Menu
▾
▴
unity-idm-discuss — Unity discussion and support
You can subscribe to this list here.
| 2014 |
Jan
(3) |
Feb
(1) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
(2) |
Aug
(2) |
Sep
|
Oct
(3) |
Nov
|
Dec
(1) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2015 |
Jan
(20) |
Feb
(3) |
Mar
|
Apr
|
May
|
Jun
(15) |
Jul
(1) |
Aug
(7) |
Sep
(13) |
Oct
(2) |
Nov
(10) |
Dec
(1) |
| 2016 |
Jan
|
Feb
(2) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
(2) |
Sep
(11) |
Oct
(7) |
Nov
(6) |
Dec
(11) |
| 2017 |
Jan
(10) |
Feb
(5) |
Mar
(27) |
Apr
(34) |
May
(25) |
Jun
(14) |
Jul
(7) |
Aug
(17) |
Sep
(11) |
Oct
(6) |
Nov
(14) |
Dec
(10) |
| 2018 |
Jan
(8) |
Feb
(19) |
Mar
(40) |
Apr
(9) |
May
(16) |
Jun
(23) |
Jul
(31) |
Aug
(7) |
Sep
(9) |
Oct
(6) |
Nov
(14) |
Dec
(19) |
| 2019 |
Jan
(4) |
Feb
(6) |
Mar
(1) |
Apr
(2) |
May
(6) |
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
(19) |
Dec
(14) |
| 2020 |
Jan
(10) |
Feb
(24) |
Mar
(49) |
Apr
(26) |
May
(12) |
Jun
(4) |
Jul
(13) |
Aug
(32) |
Sep
(13) |
Oct
(10) |
Nov
(4) |
Dec
(16) |
| 2021 |
Jan
(2) |
Feb
(8) |
Mar
(15) |
Apr
(19) |
May
(5) |
Jun
(13) |
Jul
(6) |
Aug
(38) |
Sep
(11) |
Oct
(18) |
Nov
(11) |
Dec
(13) |
| 2022 |
Jan
(10) |
Feb
(21) |
Mar
(28) |
Apr
(3) |
May
(7) |
Jun
(9) |
Jul
(14) |
Aug
(13) |
Sep
(8) |
Oct
(29) |
Nov
(1) |
Dec
(21) |
| 2023 |
Jan
(19) |
Feb
(9) |
Mar
|
Apr
(10) |
May
(7) |
Jun
(10) |
Jul
(14) |
Aug
(17) |
Sep
(1) |
Oct
(9) |
Nov
(5) |
Dec
(14) |
| 2024 |
Jan
(12) |
Feb
(2) |
Mar
(8) |
Apr
(1) |
May
(6) |
Jun
(6) |
Jul
(24) |
Aug
(15) |
Sep
(1) |
Oct
(6) |
Nov
(20) |
Dec
(14) |
| 2025 |
Jan
(12) |
Feb
(2) |
Mar
(10) |
Apr
(11) |
May
(13) |
Jun
(1) |
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <ba...@aw...> - 2021-08-11 16:28:10
|
Dear Unity community, I'm trying to integrate Jupyter hub with Unity-idm. My goal is to authenticate users using OpenID Connect. Unity version: 3.2.3 Relevant configuration: Identity Provider - General tab: https://snipboard.io/WXrU3V.jpg Identity Provider - Clients tab: https://snipboard.io/pTxEek.jpg Jupyter-hub-client: https://snipboard.io/6olp81.jpg Relevant part of jupyterhub_config.py: c.GenericOAuthenticator.client_id="removed " c.GenericOAuthenticator.client_secret="removed" c.GenericOAuthenticator.oauth_callback_url=https://www.mydomain.io/jupyter/h ub/oauth_callback c.GenericOAuthenticator.authorize_url=https://idp.mydomain.io:2443/oauth/oau th2-authz c.GenericOAuthenticator.token_url=https://idp.mydomain.io:2443/oauth-token/t oken c.GenericOAuthenticator.userdata_url=https://idp.mydomain.io:2443/oauth-toke n/userinfo c.GenericOAuthenticator.username_key="userName" #c.GenericOAuthenticator.userdata_params.state="state" c.GenericOAuthenticator.userdata_params = {'state': 'state'} c.GenericOAuthenticator.scope = ['profile','openid'] I've double checked the client_id and secret many times, I'm pretty sure they are correct. What happens: 1. Go to https://mydomain.io/jupyter/ 2. Click on "Sign in with OAuth 2.0" button 3. Redirect to unity at https://idp.mydomain.io:2443/oauth/oauth2-authz-web-entry 4. Login with my username/password 5. Confirmation dialog: https://snipboard.io/XG5Ui8.jpg 6. After clicking on the Confirm button I get redirected to Jupyter hub where I get a "500: Internal Server Error". Checking unity logs I see the following warning: WARN org.apache.cxf.phase.PhaseInterceptorChain: Interceptor for {http://token.as.oauth.unity.icm.edu.pl/}RevocationResource has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Invalid user name, credential or external authentication failed. (Full stack trace at the end of the email.) This message does not tell much to me, all credentials are correct that I configured. Could someone help me out? Did I misconfigure something? Cheers, Zoltan Bakcsa 2021-08-11T14:30:40,648 [qtp1132146097-94] WARN org.apache.cxf.phase.PhaseInterceptorChain: Interceptor for {http://token.as.oauth.unity.icm.edu.pl/}RevocationResource has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: Invalid user name, credential or external authentication failed. at pl.edu.icm.unity.rest.authn.AuthenticationInterceptor.handleMessage(Authenti cationInterceptor.java:118) ~[unity-server-rest-3.2.3.jar:?] