Having trouble resolving gradle dependencies. This worked previously. Is there any reason why it would be Unauthorized other than a config problem on Spring's side?
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-snapshot/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-milestone/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-release/mysql/mysql-connector-java/5.1.20/mysql-connector-java-5.1.20.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-snapshot/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-milestone/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Unauthorized: http://repo.springsource.org/libs-release/org/apache/tiles/tiles-request-servlet-wildcard/1.0.2/tiles-request-servlet-wildcard-1.0.2.pom]
Looks like a config issue on Spring's side. If you look at the error you get in a browser
This request requires HTTP authentication (User anonymous is not
permitted to deploy 'mysql/mysql-connector-java/5.1.20/COPYING' into
'repo1-cache:mysql/mysql-connector-java/5.1.20/COPYING'.).
there is some caching (into repo1-cache) or something that's failing.
Related
I'm using the following code to upgrade https connection websocket connection receiving 403 error.
https to ws upgrade
Configuration:
match:
safe_regex:
google_re2: {}
regex: "/api/1/(web|rest)/ws.*"
upgrade_configs:
- upgrade_type: websocket
Access logs shows as upgrade_failed with 403 code and debug logs shows the following
':authority', 'localhost'
':path', '/api/1/rest/ws'
':method', 'GET'
'sec-websocket-version', '13'
'sec-websocket-key', 'winoU3MVKB9q2s02lVj7ug=='
'connection', 'Upgrade'
'upgrade', 'websocket'
'sec-websocket-extensions', 'permessage-deflate; client_max_window_bits'
[2022-11-01 15:48:09.757][21026][debug][http] [external/envoy/source/common/http/filter_manager.cc:883] [C2183][S8415942046573715112] Sending local reply with details upgrade_failed
[2022-11-01 15:48:09.757][21026][debug][http] [external/envoy/source/common/http/conn_manager_impl.cc:1400] [C2183][S8415942046573715112] closing connection due to connection close header
[2022-11-01 15:48:09.757][21026][debug][http] [external/envoy/source/common/http/conn_manager_impl.cc:1455] [C2183][S8415942046573715112] encoding headers via codec (end_stream=true):
':status', '403'
'date', 'Tue, 01 Nov 2022 15:48:09 GMT'
'server', 'envoy'
'connection', 'close'
Any insights what might be the issue.
The other day I made a silly mistake when modifying some IAM policies on our terraform environment, I applied a change where I wanted to ADD a policy, when in fact it took this as the ONLY policy to exist so wiped out some of the vital IAM policies for service accounts to run GKE etc. Not my best day to say the least (an lesson learnt!).
Everything has been put back to normal manually for now, as the service account permissions were never set via TF anyway - they're the sort of permissions that are applied when enabling APIs on GCP so its done by them in the background. Our GKE cluster can now be managed again and can autoscale etc.
However, now when I run our terraform plan I receive a 500 error on a resource that was never previously a problem (redacted sensivite info):
2021-09-09T18:47:50.794Z [INFO] provider.terraform-provider-google-beta_v3.60.0_x5: 2021/09/09 18:47:50 [DEBUG] Retry Transport: Finished waiting 4s before next retry: timestamp=2021-09-09T18:47:50.794Z
2021-09-09T18:47:50.794Z [INFO] provider.terraform-provider-google-beta_v3.60.0_x5: 2021/09/09 18:47:50 [DEBUG] Retry Transport: request attempt 5: timestamp=2021-09-09T18:47:50.794Z
2021-09-09T18:47:50.794Z [INFO] provider.terraform-provider-google-beta_v3.60.0_x5: 2021/09/09 18:47:50 [DEBUG] Google API Request Details:
---[ REQUEST ]---------------------------------------
GET /v1/services/servicenetworking.googleapis.com/connections?alt=json&network=projects%2F411211291013%2Fglobal%2Fnetworks%2F**********&prettyPrint=false HTTP/1.1
Host: servicenetworking.googleapis.com
User-Agent: google-api-go-client/0.5 Terraform/1.0.6 (+https://www.terraform.io) Terraform-Plugin-SDK/2.4.4 terraform-provider-google-beta/dev
X-Goog-Api-Client: gl-go/1.14.5 gdcl/20210211
Accept-Encoding: gzip
-----------------------------------------------------: timestamp=2021-09-09T18:47:50.794Z
2021-09-09T18:47:51.601Z [INFO] provider.terraform-provider-google-beta_v3.60.0_x5: 2021/09/09 18:47:51 [DEBUG] Google API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 500 Internal Server Error
Cache-Control: private
Content-Type: application/json; charset=UTF-8
Date: Thu, 09 Sep 2021 18:47:51 GMT
Server: ESF
Vary: Origin
Vary: X-Origin
Vary: Referer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 0
{
"error": {
"code": 500,
"message": "An internal exception occurred.,
"errors": [
{
"message": "An internal exception occurred.\nHelp Token: Ae-hA1PlQyCLBCgXD3Lle******************************************vhHU8zy1z9h",
"domain": "global",
"reason": "backendError"
}
],
"status": "INTERNAL"
}
}
│ Error: googleapi: Error 500: An internal exception occurred.
