Menu
▾
▴
unity-idm-discuss — Unity discussion and support
You can subscribe to this list here.
| 2014 |
Jan
(3) |
Feb
(1) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
(2) |
Aug
(2) |
Sep
|
Oct
(3) |
Nov
|
Dec
(1) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2015 |
Jan
(20) |
Feb
(3) |
Mar
|
Apr
|
May
|
Jun
(15) |
Jul
(1) |
Aug
(7) |
Sep
(13) |
Oct
(2) |
Nov
(10) |
Dec
(1) |
| 2016 |
Jan
|
Feb
(2) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
(2) |
Sep
(11) |
Oct
(7) |
Nov
(6) |
Dec
(11) |
| 2017 |
Jan
(10) |
Feb
(5) |
Mar
(27) |
Apr
(34) |
May
(25) |
Jun
(14) |
Jul
(7) |
Aug
(17) |
Sep
(11) |
Oct
(6) |
Nov
(14) |
Dec
(10) |
| 2018 |
Jan
(8) |
Feb
(19) |
Mar
(40) |
Apr
(9) |
May
(16) |
Jun
(23) |
Jul
(31) |
Aug
(7) |
Sep
(9) |
Oct
(6) |
Nov
(14) |
Dec
(19) |
| 2019 |
Jan
(4) |
Feb
(6) |
Mar
(1) |
Apr
(2) |
May
(6) |
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
(19) |
Dec
(14) |
| 2020 |
Jan
(10) |
Feb
(24) |
Mar
(49) |
Apr
(26) |
May
(12) |
Jun
(4) |
Jul
(13) |
Aug
(32) |
Sep
(13) |
Oct
(10) |
Nov
(4) |
Dec
(16) |
| 2021 |
Jan
(2) |
Feb
(8) |
Mar
(15) |
Apr
(19) |
May
(5) |
Jun
(13) |
Jul
(6) |
Aug
(38) |
Sep
(11) |
Oct
(18) |
Nov
(11) |
Dec
(13) |
| 2022 |
Jan
(10) |
Feb
(21) |
Mar
(28) |
Apr
(3) |
May
(7) |
Jun
(9) |
Jul
(14) |
Aug
(13) |
Sep
(8) |
Oct
(29) |
Nov
(1) |
Dec
(21) |
| 2023 |
Jan
(19) |
Feb
(9) |
Mar
|
Apr
(10) |
May
(7) |
Jun
(10) |
Jul
(14) |
Aug
(17) |
Sep
(1) |
Oct
(9) |
Nov
(5) |
Dec
(14) |
| 2024 |
Jan
(12) |
Feb
(2) |
Mar
(8) |
Apr
(1) |
May
(6) |
Jun
(6) |
Jul
(24) |
Aug
(15) |
Sep
(1) |
Oct
(6) |
Nov
(20) |
Dec
(14) |
| 2025 |
Jan
(12) |
Feb
(2) |
Mar
(10) |
Apr
(11) |
May
(13) |
Jun
(1) |
Jul
(2) |
Aug
(2) |
Sep
(8) |
Oct
(28) |
Nov
(10) |
Dec
|
|
From: Sander A. <sa....@fz...> - 2024-12-13 09:25:52
|
Good Morning Krzysztof, when I log into upman the additional column with the attribute is not shown to. I need to switch to another tab and back to members. Thereafter I see the column. Best regards, Sander On Thu, 2024-12-12 at 18:12 +0100, Krzysztof Benedyczak wrote: > Hi Sander, > > W dniu 11.12.2024 o 12:30, Sander Apweiler pisze: > > Hello Krzysztof, > > hello Roman, > > > > we discovered today a small UI bug in upman endpoint. We added a > > read- > > only attribute to a project managed via upman. The column was only > > added after switching from members tab to another one and back to > > members tab. The column of the new attributes was also kept after > > switching to another project, but empty since the attribute is not > > available. It looks like the UI is not updated by logging in or > > switching the project but only when switching the tabs within a > > project. > > Yes, we miss refresh in UpMan when a project is changed. It will be > fixed. > > However let me ask about clarification. What do you mean by this: > > > It looks like the UI is not updated by logging in > Can you describe it in more details? > > Thanks, > Krzysztof > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2024-12-12 17:12:41
|
Hi Sander, W dniu 11.12.2024 o 12:30, Sander Apweiler pisze: > Hello Krzysztof, > hello Roman, > > we discovered today a small UI bug in upman endpoint. We added a read- > only attribute to a project managed via upman. The column was only > added after switching from members tab to another one and back to > members tab. The column of the new attributes was also kept after > switching to another project, but empty since the attribute is not > available. It looks like the UI is not updated by logging in or > switching the project but only when switching the tabs within a > project. Yes, we miss refresh in UpMan when a project is changed. It will be fixed. However let me ask about clarification. What do you mean by this: > It looks like the UI is not updated by logging in Can you describe it in more details? Thanks, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2024-12-12 17:10:36
|
Dear Subscribers, A subsequent patch release, improving version 4 stability was published. Big thanks to to FZJ crew for providing a lot of detailed bug reports. The most important bugfixes in this patch release: * *Improved wide icons scaling on the sign in page in the grid mode* * *Home UI shows denied applications* * *2nd factor with remote authN in Unity is fixed* For the complete list see the changelog. All the details are available at https://unity-idm.eu/releases/release-4-0-4/ Best, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2024-12-11 13:32:59
|
Hi Sander, W dniu 11.12.2024 o 14:10, Sander Apweiler pisze: > Dear Krzysztrof, > good to hear this should be trivial. But is there a possibility to drop > this as administrator? The users can not use the services at the moment > and they are very unhappy ahout it. We are going to release 4.0.4 fixing quite a few problems, including this one, later this week. Fixing it by admin is not trivial. This information is stored in a system-managed attribute, named sys:Preferences. It is not editable from console, you can only view it. You can delete it directly in DB for that user. This will also *remove all other consents* of the user. You can also update the value of the attribute manually but the format is complex so I would suggest that even less. Very sensitive operation. Best, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2024-12-11 13:11:00
|
Dear Krzysztrof, good to hear this should be trivial. But is there a possibility to drop this as administrator? The users can not use the services at the moment and they are very unhappy ahout it. Best regards, Sander On Mon, 2024-12-09 at 18:02 +0100, Krzysztof Benedyczak wrote: > Hi Sander, > > W dniu 9.12.2024 o 11:12, Sander Apweiler pisze: > > Dear Krzysztof, > > dear Roman, > > > > we got two tickets from users, who selected remember my decision > > and > > click on DENY. In past it was possible to revoke this decision in > > unserhome endpoint but it looks like denied transfers are not > > listed in > > the trusted applications tab anymore. At least I both cases the > > applications are not listed, while they are listed for users, who > > did > > not denied the attribute transfer. How can the decision withdrawn? > > > That is a bug. The fix is trivial, we already have it under testing, > will be in 4.0.4. > > Thanks for catching that > Krzysztof > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2024-12-11 11:30:38