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain .java:308) ~[cxf-core-3.3.1.jar:3.3.1] at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationOb server.java:121) ~[cxf-core-3.3.1.jar:3.3.1] at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDes tination.java:267) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.ServletController.invokeDestination(Servlet Controller.java:234) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController. java:208) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController. java:160) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServ let.java:216) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractH TTPServlet.java:301) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServ let.java:220) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) ~[javax.servlet-api-3.1.0.jar:3.1.0] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPSer vlet.java:276) ~[cxf-rt-transports-http-3.3.1.jar:3.3.1] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:760) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler .java:1617) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:3 10) ~[jetty-servlets-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java :264) ~[jetty-servlets-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler .java:1604) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlets.DoSFilter.doFilterChain(DoSFilter.java:472) ~[jetty-servlets-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:325) ~[jetty-servlets-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:295) ~[jetty-servlets-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler .java:1604) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java :233) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java :1296) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java: 188) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) ~[jetty-servlet-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java: 186) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java: 1211) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141 ) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:1 27) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at pl.edu.icm.unity.engine.server.ClientIPSettingHandler.handle(ClientIPSetting Handler.java:58) ~[unity-server-engine-3.2.3.jar:?] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHand lerCollection.java:221) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:1 27) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java: 322) ~[jetty-rewrite-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:71 7) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:1 27) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.Server.handle(Server.java:500) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at pl.edu.icm.unity.engine.server.JettyServer$1.handle(JettyServer.java:216) ~[unity-server-engine-3.2.3.jar:?] at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:386) ~[jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:562) [jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:378) [jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) [jetty-server-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConne ction.java:311) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConne ction.java:543) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:398) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:161) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [jetty-io-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill .java:336) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKi ll.java:313) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouK ill.java:171) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.jav a:129) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(Rese rvedThreadExecutor.java:388) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java: 806) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.j ava:938) [jetty-util-9.4.22.v20191022.jar:9.4.22.v20191022] at java.lang.Thread.run(Thread.java:829) [?:?] Caused by: pl.edu.icm.unity.engine.api.authn.AuthenticationException: Invalid user name, credential or external authentication failed. at pl.edu.icm.unity.rest.authn.AuthenticationInterceptor.handleMessage(Authenti cationInterceptor.java:109) ~[unity-server-rest-3.2.3.jar:?] ... 56 more |
|
From: Sander A. <sa....@fz...> - 2021-08-10 07:29:09
|
Hi Piotr, this was the missing action. Thanks for the hint. Cheers, Sander On Tue, 2021-08-10 at 09:24 +0200, Piotr Piernik wrote: > Hi Sander > This form should be added to "Enabled enquiry forms" in home > service/endpoint configuration. > Could you please check this before we start investigate problem? > Cheers > Piotr > > W dniu 10.08.2021 o 08:46, Sander Apweiler pisze: > > > Good morning Krzysztof, > > In past I set up groups with join requests from user in the account > > updated tab in userhome. If I remember correctly the > > MembershipUpdateEnquiry is used for this. I created now such an > > enquiry > > using the wizzard (not adopted), but the account update tab is not > > visible in userhome. I did not disable this wie disable Components > > parameter. Did I miss something else? > > > > Cheers, > > Sander > > > > > > > > > > _______________________________________________ > > Unity-idm-discuss mailing list > > Uni...@li... > > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2021-08-10 07:24:43