│ Help Token: Ae-hA1ONdq************************************m0k, backendError
│
│ with google_service_networking_connection.private_vpc_connection,
│ on vpc.tf line 81, in resource "google_service_networking_connection" "private_vpc_connection":
│ 81: resource "google_service_networking_connection" "private_vpc_connection"
Has anyone had similar happen before? Things I've tried so far:
I've triple checked all permissions are now as they were
I can successfully get/list the details of service_networking peering as my account manually as well as the terraform service account that runs the plan
Service networking peering is showing fine in the console
Update: This was due to a missing permission on the servicenetworking API. The default service account created needed roles/servicenetworking.serviceAgent permission again after it had been wiped.
More details here
I am unable to read secrets with vault when I upgrade spring version from 2.0.3.RELEASE to 2.3.5.RELEASE
It works fine with 2.0.3.RELEASE (with secret path, secret/data/{app-name}), but with 2.3.5.RELEASE, path is changed to secret/data/data/{app-name} which is causing 403.
LeaseAwareVaultPropertySource : Vault location [secret/data/{app-name}]
not resolvable: Status 403 Forbidden [secret/data/data/{app-name}]: 1 error occurred: * permission denied
HttpClientErrorException$Forbidden: 403 Forbidden: [{"errors":["1 error occurred:\n\t* permission denied\n\n"]}
]
org.springframework.vault.VaultException: Status 403 Forbidden [secret/data/data/{app-name}]: 1 error occurred:
* permission denied; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden:
[{"errors":["1 error occurred:\n\t* permission denied\n\n"]}
]
This is package form Client (browser):
...
Content-type: multipart/form-data; boundary=----WebkitFormBoundaryxxx
...
This is package that is received from server:
...
Content-type: multipart/form-data
...
This is error log from server:
org.apache.commons.fileupload.FileUploadException: the request was rejected because no multipart boundary was found
Can anyone help me how to fix this. Thank you!
I have a JMeter test with the following configuration:
Thread Name: Thread Group 1-1
Sample Start: 2017-08-18 12:45:02 IST
Load time: 304
Connect Time: 0
Latency: 304
Size in bytes: 209
Headers size in bytes: 206
Body size in bytes: 3
Sample Count: 1
Error Count: 1
Data type ("text"|"bin"|""): text
Response code: 403
Response message: Forbidden
Unfortunately it fails with the following response headers:
HTTP/1.1 403 Forbidden
Content-Type: application/octet-stream
Date: Fri, 18 Aug 2017 07:15:03 GMT
Server: openresty/1.9.3.1
X-Vcap-Request-Id: c9307775-0897-4fbd-5d45-e2e7c11cb1b1
Content-Length: 3
What am I missing? Thanks in advance.
This issue can have a lot of causes:
missing content-type header
missing authentication token
missing CSRF token
failing authentication before access to url
...
Can you show the request you send ?
I found that OpenResty requires User-Agent header. It will throw 403 Forbidden if User-Agent header doesn't exist.
JMeter do not attach this header automatically like most other apps do hence returning 403 Forbidden.