|
Hello Krzysztof, hello Roman, we discovered today a small UI bug in upman endpoint. We added a read- only attribute to a project managed via upman. The column was only added after switching from members tab to another one and back to members tab. The column of the new attributes was also kept after switching to another project, but empty since the attribute is not available. It looks like the UI is not updated by logging in or switching the project but only when switching the tabs within a project. Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2024-12-09 17:09:32
|
Hi Sander, W dniu 5.12.2024 o 12:40, Sander Apweiler pisze: > Hello Krzysztof, > hello Roman, > > after our IdP starts releasing MFA usage information, we started to > test the dynamic expression on MFA. We started with a simple condition > that local second factor should only be used, if the REFEDS profile > information is not available (see screenshot). Sadly unity shows that > no second factor is configured, althought the information was released > by the IdP. Sadly we do not see anything in the logs. 1. we have tested something that you described and works as expected. 2. to make progress can you please check some details of what is logged during such failed authentication, with the following loggers set to TRACE: unity.server.authn.AuthenticationFlowPolicyConfigMVELContextBuilder unity.server.authn.AuthenticationProcessor unicore.security.dsig.DigSignatureUtil unity.server.saml.SamlServletExtractionUtils (naturally just for such authN, this will generate a lot of noise in logs) the first one is the most important, will allow us to limit our searching to one of two big parts of the process. The other are to check early SAML side: see the actual SAML response and how it is parsed. So in general I'd love to see the response message, and what goes into authn flow. Also we noticed one thing which is bit surprising on your last screenshot: ACR is reported as attribute. That is very narrow part of log, so a lot of guessing on our side, but can you additionally share whether you have some input profile settings that manipulate ACR? or maybe the ACR is received as a plain attribute? Cheers, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2024-12-09 17:02:44
|
Hi Sander, W dniu 9.12.2024 o 11:12, Sander Apweiler pisze: > Dear Krzysztof, > dear Roman, > > we got two tickets from users, who selected remember my decision and > click on DENY. In past it was possible to revoke this decision in > unserhome endpoint but it looks like denied transfers are not listed in > the trusted applications tab anymore. At least I both cases the > applications are not listed, while they are listed for users, who did > not denied the attribute transfer. How can the decision withdrawn? > That is a bug. The fix is trivial, we already have it under testing, will be in 4.0.4. Thanks for catching that Krzysztof |
|
From: Sander A. <sa....@fz...> - 2024-12-09 13:23:33
|
Dear Roman, yes we can provide them to you but will skip the ML. Sadly we do not know where exactly these errors occure. We assume that they are related to the not displayed consent screen, but this is just an assumption. I try to collect some logs, where not that many concurrent logins are ongoing and come back to you later. Best regards, Sander On Mon, 2024-12-09 at 13:15 +0100, Roman Krysiński wrote: > Good afternoon Sander, > > I'm struggling to reproduce "IllegalStateException: No login context > for 40d25e56-0b2b-436d-92b8-65569d1c0f24?redirectToIdP" problem, and > would like to ask you for bit broader context of logs around where > the issue occurs, would you be willing to share them with me? Also, > do you happen to know in what scenario the aforementioned problem > occurs? > > Best regards, > Roman > > > > pt., 29 lis 2024 o 18:26 Roman Krysiński <ro...@un...> > napisał(a): > > Hi Sander, > > > > We are looking into the IllegalStateExceptions problem, we will > > strive to squeeze it into the next patch release. > > > > Our assessment of the “IOException: Stream Closed” warning is that > > it can occur if the user closes the browser while the server is > > attempting to write to the corresponding socket. > > > > Best regards, > > Roman > > > > wt., 26 lis 2024 o 11:26 Sander Apweiler > > <sa....@fz...> napisał(a): > > > Good morning, > > > we found another Exception which occurs quite oftern after the > > > update: > > > > > > 2024-11-26T10:19:57,415 [qtp189759004-9219] WARN > > > org.eclipse.jetty.ee10.servlet.ServletChannel: handleException > > > /oauth2-as/VAADIN/dynamic/resource/0/e4baf8d2-5624-4b9c-82ee- > > > 57698afa6ead/4097c0b0cf59f1e2a962a148ed2043ad1en.png > > > java.io.IOException: Stream Closed > > > 2024-11-26T10:19:57,416 [qtp189759004-10574] ERROR > > > unity.server.web.CustomErrorPageInitializer: Vaadin > > > initialization error: > > > java.io.IOException: Stream Closed > > > at java.base/java.io.FileInputStream.readBytes(Native > > > Method) ~[?:?] > > > at > > > java.base/java.io.FileInputStream.read(FileInputStream.java:263) > > > ~[?:?] > > > at > > > com.vaadin.flow.server.StreamResource$Pipe.read(StreamResource.ja > > > va:119) ~[flow-server-24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.StreamResource$Pipe.copy(StreamResource.ja > > > va:109) ~[flow-server-24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.StreamResource$Pipe.accept(StreamResource. > > > java:84) ~[flow-server-24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.communication.StreamResourceHandler.handle > > > Request(StreamResourceHandler.java:86) ~[flow-server- > > > 24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.communication.StreamRequestHandler.handleR > > > equest(StreamRequestHandler.java:110) ~[flow-server- > > > 24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.VaadinService.handleRequest(VaadinService. > > > java:1574) ~[flow-server-24.3.7.jar:24.3.7] > > > at > > > com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:3 > > > 98) ~[flow-server-24.3.7.jar:24.3.7] > > > at > > > jakarta.servlet.http.HttpServlet.service(HttpServlet.java:614) > > > ~[jakarta.servlet-api-6.0.0.jar:6.0.0] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHolder.handle(ServletHolder > > > .java:736) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$ChainEnd.doFilter(S > > > ervletHandler.java:1614) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlets.CrossOriginFilter.handle(CrossOri > > > ginFilter.java:317) ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlets.CrossOriginFilter.doFilter(CrossO > > > riginFilter.java:270) ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder > > > .java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(Serv > > > letHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > io.imunity.vaadin.endpoint.common.InvocationContextSetupFilter.do > > > Filter(InvocationContextSetupFilter.java:67) ~[unity-server- > > > vaadin-endpoint-common-4.0.2.jar:?] > > > at > > > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder > > > .java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(Serv > > > letHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > io.imunity.vaadin.auth.server.AuthenticationFilter.forwardtoAuthn > > > (AuthenticationFilter.java:265) ~[unity-server-vaadin- > > > authentication-4.0.2.jar:?] > > > at > > > io.imunity.vaadin.auth.server.AuthenticationFilter.handleRemember > > > Me(AuthenticationFilter.java:250) ~[unity-server-vaadin- > > > authentication-4.0.2.jar:?] > > > at > > > io.imunity.vaadin.auth.server.AuthenticationFilter.doFilter(Authe > > > nticationFilter.java:100) ~[unity-server-vaadin-authentication- > > > 4.0.2.jar:?] > > > at > > > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder > > > .java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(Serv > > > letHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > io.imunity.vaadin.endpoint.common.RemoteRedirectedAuthnResponsePr > > > ocessingFilter.doFilter(RemoteRedirectedAuthnResponseProcessingFi > > > lter.java:48) ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?] > > > at > > > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder > > > .java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(Serv > > > letHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler$MappedServlet.handl > > > e(ServletHandler.java:1547) ~[jetty-ee10-servlet- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletChannel.dispatch(ServletCha > > > nnel.java:814) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletChannel.handle(ServletChann > > > el.java:431) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.ServletHandler.handle(ServletHandl > > > er.java:464) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler > > > .java:571) ~[jetty-security-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.ee10.servlet.SessionHandler.handle(SessionHandl > > > er.java:703) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHan > > > dler.java:765) ~[jetty-server-12.0.7.jar:12.0.7] > > > at > > > pl.edu.icm.unity.engine.server.ClientIPSettingHandler.handle(Clie > > > ntIPSettingHandler.java:67) ~[unity-server-engine-4.0.2.jar:?] > > > at > > > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle( > > > ContextHandlerCollection.java:181) ~[jetty-server- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler. > > > handle(RewriteHandler.java:159) ~[jetty-rewrite- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:1 > > > 08) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(Head > > > erPatternRule.java:89) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:1 > > > 08) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHa > > > ndler.java:143) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler. > > > handle(RewriteHandler.java:159) ~[jetty-rewrite- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:1 > > > 08) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(Head > > > erPatternRule.java:89) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:1 > > > 08) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHa > > > ndler.java:143) ~[jetty-rewrite-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHand > > > ler.java:549) ~[jetty-server-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.server.Handler$Wrapper.handle(Handler.java:716) > > > ~[jetty-server-12.0.7.jar:12.0.7] > > > at > > > pl.edu.icm.unity.engine.server.TraceBlockingHandler.handle(TraceB > > > lockingHandler.java:34) ~[unity-server-engine-4.0.2.jar:?] > > > at > > > org.eclipse.jetty.server.Server.handle(Server.java:179) ~[jetty- > > > server-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker > > > .run(HttpChannelState.java:619) ~[jetty-server-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpC > > > onnection.java:411) ~[jetty-server-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(Ab > > > stractConnection.java:322) ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) > > > ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.ssl.SslConnection$SslEndPoint.onFillable(Ssl > > > Connection.java:574) ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.j > > > ava:390) ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection. > > > java:150) ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) > > > ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableCh > > > annelEndPoint.java:53) ~[jetty-io-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy. > > > runTask(AdaptiveExecutionStrategy.java:478) ~[jetty-util- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy. > > > consumeTask(AdaptiveExecutionStrategy.java:441) ~[jetty-util- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy. > > > tryProduce(AdaptiveExecutionStrategy.java:293) ~[jetty-util- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy. > > > run(AdaptiveExecutionStrategy.java:201) ~[jetty-util- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThre > > > ad.run(ReservedThreadExecutor.java:410) ~[jetty-util- > > > 12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThrea > > > dPool.java:971) ~[jetty-util-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(Qu > > > euedThreadPool.java:1201) ~[jetty-util-12.0.7.jar:12.0.7] > > > at > > > org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedT > > > hreadPool.java:1156) ~[jetty-util-12.0.7.jar:12.0.7] > > > at java.base/java.lang.Thread.run(Thread.java:1583) [?:?] > > > 2024-11-26T10:19:57,416 [qtp189759004-10574] WARN > > > org.eclipse.jetty.ee10.servlet.ServletChannel: handleException > > > /oauth2-as/VAADIN/dynamic/resource/0/73e07c7d-ef52-4dac-a6e8- > > > 2333ac1f9844/4405244f9f75bd6012e40616bb767b461en.png > > > java.io.IOException: Stream Closed > > > > > > > > > Best regards, > > > Sander > > > > > > > > > On Mon, 2024-11-25 at 16:33 +0100, Sander Apweiler wrote: > > > > Hi Krzysztof, > > > > after updating our large unity instance this morning form > > > > 3.16.1 to > > > > 4.0.2 we got a lot of IllegalStateExceptions (see attachment) > > > > and a > > > > increase memory usage. Do you have any idea which could be the > > > > reason > > > > for this Exceptions? > > > > > > > > Best regards, > > > > Sander > > > > > > > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2024-12-09 12:16:02