|
Hi Sander This form should be added to "Enabled enquiry forms" in home service/endpoint configuration. Could you please check this before we start investigate problem? Cheers Piotr W dniu 10.08.2021 o 08:46, Sander Apweiler pisze: > Good morning Krzysztof, > In past I set up groups with join requests from user in the account > updated tab in userhome. If I remember correctly the > MembershipUpdateEnquiry is used for this. I created now such an enquiry > using the wizzard (not adopted), but the account update tab is not > visible in userhome. I did not disable this wie disable Components > parameter. Did I miss something else? > > Cheers, > Sander > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss |
|
From: Sander A. <sa....@fz...> - 2021-08-10 06:46:44
|
Good morning Krzysztof, In past I set up groups with join requests from user in the account updated tab in userhome. If I remember correctly the MembershipUpdateEnquiry is used for this. I created now such an enquiry using the wizzard (not adopted), but the account update tab is not visible in userhome. I did not disable this wie disable Components parameter. Did I miss something else? Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2021-08-06 13:41:20
|
Hi Sander, W dniu 03.08.2021 o 13:31, Piotr Piernik pisze: > Hi Sander > We will discuss this problem internally and come back with possible > solutions. > The simplest way is your proposal - improve error message. > Auto delete form when group is deleted could be more complicated. > > Cheers > Piotr > > wt., 3 sie 2021, 12:43 użytkownik Sander Apweiler > <sa....@fz... <mailto:sa....@fz...>> napisał: > > Hi Krzysztof, all > I found an problem in upman using subprojects. We delegated group > management and allowed the users to create subprojects. The user want > to delete one of the subprojects but it fails due the dependencies in > the automatically created forms. Of course I can drop the forms first > and thereafter the groups but it would be great if there is a solution > where users can delete the subprojects including the forms. > > Maybe the error message could be improved here to. At the moment it > says "Server error. Please contact support". Some information like > "Group can not deleted, because it is used in forms" might be more > meaningful. Of course I don't know where the exception is reused ;) > After evaluation of this topic we will treat this as a bug and fix in the next release. Ticket already opened. Thanks for the report, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2021-08-06 13:00:16
|
Hi Sander, W dniu 05.08.2021 o 12:27, Sander Apweiler pisze: > Hi Krzysztof, all, > we got feedback from a user that in upman's group tab is a lot of space > unused and user must scroll down. I attached a screenshot of the view. > The user uses two 27" monitors with 2K resolution. > > Is there a reason for the unused space in the group tab? No, there is not. Bug opened will be fixed in the next release. Best, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2021-08-05 10:27:47
|
Hi Krzysztof, all, we got feedback from a user that in upman's group tab is a lot of space unused and user must scroll down. I attached a screenshot of the view. The user uses two 27" monitors with 2K resolution. Is there a reason for the unused space in the group tab? Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2021-08-03 11:32:18
|
Hi Sander We will discuss this problem internally and come back with possible solutions. The simplest way is your proposal - improve error message. Auto delete form when group is deleted could be more complicated. Cheers Piotr wt., 3 sie 2021, 12:43 użytkownik Sander Apweiler <sa....@fz...> napisał: > Hi Krzysztof, all > I found an problem in upman using subprojects. We delegated group > management and allowed the users to create subprojects. The user want > to delete one of the subprojects but it fails due the dependencies in > the automatically created forms. Of course I can drop the forms first > and thereafter the groups but it would be great if there is a solution > where users can delete the subprojects including the forms. > > Maybe the error message could be improved here to. At the moment it > says "Server error. Please contact support". Some information like > "Group can not deleted, because it is used in forms" might be more > meaningful. Of course I don't know where the exception is reused ;) > > Cheers, > Sander > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Volker Rieke > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2021-08-03 10:43:31
