I am unable to read secrets with vault when I upgrade spring version from 2.0.3.RELEASE to 2.3.5.RELEASE
It works fine with 2.0.3.RELEASE (with secret path, secret/data/{app-name}), but with 2.3.5.RELEASE, path is changed to secret/data/data/{app-name} which is causing 403.
LeaseAwareVaultPropertySource : Vault location [secret/data/{app-name}]
not resolvable: Status 403 Forbidden [secret/data/data/{app-name}]: 1 error occurred: * permission denied
HttpClientErrorException$Forbidden: 403 Forbidden: [{"errors":["1 error occurred:\n\t* permission denied\n\n"]}
]
org.springframework.vault.VaultException: Status 403 Forbidden [secret/data/data/{app-name}]: 1 error occurred:
* permission denied; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden:
[{"errors":["1 error occurred:\n\t* permission denied\n\n"]}
]
Related
3 out of 4 connections fails while trying to validate the receipt using apple sandbox URL.Is anyone experiencing the same issue?
https://sandbox.itunes.apple.com/verifyReceipt
Connection 3: encountered error(3:-9816)
2020-04-03 20:30:18.834825+0530 App[6312:266644] Task <AD18FA15-D34F-4428-BD0A-107AAAAAF555>.<1> HTTP load failed, 0/0 bytes (error code: -1200 [3:-9816])
the upload task returned an error: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9816, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x600000cac660 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9816, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9816}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://sandbox.itunes.apple.com/verifyReceipt, NSErrorFailingURLStringKey=https://sandbox.itunes.apple.com/verifyReceipt, _kCFStreamErrorDomainKey=3}
I'm using mvnw to run the jhispter application by ./mvnw,
when i tried to run it, it is showing issue as
Exception in thread "main" java.io.IOException: Server returned HTTP
response code: 403 for URL:
https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.5.4/apache-maven-3.5.4-bin.zip
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1894)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
at
org.apache.maven.wrapper.DefaultDownloader.downloadInternal(DefaultDownloader.java:73)
at
org.apache.maven.wrapper.DefaultDownloader.download(DefaultDownloader.java:60)
at org.apache.maven.wrapper.Installer.createDist(Installer.java:64)
at
org.apache.maven.wrapper.WrapperExecutor.execute(WrapperExecutor.java:121)
at
org.apache.maven.wrapper.MavenWrapperMain.main(MavenWrapperMain.java:55)
I'm using corporate proxy and proxy settings are defined in .mvn/jvm.config
I've configured grails ldap plugin as follows in application.yml and added dependencies of spring security core and ldap in build.gradle.
grails:
plugin:
springsecurity:
providerNames: ['ldapAuthProvider', 'anonymousAuthenticationProvider']
ldap:
context:
managerDn: "CN=ldapreader_website,CN=Users,DC=corp,DC=domain,DC=com"
managerPassword: '[secret]'
server: 'ldap://mydomain.com:389/'
authorities:
groupSearchBase: '[CN=Users,DC=corp,DC=domain,DC=com]'
groupSearchFilter: 'member={0}'
search:
base: '[CN=Users,DC=corp,DC=domain,DC=com]'
filter: '(&(objectCategory=user)(sAMAccountName={0}))'
But when I try to login getting error message as:
Caused by: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9,
comment: AcceptSecurityContext error, data 52e, v1d
eption is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9,
comment: AcceptSecurityContext error, data 52e, v1db1 ]
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:191)
Can anyone help me in this issue.
Error code 49/52e seems to indicate invalid credentials, reference here
Indicates an Active Directory (AD) AcceptSecurityContext error, which is returned when the username is valid but the combination of password and user credential is invalid. This is the AD equivalent of LDAP error code 49.
I have tried to create database in hive using java.
But I got this error while running the code:
Exception in thread "main" java.sql.SQLException: Error while
processing statement: FAILED: Execution Error, return code 1 from
org.apache.hadoop.hive.ql.exec.DDLTask. MetaException(message:Got
exception: org.apache.hadoop.security.AccessControlException
Permission denied: user=hive, access=WRITE,
inode="/user/hive/warehouse/sampledb.db":root:supergroup:drwxr-xr-x
I have given read an write privileges to the folder /user/hive/warehouse/. Still I am getting this error. Any remedies???
Having trouble resolving gradle dependencies. This worked previously. Is there any reason why it would be Unauthorized other than a config problem on Spring's side?
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-snapshot/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-milestone/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-release/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-snapshot/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-milestone/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-release/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Looks like a config issue on Spring's side. If you look at the error you get in a browser
This request requires HTTP authentication (User anonymous is not
permitted to deploy 'mysql/mysql-connector-java/5.1.20/COPYING' into
'repo1-cache:mysql/mysql-connector-java/5.1.20/COPYING'.).
there is some caching (into repo1-cache) or something that's failing.