|
Good afternoon Sander, I'm struggling to reproduce "IllegalStateException: No login context for 40d25e56-0b2b-436d-92b8-65569d1c0f24?redirectToIdP" problem, and would like to ask you for bit broader context of logs around where the issue occurs, would you be willing to share them with me? Also, do you happen to know in what scenario the aforementioned problem occurs? Best regards, Roman pt., 29 lis 2024 o 18:26 Roman Krysiński <ro...@un...> napisał(a): > Hi Sander, > > We are looking into the IllegalStateExceptions problem, we will strive to > squeeze it into the next patch release. > > Our assessment of the “IOException: Stream Closed” warning is that it can > occur if the user closes the browser while the server is attempting to > write to the corresponding socket. > > Best regards, > Roman > > wt., 26 lis 2024 o 11:26 Sander Apweiler <sa....@fz...> > napisał(a): > >> Good morning, >> we found another Exception which occurs quite oftern after the update: >> >> 2024-11-26T10:19:57,415 [qtp189759004-9219] WARN >> org.eclipse.jetty.ee10.servlet.ServletChannel: handleException >> /oauth2-as/VAADIN/dynamic/resource/0/e4baf8d2-5624-4b9c-82ee-57698afa6ead/4097c0b0cf59f1e2a962a148ed2043ad1en.png >> java.io.IOException: Stream Closed >> 2024-11-26T10:19:57,416 [qtp189759004-10574] ERROR >> unity.server.web.CustomErrorPageInitializer: Vaadin initialization error: >> java.io.IOException: Stream Closed >> at java.base/java.io.FileInputStream.readBytes(Native Method) >> ~[?:?] >> at java.base/java.io.FileInputStream.read(FileInputStream.java:263) >> ~[?:?] >> at >> com.vaadin.flow.server.StreamResource$Pipe.read(StreamResource.java:119) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.StreamResource$Pipe.copy(StreamResource.java:109) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.StreamResource$Pipe.accept(StreamResource.java:84) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.communication.StreamResourceHandler.handleRequest(StreamResourceHandler.java:86) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.communication.StreamRequestHandler.handleRequest(StreamRequestHandler.java:110) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1574) >> ~[flow-server-24.3.7.jar:24.3.7] >> at >> com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:398) >> ~[flow-server-24.3.7.jar:24.3.7] >> at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:614) >> ~[jakarta.servlet-api-6.0.0.jar:6.0.0] >> at >> org.eclipse.jetty.ee10.servlet.ServletHolder.handle(ServletHolder.java:736) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1614) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:317) >> ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:270) >> ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> io.imunity.vaadin.endpoint.common.InvocationContextSetupFilter.doFilter(InvocationContextSetupFilter.java:67) >> ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?] >> at >> org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> io.imunity.vaadin.auth.server.AuthenticationFilter.forwardtoAuthn(AuthenticationFilter.java:265) >> ~[unity-server-vaadin-authentication-4.0.2.jar:?] >> at >> io.imunity.vaadin.auth.server.AuthenticationFilter.handleRememberMe(AuthenticationFilter.java:250) >> ~[unity-server-vaadin-authentication-4.0.2.jar:?] >> at >> io.imunity.vaadin.auth.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:100) >> ~[unity-server-vaadin-authentication-4.0.2.jar:?] >> at >> org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> io.imunity.vaadin.endpoint.common.RemoteRedirectedAuthnResponseProcessingFilter.doFilter(RemoteRedirectedAuthnResponseProcessingFilter.java:48) >> ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?] >> at >> org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler$MappedServlet.handle(ServletHandler.java:1547) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletChannel.dispatch(ServletChannel.java:814) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletChannel.handle(ServletChannel.java:431) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.ServletHandler.handle(ServletHandler.java:464) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571) >> ~[jetty-security-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.ee10.servlet.SessionHandler.handle(SessionHandler.java:703) >> ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHandler.java:765) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> pl.edu.icm.unity.engine.server.ClientIPSettingHandler.handle(ClientIPSettingHandler.java:67) >> ~[unity-server-engine-4.0.2.jar:?] >> at >> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:181) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) >> ~[jetty-rewrite-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:549) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.server.Handler$Wrapper.handle(Handler.java:716) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> pl.edu.icm.unity.engine.server.TraceBlockingHandler.handle(TraceBlockingHandler.java:34) >> ~[unity-server-engine-4.0.2.jar:?] >> at org.eclipse.jetty.server.Server.handle(Server.java:179) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker.run(HttpChannelState.java:619) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpConnection.java:411) >> ~[jetty-server-12.0.7.jar:12.0.7] >> at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:322) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.io.ssl.SslConnection$SslEndPoint.onFillable(SslConnection.java:574) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:390) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:150) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) >> ~[jetty-io-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:478) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:441) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:293) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:201) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:410) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:971) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1201) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at >> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1156) >> ~[jetty-util-12.0.7.jar:12.0.7] >> at java.base/java.lang.Thread.run(Thread.java:1583) [?:?] >> 2024-11-26T10:19:57,416 [qtp189759004-10574] WARN >> org.eclipse.jetty.ee10.servlet.ServletChannel: handleException >> /oauth2-as/VAADIN/dynamic/resource/0/73e07c7d-ef52-4dac-a6e8-2333ac1f9844/4405244f9f75bd6012e40616bb767b461en.png >> java.io.IOException: Stream Closed >> >> >> Best regards, >> Sander >> >> >> On Mon, 2024-11-25 at 16:33 +0100, Sander Apweiler wrote: >> > Hi Krzysztof, >> > after updating our large unity instance this morning form 3.16.1 to >> > 4.0.2 we got a lot of IllegalStateExceptions (see attachment) and a >> > increase memory usage. Do you have any idea which could be the reason >> > for this Exceptions? >> > >> > Best regards, >> > Sander >> > >> >> -- >> Large-Scale Data Science >> Juelich Supercomputing Centre >> >> phone: +49 2461 61 8847 >> fax: +49 2461 61 6656 >> email: sa....@fz... >> >> ----------------------------------------------------------------------- >> ----------------------------------------------------------------------- >> Forschungszentrum Jülich GmbH >> 52425 Jülich >> Sitz der Gesellschaft: Jülich >> Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 >> Vorsitzender des Aufsichtsrats: MinDir Stefan Müller >> Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), >> Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens >> ----------------------------------------------------------------------- >> ----------------------------------------------------------------------- >> >> >> _______________________________________________ >> Unity-idm-discuss mailing list >> Uni...@li... >> https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss >> > |
|
From: Sander A. <sa....@fz...> - 2024-12-09 10:12:49
|
Dear Krzysztof, dear Roman, we got two tickets from users, who selected remember my decision and click on DENY. In past it was possible to revoke this decision in unserhome endpoint but it looks like denied transfers are not listed in the trusted applications tab anymore. At least I both cases the applications are not listed, while they are listed for users, who did not denied the attribute transfer. How can the decision withdrawn? Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2024-12-06 12:17:56
|
W dniu 5.12.2024 o 12:40, Sander Apweiler pisze: > Hello Krzysztof, > hello Roman, > > after our IdP starts releasing MFA usage information, we started to > test the dynamic expression on MFA. We started with a simple condition > that local second factor should only be used, if the REFEDS profile > information is not available (see screenshot). Sadly unity shows that > no second factor is configured, althought the information was released > by the IdP. Sadly we do not see anything in the logs. > Hmm, what you pasted looks good. We will recheck whether we can find some problem in implementation. Best, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2024-12-05 11:40:22
|
Hello Krzysztof, hello Roman, after our IdP starts releasing MFA usage information, we started to test the dynamic expression on MFA. We started with a simple condition that local second factor should only be used, if the REFEDS profile information is not available (see screenshot). Sadly unity shows that no second factor is configured, althought the information was released by the IdP. Sadly we do not see anything in the logs. Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2024-11-29 17:27:11
|
Hi Sander, We are looking into the IllegalStateExceptions problem, we will strive to squeeze it into the next patch release. Our assessment of the “IOException: Stream Closed” warning is that it can occur if the user closes the browser while the server is attempting to write to the corresponding socket. Best regards, Roman wt., 26 lis 2024 o 11:26 Sander Apweiler <sa....@fz...> napisał(a): > Good morning, > we found another Exception which occurs quite oftern after the update: > > 2024-11-26T10:19:57,415 [qtp189759004-9219] WARN > org.eclipse.jetty.ee10.servlet.ServletChannel: handleException > /oauth2-as/VAADIN/dynamic/resource/0/e4baf8d2-5624-4b9c-82ee-57698afa6ead/4097c0b0cf59f1e2a962a148ed2043ad1en.png > java.io.IOException: Stream Closed > 2024-11-26T10:19:57,416 [qtp189759004-10574] ERROR > unity.server.web.CustomErrorPageInitializer: Vaadin initialization error: > java.io.IOException: Stream Closed > at java.base/java.io.FileInputStream.readBytes(Native Method) > ~[?:?] > at java.base/java.io.FileInputStream.read(FileInputStream.java:263) > ~[?:?] > at > com.vaadin.flow.server.StreamResource$Pipe.read(StreamResource.java:119) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.StreamResource$Pipe.copy(StreamResource.java:109) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.StreamResource$Pipe.accept(StreamResource.java:84) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.communication.StreamResourceHandler.handleRequest(StreamResourceHandler.java:86) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.communication.StreamRequestHandler.handleRequest(StreamRequestHandler.java:110) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1574) > ~[flow-server-24.3.7.jar:24.3.7] > at > com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:398) > ~[flow-server-24.3.7.jar:24.3.7] > at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:614) > ~[jakarta.servlet-api-6.0.0.jar:6.0.0] > at > org.eclipse.jetty.ee10.servlet.ServletHolder.handle(ServletHolder.java:736) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1614) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:317) > ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:270) > ~[jetty-ee10-servlets-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > io.imunity.vaadin.endpoint.common.InvocationContextSetupFilter.doFilter(InvocationContextSetupFilter.java:67) > ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?] > at > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > io.imunity.vaadin.auth.server.AuthenticationFilter.forwardtoAuthn(AuthenticationFilter.java:265) > ~[unity-server-vaadin-authentication-4.0.2.jar:?] > at > io.imunity.vaadin.auth.server.AuthenticationFilter.handleRememberMe(AuthenticationFilter.java:250) > ~[unity-server-vaadin-authentication-4.0.2.jar:?] > at > io.imunity.vaadin.auth.