|
Hi Krzysztof, all I found an problem in upman using subprojects. We delegated group management and allowed the users to create subprojects. The user want to delete one of the subprojects but it fails due the dependencies in the automatically created forms. Of course I can drop the forms first and thereafter the groups but it would be great if there is a solution where users can delete the subprojects including the forms. Maybe the error message could be improved here to. At the moment it says "Server error. Please contact support". Some information like "Group can not deleted, because it is used in forms" might be more meaningful. Of course I don't know where the exception is reused ;) Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2021-08-02 11:06:08
|
Hi Tomasz We investigating this problem. We are trying to recreate this situation on varius browser and systems. We hope to fix this in the next release. Best regards Piotr pon., 2 sie 2021, 12:54 użytkownik Tomasz Grabarczyk <ymg...@cy...> napisał: > Hi > > I have a problem with autofill in unity login form when using Google > Chrome browser - the browser does not give suggestions when I click the > user name field, it does so only when I click the password field, and after > selecting one, the user name field is left empty. This is > probably connected somehow with language selection dropdown - when I > blocked this dropdown in ublock (screenshot in attachment) the problem > disappeared - autofill worked correctly. This doesn't happen in other > browsers, I checked Firefox for example and there is no such problem there. > I am using chrome's native pass manager. > > I have already reported this issue some time ago but I don't know what its > status is. Was it fixed already perhaps? And if not, Could you have a look > at it? > > Unity version: 3.4.5 > Chome version: 92.0.4515.107 (Official Build) (64-bit) > OS: Windows 10 64bit > > Best regards > Tomek Grabarczyk > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Tomasz G. <ymg...@cy...> - 2021-08-02 10:54:30
|
Hi I have a problem with autofill in unity login form when using Google Chrome browser - the browser does not give suggestions when I click the user name field, it does so only when I click the password field, and after selecting one, the user name field is left empty. This is probably connected somehow with language selection dropdown - when I blocked this dropdown in ublock (screenshot in attachment) the problem disappeared - autofill worked correctly. This doesn't happen in other browsers, I checked Firefox for example and there is no such problem there. I am using chrome's native pass manager. I have already reported this issue some time ago but I don't know what its status is. Was it fixed already perhaps? And if not, Could you have a look at it? Unity version: 3.4.5 Chome version: 92.0.4515.107 (Official Build) (64-bit) OS: Windows 10 64bit Best regards Tomek Grabarczyk |
|
From: Krzysztof B. <kb...@un...> - 2021-07-29 12:57:03
|
Dear Sander, W dniu 29.07.2021 o 13:18, Sander Apweiler pisze: > Hi Krzysztof, all, > I've a short question about the option of "unique values" in Attribute > types. What does this option effects? We enabled it on the email > attribute and expected that only one account could use the entered > email address, but we found out that this is not the case. We can > create multiple accounts with different authenticators using the same > email address. > This option merely means that a single multi-valued attribute can not have the same value twice. It is not a global check. Email identity guarantees that. Best regards, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2021-07-29 11:18:44
|
Hi Krzysztof, all, I've a short question about the option of "unique values" in Attribute types. What does this option effects? We enabled it on the email attribute and expected that only one account could use the entered email address, but we found out that this is not the case. We can create multiple accounts with different authenticators using the same email address. Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2021-07-26 11:52:52
