamelContext.java:1394)
at org.apache.camel.support.cache.ServicePool$SinglePool.acquire(ServicePool.java:210)
at org.apache.camel.support.cache.ServicePool$SinglePool.acquire(ServicePool.java:193)
at org.apache.camel.support.cache.ServicePool.acquire(ServicePool.java:109)
at org.apache.camel.support.cache.DefaultProducerCache.acquireProducer(DefaultProducerCache.java:126)
... 53 more
Caused by: io.netty.channel.ChannelException: failed to open a new selector
at io.netty.channel.nio.NioEventLoop.openSelector(NioEventLoop.java:175)
at io.netty.channel.nio.NioEventLoop.<init>(NioEventLoop.java:142)
at io.netty.channel.nio.NioEventLoopGroup.newChild(NioEventLoopGroup.java:146)
at io.netty.channel.nio.NioEventLoopGroup.newChild(NioEventLoopGroup.java:37)
at io.netty.util.concurrent.MultithreadEventExecutorGroup.<init>(MultithreadEventExecutorGroup.java:84)
... 73 more
Caused by: java.io.IOException: Unable to establish loopback connection
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:94)
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:61)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.nio.ch.PipeImpl.<init>(PipeImpl.java:171)
at java.base/sun.nio.ch.SelectorProviderImpl.openPipe(SelectorProviderImpl.java:50)
at java.base/java.nio.channels.Pipe.open(Pipe.java:155)
at java.base/sun.nio.ch.WindowsSelectorImpl.<init>(WindowsSelectorImpl.java:142)
at java.base/sun.nio.ch.WindowsSelectorProvider.openSelector(WindowsSelectorProvider.java:44)
at io.netty.channel.nio.NioEventLoop.openSelector(NioEventLoop.java:173)
... 77 more
Caused by: java.net.SocketException: No buffer space available (maximum connections reached?): connect
at java.base/sun.nio.ch.Net.connect0(Native Method)
at java.base/sun.nio.ch.Net.connect(Net.java:483)
at java.base/sun.nio.ch.Net.connect(Net.java:472)
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:694)
at java.base/java.nio.channels.SocketChannel.open(SocketChannel.java:194)
at java.base/sun.nio.ch.PipeImpl$Initializer$LoopbackConnector.run(PipeImpl.java:127)
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:76)
... 85 more
Later, I have added below code to close the connection after use
.process(exchange -> exchange.getMessage().setHeader(NettyConstants.NETTY_CLOSE_CHANNEL_WHEN_COMPLETE, true))
But still issue exists.
Since the above exception occurs only while triggering the external rest-api, Wanted to check on below 2 points,
Will Camel's netty-http closes the connection after triggering external rest-api?
While triggering the external rest-api, will it open new port every time?
Can someone please help on this. Thanks in advance.

invalid session in undertow using basic auth and stateless sessions

I have a grails 4 (based on spring boot) application that is experiencing sporadic failures. At this point I cannot find anything even pointing to what the problem may be, and hope that perhaps someone can assist.
The scenario where the error occurs is one application making a REST call to another. These are all made with a common username and password provided via basic authentication. At some point after the application has been running successfully (> 12 hours in most cases seen so far) these calls begin to fail with this error:
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.IllegalStateException: UT000010: Session is invalid XVBnzVaxVhijSIz2xk_Tl5fqsJD9n30ggd_614iF
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:209)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:251)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:186)
at io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:501)
at io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:427)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:308)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:376)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.IllegalStateException: UT000010: Session is invalid XVBnzVaxVhijSIz2xk_Tl5fqsJD9n30ggd_614iF
at io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:512)
at io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122)
at org.springframework.web.servlet.support.SessionFlashMapManager.retrieveFlashMaps(SessionFlashMapManager.java:49)
at org.springframework.web.servlet.support.AbstractFlashMapManager.retrieveAndUpdate(AbstractFlashMapManager.java:94)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:934)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
Calls to the same endpoint with the same basic authentication from Postman succeed.
For these calls, security is configured as such:
http
.headers().frameOptions().sameOrigin().and()
.csrf().disable()
.requestMatcher(basicAuthMatcher)
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
The parts that are suspicious to me are that the stack trace is coming out of SessionFlashMapManager. To my understanding there should be no session. There certainly is none that I intend to use.
Has anyone seen errors like this before, or have suggestions for how to diagnose it?

Keycloak identity brokering (to Azure AD) blocked by corporate proxy on authorization_code exchange