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:100) > ~[unity-server-vaadin-authentication-4.0.2.jar:?] > at > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > io.imunity.vaadin.endpoint.common.RemoteRedirectedAuthnResponseProcessingFilter.doFilter(RemoteRedirectedAuthnResponseProcessingFilter.java:48) > ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?] > at > org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler$MappedServlet.handle(ServletHandler.java:1547) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletChannel.dispatch(ServletChannel.java:814) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletChannel.handle(ServletChannel.java:431) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.ServletHandler.handle(ServletHandler.java:464) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571) > ~[jetty-security-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.ee10.servlet.SessionHandler.handle(SessionHandler.java:703) > ~[jetty-ee10-servlet-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHandler.java:765) > ~[jetty-server-12.0.7.jar:12.0.7] > at > pl.edu.icm.unity.engine.server.ClientIPSettingHandler.handle(ClientIPSettingHandler.java:67) > ~[unity-server-engine-4.0.2.jar:?] > at > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:181) > ~[jetty-server-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) > ~[jetty-rewrite-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:549) > ~[jetty-server-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.server.Handler$Wrapper.handle(Handler.java:716) > ~[jetty-server-12.0.7.jar:12.0.7] > at > pl.edu.icm.unity.engine.server.TraceBlockingHandler.handle(TraceBlockingHandler.java:34) > ~[unity-server-engine-4.0.2.jar:?] > at org.eclipse.jetty.server.Server.handle(Server.java:179) > ~[jetty-server-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker.run(HttpChannelState.java:619) > ~[jetty-server-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpConnection.java:411) > ~[jetty-server-12.0.7.jar:12.0.7] > at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:322) > ~[jetty-io-12.0.7.jar:12.0.7] > at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) > ~[jetty-io-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.io.ssl.SslConnection$SslEndPoint.onFillable(SslConnection.java:574) > ~[jetty-io-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:390) > ~[jetty-io-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:150) > ~[jetty-io-12.0.7.jar:12.0.7] > at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) > ~[jetty-io-12.0.7.jar:12.0.7] > at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) > ~[jetty-io-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:478) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:441) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:293) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:201) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:410) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:971) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1201) > ~[jetty-util-12.0.7.jar:12.0.7] > at > org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1156) > ~[jetty-util-12.0.7.jar:12.0.7] > at java.base/java.lang.Thread.run(Thread.java:1583) [?:?] > 2024-11-26T10:19:57,416 [qtp189759004-10574] WARN > org.eclipse.jetty.ee10.servlet.ServletChannel: handleException > /oauth2-as/VAADIN/dynamic/resource/0/73e07c7d-ef52-4dac-a6e8-2333ac1f9844/4405244f9f75bd6012e40616bb767b461en.png > java.io.IOException: Stream Closed > > > Best regards, > Sander > > > On Mon, 2024-11-25 at 16:33 +0100, Sander Apweiler wrote: > > Hi Krzysztof, > > after updating our large unity instance this morning form 3.16.1 to > > 4.0.2 we got a lot of IllegalStateExceptions (see attachment) and a > > increase memory usage. Do you have any idea which could be the reason > > for this Exceptions? > > > > Best regards, > > Sander > > > > -- > Large-Scale Data Science > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Jülich GmbH > 52425 Jülich > Sitz der Gesellschaft: Jülich > Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Stefan Müller > Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Krzysztof B. <kb...@un...> - 2024-11-29 11:30:29
|
W dniu 28.11.2024 o 10:14, Sander Apweiler pisze: > Good morning Krzysztof, > good morning Roman, > > we recognize another small UI bug. When you login in the upman endpoint > and going to remove a user from a (sub-)group by clicking on "Remove > from group" the following pop-up shows the text of Remove from project. > The user is only removed from the group, so it is only a wrong message > in the pop-up confirmation. Thanks for the information. Will be addressed in the next patch. Best, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2024-11-29 11:29:52
|
W dniu 28.11.2024 o 09:58, Sander Apweiler pisze: > Good morning Krzysztof, > good morning Roman, > > We recognized that users are not redirected to the service or the > "consent screen" is not shown after the second factor was entered. We > are not sure if this belongs to the IlligalStateExceptions I reported > earlier this week. Starting a second login from the end service, the > consent screen is shown and redirect to the service works. Which is a > bit of annoying for the users. > Got it, we will investigate the root cause. Best, Krzysztof Benedyczak |
|
From: Krzysztof B. <kb...@un...> - 2024-11-29 11:29:08
|
Hi Laura,
W dniu 26.11.2024 o 17:11, Laura Hofer pisze:
> Hi Krzysztof, Hi Roman,
> we may have found a bug, but we are not quite sure. We have two oAuth
> clients, one of which has been changed to client_credentials
> (sys:oauth:allowedGrantFlows = client).
> However, the iss field is now missing from the tokens. Is this the
> expected behaviour?