|
Hi Roman, thanks for your swift reply. On Mon, 2021-07-26 at 13:45 +0200, Roman Krysiński wrote: > Good morning Sander, > > Are you referring to the logo on the authentication screen? > If so, then the logo for each endpoint can be set either via Console > or configuration file. > In the console: Identity Provider -> Endpoints -> Select specific > endpoint -> Enter "Users Authentication" tab -> Go to Presentation > section -> here you can either upload a local image or provide a link > to remote one. > If it comes to configuration file, the specific endpoint's > configuration option to set, is "unity.endpoint.web.authnScreenLogo" > (for more information please take a look at Unity > doc: http://www.unity-idm.eu/documentation/unity-3.5.2/manual.html#_common_options_for_endpoints > ) Yes it looks like this solves my request. I didn't see it in the documentation :( Cheers, Sander > > More sophisticated look and feel requirements can be achieved by > customizations and branding. > > Please let me know if you have any questions. > > Best regards, > Roman > > > > pon., 26 lip 2021 o 11:03 Sander Apweiler <sa....@fz...> > napisał(a): > > Good morning Krzysztof, > > > > we have a community, using our unity instance with dedicated > > endpoints. > > The community want to have their logo inplace instead of the > > default > > logo on this instance. > > > > I already inspected the template ans found that the is set in the > > body- > > main-ui.ftl, being more precise in the executed code and via > > styles.css > > > > Is there an easy way to to exchange the logo only on single > > endpoints, > > without coping the whole theme and replacing the logo? > > > > I know the unity.endpoint.web.template parameter but within I would > > need to call the body-main-ui.ftl. > > > > Do you have another idea about this issue? > > > > Cheers, > > Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2021-07-26 11:45:56
|
Good morning Sander, Are you referring to the logo on the authentication screen? If so, then the logo for each endpoint can be set either via Console or configuration file. In the console: Identity Provider -> Endpoints -> Select specific endpoint -> Enter "Users Authentication" tab -> Go to Presentation section -> here you can either upload a local image or provide a link to remote one. If it comes to configuration file, the specific endpoint's configuration option to set, is "unity.endpoint.web.authnScreenLogo" (for more information please take a look at Unity doc: http://www.unity-idm.eu/documentation/unity-3.5.2/manual.html#_common_options_for_endpoints ) More sophisticated look and feel requirements can be achieved by customizations and branding. <http://www.unity-idm.eu/documentation/unity-3.5.2/manual.html#branding> Please let me know if you have any questions. Best regards, Roman pon., 26 lip 2021 o 11:03 Sander Apweiler <sa....@fz...> napisał(a): > Good morning Krzysztof, > > we have a community, using our unity instance with dedicated endpoints. > The community want to have their logo inplace instead of the default > logo on this instance. > > I already inspected the template ans found that the is set in the body- > main-ui.ftl, being more precise in the executed code and via styles.css > > Is there an easy way to to exchange the logo only on single endpoints, > without coping the whole theme and replacing the logo? > > I know the unity.endpoint.web.template parameter but within I would > need to call the body-main-ui.ftl. > > Do you have another idea about this issue? > > Cheers, > Sander > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Volker Rieke > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2021-07-26 09:03:42
|
Good morning Krzysztof, we have a community, using our unity instance with dedicated endpoints. The community want to have their logo inplace instead of the default logo on this instance. I already inspected the template ans found that the is set in the body- main-ui.ftl, being more precise in the executed code and via styles.css Is there an easy way to to exchange the logo only on single endpoints, without coping the whole theme and replacing the logo? I know the unity.endpoint.web.template parameter but within I would need to call the body-main-ui.ftl. Do you have another idea about this issue? Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2021-07-09 11:08:44
|
Dear Subscribers, A minor update with a fix for the too short validity time of credential reset code was published under the number 3.5.2. Best regards, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2021-06-24 10:43:27
