Menu
▾
▴
Re: [Unity-idm-discuss] unity 3.11 can't parse tokens JSON
|
From: Sander A. <sa....@fz...> - 2022-10-18 11:40:03
|
Hi Krzysztof, sadly this didn't solve the stack traces. They are still occuring. But I guess decreasing the loglevel after our test might also remove them from the logs. 2022-10-18T11:09:11,807 [pool-2-thread-8] TRACE unity.server.core.URIAccessServiceImpl: Can not read uri: https://idp.iitbhilai.ac.in/images/logo.png javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?] at sun.security.ssl.TransportContext.fatal(TransportContext.java:349) ~[?:?] at sun.security.ssl.TransportContext.fatal(TransportContext.java:292) ~[?:?] at sun.security.ssl.TransportContext.fatal(TransportContext.java:287) ~[?:?] at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654) ~[?:?] at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473) ~[?:?] at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369) ~[?:?] at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?] at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443) ~[?:?] at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421) ~[?:?] at sun.security.ssl.TransportContext.dispatch(TransportContext.java:182) ~[?:?] at sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) ~[?:?] at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1426) ~[?:?] at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1336) ~[?:?] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450) ~[?:?] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421) ~[?:?] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient-4.5.13.jar:4.5.13] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient-4.5.13.jar:4.5.13] at pl.edu.icm.unity.engine.files.RemoteFileNetworkClient.download(RemoteFileNetworkClient.java:89) ~[unity-server-engine-3.11.1.jar:?] at pl.edu.icm.unity.engine.files.RemoteFileNetworkClient.download(RemoteFileNetworkClient.java:70) ~[unity-server-engine-3.11.1.jar:?] at pl.edu.icm.unity.engine.files.URIAccessServiceImpl.readURL(URIAccessServiceImpl.java:226) ~[unity-server-engine-3.11.1.jar:?] at pl.edu.icm.unity.engine.files.URIAccessServiceImpl.readURL(URIAccessServiceImpl.java:102) ~[unity-server-engine-3.11.1.jar:?] at jdk.internal.reflect.GeneratedMethodAccessor107.invoke(Unknown Source) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:89) ~[spring-aop-5.3.23.jar:5.3.23] at pl.edu.icm.unity.store.rdbms.tx.SQLTransactionEngine.runInTransaction(SQLTransactionEngine.java:45) ~[unity-server-storage-3.11.1.jar:?] at pl.edu.icm.unity.store.tx.TransactionalAspect.retryIfNeeded4Method(TransactionalAspect.java:75) ~[unity-server-storage-3.11.1.jar:?] at jdk.internal.reflect.GeneratedMethodAccessor28.invoke(Unknown Source) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:634) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:624) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:72) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:97) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.3.23.jar:5.3.23] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215) ~[spring-aop-5.3.23.jar:5.3.23] at com.sun.proxy.$Proxy96.readURL(Unknown Source) ~[?:?] at pl.edu.icm.unity.saml.metadata.cfg.AsyncExternalLogoFileDownloader.downloadFile(AsyncExternalLogoFileDownloader.java:188) ~[unity-server-saml-3.11.1.jar:?] at pl.edu.icm.unity.saml.metadata.cfg.AsyncExternalLogoFileDownloader.fetchAndSaveFileOnDisk(AsyncExternalLogoFileDownloader.java:165) ~[unity-server-saml-3.11.1.jar:?] at pl.edu.icm.unity.saml.metadata.cfg.AsyncExternalLogoFileDownloader.lambda$downloadFiles$7(AsyncExternalLogoFileDownloader.java:152) ~[unity-server-saml-3.11.1.jar:?] at java.util.HashMap.forEach(HashMap.java:1337) ~[?:?] at pl.edu.icm.unity.saml.metadata.cfg.AsyncExternalLogoFileDownloader.downloadFiles(AsyncExternalLogoFileDownloader.java:148) ~[unity-server-saml-3.11.1.jar:?] at pl.edu.icm.unity.saml.metadata.cfg.AsyncExternalLogoFileDownloader.lambda$downloadLogoFilesAsync$0(AsyncExternalLogoFileDownloader.java:81) ~[unity-server-saml-3.11.1.jar:?] at java.util.concurrent.CompletableFuture$AsyncRun.run(CompletableFuture.java:1736) ~[?:?] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[?:?] at java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[?:?] at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) ~[?:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?] at java.lang.Thread.run(Thread.java:829) ~[?:?] Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439) ~[?:?] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306) ~[?:?] at sun.security.validator.Validator.validate(Validator.java:264) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:?] at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:?] ... 60 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:?] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:?] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297) ~[?:?] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434) ~[?:?] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306) ~[?:?] at sun.security.validator.Validator.validate(Validator.java:264) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222) ~[?:?] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[?:?] at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638) ~[?:?] ... 60 more Best regards, Sander On Fri, 2022-10-14 at 12:39 +0200, Krzysztof Benedyczak wrote: > W dniu 14.10.2022 o 12:36, Sander Apweiler pisze: > > Hi Krzysztof, > > > > On Fri, 2022-10-14 at 12:29 +0200, Krzysztof Benedyczak wrote: > > > W dniu 14.10.2022 o 12:23, Sander Apweiler pisze: > > > > Hi Krzysztof, > > > > > > > > thanks for the swift reply. Just another question to the 3.11 > > > > release. > > > > Is there a (sub) logger which I can set to INFO level about the > > > > IdP > > > > image download? EduGAIN contains a lot of image URLs which are > > > > not > > > > existing anymore. > > > Do you want to disable info about image download, filter it or > > > otherwise: enable? > > In general the info would not bother, but the long stack traces if > > the > > image can not be loaded let the log increase heavily. If it is the > > easiest to suppress the whole log about image load, I'm fine, too. > > then set unity.server.saml.AsyncExternalLogoFileDownloader to INFO, > should help > -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