> Here is the token that comes back with the normal client:
> {
> ‘sub": “3cac4792-0611-4f82-85b3-e1a61c8afea4”,
> ‘aud": “rucio-punch-frontend”,
> ‘scope": “eduperson_entitlement profile openid”,
> ‘iss": “https://login.helmholtz.de/oauth2”,
> ‘exp": 1732637686,
> ‘iat": 1732633686,
> ‘jti": “4e42bf02-b4f7-4da3-a062-92eda5bcc7f9”,
> ‘client_id": ’rucio-punch-frontend’
> }
> And here is the token with client_credentials:
> {
> ‘sub": “rucio-punch”,
> ‘exp": 1732637649,
> ‘iat": 1732633649,
> ‘jti": “c0cb7984-e6f4-485f-8e29-ba319a270cf2”,
> ‘client_id": “rucio-punch”,
> ‘scope": ’openid offline_access profile eduperson_entitlement’
> }
Thanks for heads up. Verified there are two problems with client
credentials grant when it is used with JWT access token: also aud claim
is missing.
Will be address in the next patch.
Best,
Krzysztof
|
|
From: Sander A. <sa....@fz...> - 2024-11-28 09:14:45
|
Good morning Krzysztof, good morning Roman, we recognize another small UI bug. When you login in the upman endpoint and going to remove a user from a (sub-)group by clicking on "Remove from group" the following pop-up shows the text of Remove from project. The user is only removed from the group, so it is only a wrong message in the pop-up confirmation. Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2024-11-28 08:58:56
|
Good morning Krzysztof, good morning Roman, We recognized that users are not redirected to the service or the "consent screen" is not shown after the second factor was entered. We are not sure if this belongs to the IlligalStateExceptions I reported earlier this week. Starting a second login from the end service, the consent screen is shown and redirect to the service works. Which is a bit of annoying for the users. Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Laura H. <l....@fz...> - 2024-11-26 16:11:45
|
Hi Krzysztof, Hi Roman,
we may have found a bug, but we are not quite sure. We have two oAuth clients, one of which has been changed to client_credentials (sys:oauth:allowedGrantFlows = client).
However, the iss field is now missing from the tokens. Is this the expected behaviour?
Here is the token that comes back with the normal client:
{
‘sub": “3cac4792-0611-4f82-85b3-e1a61c8afea4”,
‘aud": “rucio-punch-frontend”,
‘scope": “eduperson_entitlement profile openid”,
‘iss": “https://login.helmholtz.de/oauth2”,
‘exp": 1732637686,
‘iat": 1732633686,
‘jti": “4e42bf02-b4f7-4da3-a062-92eda5bcc7f9”,
‘client_id": ’rucio-punch-frontend’
}
And here is the token with client_credentials:
{
‘sub": “rucio-punch”,
‘exp": 1732637649,
‘iat": 1732633649,
‘jti": “c0cb7984-e6f4-485f-8e29-ba319a270cf2”,
‘client_id": “rucio-punch”,
‘scope": ’openid offline_access profile eduperson_entitlement’
}
Kind regards,
Laura
--
Juelich Supercomputing Centre
Institute for Advanced Simulation
Forschungszentrum Juelich GmbH
52425 Juelich, Germany
E-Mail: l....@fz...
Phone: +49 2461 61-6576
Fax: +49 2461 61-6656
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Stefan Müller
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens,
Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
|
From: Krzysztof B. <kb...@un...> - 2024-11-26 11:31:35
|
Hi Sander, W dniu 26.11.2024 o 11:57, Sander Apweiler pisze: > Hi Krzysztof, > hi Roman, > > we fouind an issue in the console UI. If you have a long list of groups > in the root group and a scroll bar is added. The scroll bar is put over > the menu icons and you can not klick the button anymore. Most probably > this might appear on other locations as well. > > The attached screen shot show the situation withou beeing with the > mouse over the icon/scoll bar. Hovering over it, will increase the size > of the scroll bar. Increasing the width of the group list does not > solve the problem, since the icons are sticked to the right border. > Thanks for the report, opening a ticket to track it. Best, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2024-11-26 10:58:04
|
Hi Krzysztof, hi Roman, we fouind an issue in the console UI. If you have a long list of groups in the root group and a scroll bar is added. The scroll bar is put over the menu icons and you can not klick the button anymore. Most probably this might appear on other locations as well. The attached screen shot show the situation withou beeing with the mouse over the icon/scoll bar. Hovering over it, will increase the size of the scroll bar. Increasing the width of the group list does not solve the problem, since the icons are sticked to the right border. Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2024-11-26 10:26:37
|
Good morning,
we found another Exception which occurs quite oftern after the update:
2024-11-26T10:19:57,415 [qtp189759004-9219] WARN org.eclipse.jetty.ee10.servlet.ServletChannel: handleException /oauth2-as/VAADIN/dynamic/resource/0/e4baf8d2-5624-4b9c-82ee-57698afa6ead/4097c0b0cf59f1e2a962a148ed2043ad1en.png java.io.IOException: Stream Closed
2024-11-26T10:19:57,416 [qtp189759004-10574] ERROR unity.server.web.CustomErrorPageInitializer: Vaadin initialization error:
java.io.IOException: Stream Closed
at java.base/java.io.FileInputStream.readBytes(Native Method) ~[?:?]
at java.base/java.io.FileInputStream.read(FileInputStream.java:263) ~[?:?]