|
Hi Sander, W dniu 24.06.2021 o 11:32, Sander Apweiler pisze: > Hi all, > sometimes users get an "OAuth ERROR - Authorization SErver got an > invalid request. No OAuth context" when they are forwarded from SP or > come back from IdP. We can not reproduce it, but it appears from time > to time. Can you give me some information, when this error is raised? We have received reports with that situation from some other users as well and seen it (although very rarely) on our instances. We are investigating, trying to address that in 3.6 release. We are confident that the case when error happens after returning from remote IdP will be addressed: we are completely refactor the handling of that process, should be much more stable. The other case is bit of mystery still - under investigation. Cheers, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2021-06-24 09:32:20
|
Hi all, sometimes users get an "OAuth ERROR - Authorization SErver got an invalid request. No OAuth context" when they are forwarded from SP or come back from IdP. We can not reproduce it, but it appears from time to time. Can you give me some information, when this error is raised? Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2021-06-23 07:36:12
|
Good morning Sander, That's a known issue on Java 9+ with groovy - sorry we can't do anything about it, besides crossing fingers that groovy guys fix it at some point. With Java 11 at least that's harmless. Best, Roman śr., 23 cze 2021 o 06:32 Sander Apweiler <sa....@fz...> napisał(a): > Good morning Krzysztof, > we switched to java 11 on one server this morning. After restarting > unity (3.5.1.) we got a warning about groovy lib. > > > [ ~]$ java --version > openjdk 11.0.11 2021-04-20 LTS > OpenJDK Runtime Environment 18.9 (build 11.0.11+9-LTS) > OpenJDK 64-Bit Server VM 18.9 (build 11.0.11+9-LTS, mixed mode, sharing) > [ ~]$ sudo systemctl restart unity-idm-3.5.1; tail -f > /usr/local/unity/unity-3.5.1/logs/unity-startup.log > Jun 23, 2021 6:20:59 AM CEST: Stopping UNITY Server > Jun 23, 2021 6:20:59 AM CEST: Stopped UNITY Server > tail: /usr/local/unity/unity-3.5.1/logs/unity-startup.log: file truncated > Jun 23, 2021, 6:21:05 AM CEST: Starting UNITY Web Server > WARNING: An illegal reflective access operation has occurred > WARNING: Illegal reflective access by > org.codehaus.groovy.vmplugin.v7.Java7$1 > (file:/usr/local/unity/unity-3.5.1/lib/groovy-2.5.6.jar) to constructor > java.lang.invoke.MethodHandles$Lookup(java.lang.Class,int) > WARNING: Please consider reporting this to the maintainers of > org.codehaus.groovy.vmplugin.v7.Java7$1 > WARNING: Use --illegal-access=warn to enable warnings of further illegal > reflective access operations > WARNING: All illegal access operations will be denied in a future release > Jun 23, 2021, 6:23:31 AM CEST: UNITY Server Started > > Cheers, > Sander > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Volker Rieke > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2021-06-23 04:32:28
|
Good morning Krzysztof, we switched to java 11 on one server this morning. After restarting unity (3.5.1.) we got a warning about groovy lib. [ ~]$ java --version openjdk 11.0.11 2021-04-20 LTS OpenJDK Runtime Environment 18.9 (build 11.0.11+9-LTS) OpenJDK 64-Bit Server VM 18.9 (build 11.0.11+9-LTS, mixed mode, sharing) [ ~]$ sudo systemctl restart unity-idm-3.5.1; tail -f /usr/local/unity/unity-3.5.1/logs/unity-startup.log Jun 23, 2021 6:20:59 AM CEST: Stopping UNITY Server Jun 23, 2021 6:20:59 AM CEST: Stopped UNITY Server tail: /usr/local/unity/unity-3.5.1/logs/unity-startup.log: file truncated Jun 23, 2021, 6:21:05 AM CEST: Starting UNITY Web Server WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.codehaus.groovy.vmplugin.v7.Java7$1 (file:/usr/local/unity/unity-3.5.1/lib/groovy-2.5.6.jar) to constructor java.lang.invoke.MethodHandles$Lookup(java.lang.Class,int) WARNING: Please consider reporting this to the maintainers of org.codehaus.groovy.vmplugin.v7.Java7$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Jun 23, 2021, 6:23:31 AM CEST: UNITY Server Started Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2021-06-21 09:21:58
|
W dniu 21.06.2021 o 10:51, Sander Apweiler pisze: > Hi Krzysztof, > > a attached it in a txt file. > hmm, looks ok. From looking into code... this should not happen. Looks like some library problem, but looks fine to me. So most likely something very weird. I'd need to be able to reproduce it somehow. From the log it seems that this happened when parsing a certificate of one of the trusted SAML IDPs. Can you tell what federations you have enabled? I'd need to try to configure the same and see if it happens on my end. Also please provide your java version. Cheers, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2021-06-21 08:51:21