I have AzureAD as external OIDC provider registered at Keycloak. Keycloak redirects client authorization requests to AzureAD for providing the authorization. Keycloak is running on my workstation behind a corporate proxy, the corresponding Azure AD is hosted in the public internet. I'm able to connect to Azure AD with Postman from my local workstation.
The authorization via AzureAD works as expected (The user is prompted to put in her/his credentials and accept the consent). After successful authorization AzureAD responds with an authorization_code to the defined Keycloak return-url:
http://localhost:5000/auth/realms/lsp-api/broker/ms-azure-ad/endpoint?code=AQABAAIAAADX8GCi6Js6SK82TsD2Pb7rL__pDRDcKAqDqyTeTdzmbC9n3kcz5flc0q7zDRbK-WVLUpcUU65tWSh9C-opFiwtMZOACwGLQDgh4y4ScLW-dUGN7g3Ad3_aBqK-uHPgS3uKM1OlAIeSw3NSl1DMTKhH7SGQRGITP6ARIrCL9snqNRDUbHvhfKVlLMxmJTUk0bKDIT3PzM4nBSd1NwdXc9VZ9cCFnRMjlKfpRUx3guo-58tgSL5Vsaf8TvKg8B5TSYbiDzS49epFsU0Eg_PBs1JU4Q-8vOrN_wlV1zs1IUDYbUv8EdlMdqJkaT-nBTv-4Ab2Jf3X39u4m666kvcWmezGJ-NkjPqaOSK6eglWJfjW_z9-vHFQl6F9JxdCIlGbolyZyUpo0-a0LlnVVg2gyl1wJEOSnv5RvhmTZOqa1qWxZNsyG15JeQBkcK-J0XzWmn8CaeqzsJwFlNwkpzK_XaZW-KIsWayZ0Rz2HdDYh3Mre2I4uRmDyoQLiP60lYDaYowZZ11jSBy_87vFL2alK-5sGyUajs6kODfsoSlEGHhWJeHMiC2-jYm0gMNTQIvUMYpLJRpgKX6v3n-E3Q7ZlYD_VAWOnDZBCR5iaTsUOxuXN6CiC4p01N47c4QG4Y8A9lTbVXDvVcxSBz8H7uM5DfawFGUKpSCobI9V1XKnyw1R8UXTObqmEq8gA4jBzaRZb89qAnlZ6X-w39LbLWE7MUlL0Ok8LP-7omQlVei6AdEMfrIaHNIBUFimHLgKjiqcG2ogAA&state=FevrPXHHXkICQjFEYJ_3ZyvfZ2Y9E6iM5foCcOvk5C8.jXAAgdz4mnA.lsp-api&session_state=8cb0539a-b775-4de6-b334-5cb24caeb685
This response is sent with the status code 502, Bad Gateway. Furthermore the error-msg "Unexpected error when authenticating with Identity Provider" is displayed.
I already tried to send the returned authorization_code manually to the AzureAD /token endpoint and I received the access_token and the id_token back. So the problem seems to be the response-handling on the Keycloak-side.
Expected behavior would have been:
AzureAD responds to Keycloak with the authorization_code
Keycloak is able to exchange the authorization_code for an access_token (mb. in addition an id_token)
What does not work:
Keycloak is not able to exchange the authorization_code for an access_token, but throws the "Unexpected error when authenticating with Identity Provider" error-message.
Keycloak setup:
Keycloak Version: 4.1.0.Final
The AzureAD Reply-URL is set to http://localhost:5000/auth/realms/lsp-api/broker/ms-azure-ad/endpoint .
Edit
I did some more research and found out that this is probably a corporate proxy issue. The proxy is situated between Keycloak (running on my machines localhost) and AzureAD. So how do I set the proxy for Keycloaks Identity Brokering? The relevant Keycloak logs:
org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-122) Failed to make identity provider oauth callback: org.apache.http.conn.HttpHostConnectException: Connect to login.microsoftonline.com:443 [login.microsoftonline.com/40.112.64.25, login.microsoftonline.com/104.41.216.18, login.microsoftonline.com/104.41.216.16] failed: Connection refused: connect
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:158)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
at org.keycloak.broker.provider.util.SimpleHttp.makeRequest(SimpleHttp.java:185)
at org.keycloak.broker.provider.util.SimpleHttp.asResponse(SimpleHttp.java:154)
at org.keycloak.broker.provider.util.SimpleHttp.asString(SimpleHttp.java:146)
at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$Endpoint.authResponse(AbstractOAuth2IdentityProvider.java:405)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:406)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:213)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:337)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
... 74 more

This exception means that there is no service listening on the IP/port you are trying to connect to:
You are trying to connect to the wrong IP/port.
You have not started your server.
Your server is not listening for connections.
On Windows servers, the listen backlog queue is full.
You can try to replace the localhost with your IP address. Also do ensure there's no firewall blocking the connection.

You should be able to set proxy for JVM like
-Dhttp.proxyHost=proxy.example.com -Dhttp.proxyPort=3128

SoapUI HTTP Monitor fails to record requests

I try to use SoapUI 5.0.0 to record HTTP requests from browser.
I got this error when I try to access a non SSL secured site:
HTTP ERROR 500
Problem accessing /. Reason:
INTERNAL_SERVER_ERROR
Caused by:
java.lang.NullPointerException at
com.eviware.soapui.impl.wsdl.submit.AbstractMessageExchange.(AbstractMessageExchange.java:33)
at
com.eviware.soapui.impl.wsdl.submit.AbstractWsdlMessageExchange.(AbstractWsdlMessageExchange.java:36)
at
com.eviware.soapui.impl.wsdl.monitor.WsdlMonitorMessageExchange.(WsdlMonitorMessageExchange.java:28)
at
com.eviware.soapui.impl.wsdl.monitor.JProxyServletWsdlMonitorMessageExchange.(JProxyServletWsdlMonitorMessageExchange.java:86)
at
com.eviware.soapui.impl.wsdl.monitor.jettyproxy.ProxyServlet.service(ProxyServlet.java:155)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:401)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326) at
com.eviware.soapui.impl.wsdl.monitor.jettyproxy.JettyServer.handle(JettyServer.java:76)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:928)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
If a site uses HTTPS I see browser error message:
Secure Connection Failed
I added cacerts file from $SOAPUI_HOME/jre/lib/security to SSL settings, but it doesn't work. I added flag -Djsse.enableSNIExtension=false to $SOAPUI_HOME/bin/soapui.bat file too, but has same effect, couldn't server and record HTTPS requests.

Resources