at com.vaadin.flow.server.StreamResource$Pipe.read(StreamResource.java:119) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.StreamResource$Pipe.copy(StreamResource.java:109) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.StreamResource$Pipe.accept(StreamResource.java:84) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.communication.StreamResourceHandler.handleRequest(StreamResourceHandler.java:86) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.communication.StreamRequestHandler.handleRequest(StreamRequestHandler.java:110) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.VaadinService.handleRequest(VaadinService.java:1574) ~[flow-server-24.3.7.jar:24.3.7]
at com.vaadin.flow.server.VaadinServlet.service(VaadinServlet.java:398) ~[flow-server-24.3.7.jar:24.3.7]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:614) ~[jakarta.servlet-api-6.0.0.jar:6.0.0]
at org.eclipse.jetty.ee10.servlet.ServletHolder.handle(ServletHolder.java:736) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1614) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:317) ~[jetty-ee10-servlets-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:270) ~[jetty-ee10-servlets-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at io.imunity.vaadin.endpoint.common.InvocationContextSetupFilter.doFilter(InvocationContextSetupFilter.java:67) ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?]
at org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at io.imunity.vaadin.auth.server.AuthenticationFilter.forwardtoAuthn(AuthenticationFilter.java:265) ~[unity-server-vaadin-authentication-4.0.2.jar:?]
at io.imunity.vaadin.auth.server.AuthenticationFilter.handleRememberMe(AuthenticationFilter.java:250) ~[unity-server-vaadin-authentication-4.0.2.jar:?]
at io.imunity.vaadin.auth.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:100) ~[unity-server-vaadin-authentication-4.0.2.jar:?]
at org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at io.imunity.vaadin.endpoint.common.RemoteRedirectedAuthnResponseProcessingFilter.doFilter(RemoteRedirectedAuthnResponseProcessingFilter.java:48) ~[unity-server-vaadin-endpoint-common-4.0.2.jar:?]
at org.eclipse.jetty.ee10.servlet.FilterHolder.doFilter(FilterHolder.java:205) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1586) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler$MappedServlet.handle(ServletHandler.java:1547) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletChannel.dispatch(ServletChannel.java:814) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletChannel.handle(ServletChannel.java:431) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.ServletHandler.handle(ServletHandler.java:464) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571) ~[jetty-security-12.0.7.jar:12.0.7]
at org.eclipse.jetty.ee10.servlet.SessionHandler.handle(SessionHandler.java:703) ~[jetty-ee10-servlet-12.0.7.jar:12.0.7]
at org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHandler.java:765) ~[jetty-server-12.0.7.jar:12.0.7]
at pl.edu.icm.unity.engine.server.ClientIPSettingHandler.handle(ClientIPSettingHandler.java:67) ~[unity-server-engine-4.0.2.jar:?]
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:181) ~[jetty-server-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.RewriteHandler$LastRuleHandler.handle(RewriteHandler.java:159) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.HeaderPatternRule$1.handle(HeaderPatternRule.java:89) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.Rule$Handler.handle(Rule.java:108) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:143) ~[jetty-rewrite-12.0.7.jar:12.0.7]
at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:549) ~[jetty-server-12.0.7.jar:12.0.7]
at org.eclipse.jetty.server.Handler$Wrapper.handle(Handler.java:716) ~[jetty-server-12.0.7.jar:12.0.7]
at pl.edu.icm.unity.engine.server.TraceBlockingHandler.handle(TraceBlockingHandler.java:34) ~[unity-server-engine-4.0.2.jar:?]
at org.eclipse.jetty.server.Server.handle(Server.java:179) ~[jetty-server-12.0.7.jar:12.0.7]
at org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker.run(HttpChannelState.java:619) ~[jetty-server-12.0.7.jar:12.0.7]
at org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpConnection.java:411) ~[jetty-server-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:322) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.ssl.SslConnection$SslEndPoint.onFillable(SslConnection.java:574) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:390) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:150) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[jetty-io-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:478) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:441) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:293) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:201) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:410) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:971) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1201) ~[jetty-util-12.0.7.jar:12.0.7]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1156) ~[jetty-util-12.0.7.jar:12.0.7]
at java.base/java.lang.Thread.run(Thread.java:1583) [?:?]
2024-11-26T10:19:57,416 [qtp189759004-10574] WARN org.eclipse.jetty.ee10.servlet.ServletChannel: handleException /oauth2-as/VAADIN/dynamic/resource/0/73e07c7d-ef52-4dac-a6e8-2333ac1f9844/4405244f9f75bd6012e40616bb767b461en.png java.io.IOException: Stream Closed
Best regards,
Sander
On Mon, 2024-11-25 at 16:33 +0100, Sander Apweiler wrote:
> Hi Krzysztof,
> after updating our large unity instance this morning form 3.16.1 to
> 4.0.2 we got a lot of IllegalStateExceptions (see attachment) and a
> increase memory usage. Do you have any idea which could be the reason
> for this Exceptions?
>
> Best regards,
> Sander
>
--
Large-Scale Data Science
Juelich Supercomputing Centre
phone: +49 2461 61 8847
fax: +49 2461 61 6656
email: sa....@fz...
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Jülich GmbH
52425 Jülich
Sitz der Gesellschaft: Jülich
Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Stefan Müller
Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
|
From: Sander A. <sa....@fz...> - 2024-11-25 15:33:57
|
Hi Krzysztof, after updating our large unity instance this morning form 3.16.1 to 4.0.2 we got a lot of IllegalStateExceptions (see attachment) and a increase memory usage. Do you have any idea which could be the reason for this Exceptions? Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2024-11-19 08:06:10
|
W dniu 13.11.2024 o 11:48, Sander Apweiler pisze: > Hello Roman, > the logo in userhome endpoint is also not scaled correctly, while it is > in the console endpoint. > Thanks, we have both issues ticketized, will be addressed in the next revision. Best, Krzysztof |