|
Hi Krzysztof, a attached it in a txt file. On Mon, 2021-06-21 at 10:44 +0200, Krzysztof Benedyczak wrote: > Good morning Sander, > > W dniu 21.06.2021 o 07:18, Sander Apweiler pisze: > > Good morning Krzysztof, > > we have a serious issue with unity. The last four servers we > > updated > > successful to unity 3.5.1, including our test servers, this morning > > we > > started the migration of the server, which is in production. > > > > We updated from 3.3.4 to 3.5.1 and disabled the admin interface. We > > have the following error in startup log: > > > > Jun 21, 2021 7:11:39 AM CEST: Starting UNITY Web Server > > Exception in thread "main" > > org.springframework.context.ApplicationContextException: Failed to > > start bean 'engineInitialization'; nested exception is > > java.lang.NoSuchMethodError: > > org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle > > /asn1/ASN1Primitive;)Z > > at > > org.springframework.context.support.DefaultLifecycleProcessor.doSta > > rt(DefaultLifecycleProcessor.java:185) > > at > > org.springframework.context.support.DefaultLifecycleProcessor.acces > > s$200(DefaultLifecycleProcessor.java:53) > > at > > org.springframework.context.support.DefaultLifecycleProcessor$Lifec > > ycleGroup.start(DefaultLifecycleProcessor.java:360) > > at > > org.springframework.context.support.DefaultLifecycleProcessor.start > > Beans(DefaultLifecycleProcessor.java:158) > > at > > org.springframework.context.support.DefaultLifecycleProcessor.onRef > > resh(DefaultLifecycleProcessor.java:122) > > at > > org.springframework.context.support.AbstractApplicationContext.fini > > shRefresh(AbstractApplicationContext.java:894) > > at > > org.springframework.context.support.AbstractApplicationContext.refr > > esh(AbstractApplicationContext.java:553) > > at > > pl.edu.icm.unity.engine.server.UnityApplication.run(UnityApplicatio > > n.java:60) > > at > > pl.edu.icm.unity.engine.server.UnityApplication.main(UnityApplicati > > on.java:69) > > Caused by: java.lang.NoSuchMethodError: > > org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle > > /asn1/ASN1Primitive;)Z > > at > > eu.emi.security.authn.x509.helpers.DNComparator.normalizeAVA(DNComp > > arator.java:93) > > > Can you please paste the exact contents of your unity's installation > lib/ folder? > > Thanks, > Krzysztof > -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2021-06-21 08:44:33
|
Good morning Sander, W dniu 21.06.2021 o 07:18, Sander Apweiler pisze: > Good morning Krzysztof, > we have a serious issue with unity. The last four servers we updated > successful to unity 3.5.1, including our test servers, this morning we > started the migration of the server, which is in production. > > We updated from 3.3.4 to 3.5.1 and disabled the admin interface. We > have the following error in startup log: > > Jun 21, 2021 7:11:39 AM CEST: Starting UNITY Web Server > Exception in thread "main" org.springframework.context.ApplicationContextException: Failed to start bean 'engineInitialization'; nested exception is java.lang.NoSuchMethodError: org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle/asn1/ASN1Primitive;)Z > at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:185) > at org.springframework.context.support.DefaultLifecycleProcessor.access$200(DefaultLifecycleProcessor.java:53) > at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:360) > at org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:158) > at org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:122) > at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:894) > at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) > at pl.edu.icm.unity.engine.server.UnityApplication.run(UnityApplication.java:60) > at pl.edu.icm.unity.engine.server.UnityApplication.main(UnityApplication.java:69) > Caused by: java.lang.NoSuchMethodError: org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle/asn1/ASN1Primitive;)Z > at eu.emi.security.authn.x509.helpers.DNComparator.normalizeAVA(DNComparator.java:93) Can you please paste the exact contents of your unity's installation lib/ folder? Thanks, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2021-06-21 05:19:03
|
Good morning Krzysztof,
we have a serious issue with unity. The last four servers we updated
successful to unity 3.5.1, including our test servers, this morning we
started the migration of the server, which is in production.
We updated from 3.3.4 to 3.5.1 and disabled the admin interface. We
have the following error in startup log:
Jun 21, 2021 7:11:39 AM CEST: Starting UNITY Web Server
Exception in thread "main" org.springframework.context.ApplicationContextException: Failed to start bean 'engineInitialization'; nested exception is java.lang.NoSuchMethodError: org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle/asn1/ASN1Primitive;)Z
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:185)
at org.springframework.context.support.DefaultLifecycleProcessor.access$200(DefaultLifecycleProcessor.java:53)
at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:360)
at org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:158)
at org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:122)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:894)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553)
at pl.edu.icm.unity.engine.server.UnityApplication.run(UnityApplication.java:60)
at pl.edu.icm.unity.engine.server.UnityApplication.main(UnityApplication.java:69)
Caused by: java.lang.NoSuchMethodError: org.bouncycastle.asn1.ASN1ObjectIdentifier.equals(Lorg/bouncycastle/asn1/ASN1Primitive;)Z
at eu.emi.security.authn.x509.helpers.DNComparator.normalizeAVA(DNComparator.java:93)
at eu.emi.security.authn.x509.helpers.DNComparator.preNormalize(DNComparator.java:58)
at eu.emi.security.authn.x509.impl.X500NameUtils.getComparableForm(X500NameUtils.java:168)
at pl.edu.icm.unity.saml.metadata.cfg.AbstractMetaToConfigConverter.getCertificateKey(AbstractMetaToConfigConverter.java:195)
at pl.edu.icm.unity.saml.metadata.cfg.AbstractMetaToConfigConverter.updatePKICerts(AbstractMetaToConfigConverter.java:171)
at pl.edu.icm.unity.saml.metadata.cfg.MetaToSPConfigConverter.convertToProperties(MetaToSPConfigConverter.java:111)
at pl.edu.icm.unity.saml.metadata.cfg.AbstractMetaToConfigConverter.convertToProperties(AbstractMetaToConfigConverter.java:93)
at pl.edu.icm.unity.saml.metadata.cfg.AbstractMetaToConfigConverter.convertToProperties(AbstractMetaToConfigConverter.java:75)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager.reloadSingle(RemoteMetaManager.java:150)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager.access$100(RemoteMetaManager.java:34)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager$MetadataConsumer.updateMetadata(RemoteMetaManager.java:168)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager$MetadataConsumer.access$300(RemoteMetaManager.java:154)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager.lambda$registerMetadataConsumers$0(RemoteMetaManager.java:102)
at pl.edu.icm.unity.saml.metadata.srv.MetadataSourceHandler.notifyConsumer(MetadataSourceHandler.java:207)
at pl.edu.icm.unity.saml.metadata.srv.MetadataSourceHandler.feedWithCached(MetadataSourceHandler.java:183)
at pl.edu.icm.unity.saml.metadata.srv.MetadataSourceHandler.addConsumer(MetadataSourceHandler.java:72)
at pl.edu.icm.unity.saml.metadata.srv.RemoteMetadataServiceImpl.registerConsumer(RemoteMetadataServiceImpl.java:77)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager.registerMetadataConsumers(RemoteMetaManager.java:101)
at pl.edu.icm.unity.saml.metadata.cfg.RemoteMetaManager.<init>(RemoteMetaManager.java:59)
at pl.edu.icm.unity.saml.sp.SAMLVerificator.setSerializedConfiguration(SAMLVerificator.java:185)
at pl.edu.icm.unity.engine.authn.AuthenticatorLoader.verifyConfiguration(AuthenticatorLoader.java:117)
at pl.edu.icm.unity.engine.authn.AuthenticatorManagementImpl.verifyConfiguration(AuthenticatorManagementImpl.java:188)
at pl.edu.icm.unity.engine.authn.AuthenticatorManagementImpl.createAuthenticator(AuthenticatorManagementImpl.java:95)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:88)
at pl.edu.icm.unity.store.rdbms.tx.SQLTransactionEngine.runInTransaction(SQLTransactionEngine.java:45)
at pl.edu.icm.unity.store.tx.TransactionalAspect.retryIfNeeded4Method(TransactionalAspect.java:75)
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:644)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:633)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175)
at org.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175)
at org.springframework.aop.aspectj.AspectJAfterThrowingAdvice.invoke(AspectJAfterThrowingAdvice.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy111.createAuthenticator(Unknown Source)
at pl.edu.icm.unity.engine.server.EngineInitialization.loadAuthenticatorsFromConfiguration(EngineInitialization.java:924)
at pl.edu.icm.unity.engine.server.EngineInitialization.initializeAuthenticators(EngineInitialization.java:892)
at pl.edu.icm.unity.engine.server.EngineInitialization.initializeSystemContentsFromConfigFile(EngineInitialization.java:406)
at pl.edu.icm.unity.engine.server.EngineInitialization.initializeDatabaseContents(EngineInitialization.java:374)
at pl.edu.icm.unity.engine.server.EngineInitialization.start(EngineInitialization.java:262)
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:182)
... 8 more
Do you know what could cause this problem? On the four previous servers
we didn't had any problem.
Cheers,
Sander
--
Federated Systems and Data
Juelich Supercomputing Centre
phone: +49 2461 61 8847
fax: +49 2461 61 6656
email: sa....@fz...
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Volker Rieke
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
