ManagementPortal
ManagementPortal copied to clipboard
RADAR-base
Add SecurityConfiguration fixes
Description:
- Add
SecurityConfigurationauth endpoint fixes - Fix admin details override methods (email and password override in identity service)
Checklist:
- [X] The Main workflow has succeeded
- [X] The Gatling tests have passed
- [X] I have logged into the portal running locally with default admin credentials
- [X] I have updated the README files if this change requires documentation update
- [X] I have commented my code, particularly in hard-to-understand areas
I also see serveral other errors during MP startup:
2025-06-11 10:12:12.618 INFO 8 --- [ main] m.c.ManagementPortalSecurityConfigLoader : Loading ManagementPortal frontend client
2025-06-11 10:12:12.622 ERROR 8 --- [ main] m.c.ManagementPortalSecurityConfigLoader : null
java.lang.NullPointerException: null
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.loadOAuthClient(ManagementPortalSecurityConfigLoader.kt:161)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.loadFrontendOauthClient(ManagementPortalSecurityConfigLoader.kt:117)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$FastClassBySpringCGLIB$$20763b66.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$EnhancerBySpringCGLIB$$1a3c0b05.loadFrontendOauthClient(<generated>)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:344)
at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:229)
at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:166)
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:178)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:171)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:145)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:429)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:386)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:949)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:594)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:147)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:732)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:409)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:308)
at org.radarbase.management.ManagementPortalApp$Companion.main(ManagementPortalApp.kt:80)
at org.radarbase.management.ManagementPortalApp.main(ManagementPortalApp.kt)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59)
2025-06-11 10:12:12.623 ERROR 8 --- [ main] m.c.ManagementPortalSecurityConfigLoader : Unable to load OAuth client b339ce3f-7da6-48dd-832b-77d46822c883: null
java.lang.NullPointerException: null
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.loadOAuthClient(ManagementPortalSecurityConfigLoader.kt:172)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.loadFrontendOauthClient(ManagementPortalSecurityConfigLoader.kt:117)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$FastClassBySpringCGLIB$$20763b66.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$EnhancerBySpringCGLIB$$1a3c0b05.loadFrontendOauthClient(<generated>)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:344)
at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:229)
at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:166)
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:178)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:171)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:145)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:429)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:386)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:949)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:594)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:147)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:732)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:409)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:308)
at org.radarbase.management.ManagementPortalApp$Companion.main(ManagementPortalApp.kt:80)
at org.radarbase.management.ManagementPortalApp.main(ManagementPortalApp.kt)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59)
2025-06-11 10:12:12.624 ERROR 8 --- [ main] m.c.ManagementPortalSecurityConfigLoader : Unable to read header from OAuth clients file: /mp-includes/config/oauth_client_details.csv
java.nio.file.NoSuchFileException: /mp-includes/config/oauth_client_details.csv
at java.base/sun.nio.fs.UnixException.translateToIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(Unknown Source)
at java.base/java.nio.file.Files.newByteChannel(Unknown Source)
at java.base/java.nio.file.Files.newByteChannel(Unknown Source)
at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(Unknown Source)
at java.base/java.nio.file.Files.newInputStream(Unknown Source)
at java.base/java.nio.file.Files.newBufferedReader(Unknown Source)
at java.base/java.nio.file.Files.newBufferedReader(Unknown Source)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.getCsvFileColumnOrder(ManagementPortalSecurityConfigLoader.kt:184)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader.loadOAuthClientsFromFile(ManagementPortalSecurityConfigLoader.kt:135)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$FastClassBySpringCGLIB$$20763b66.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703)
at org.radarbase.management.config.ManagementPortalSecurityConfigLoader$$EnhancerBySpringCGLIB$$1a3c0b05.loadOAuthClientsFromFile(<generated>)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:344)
at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:229)
at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:166)
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:178)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:171)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:145)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:429)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:386)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:949)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:594)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:147)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:732)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:409)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:308)
at org.radarbase.management.ManagementPortalApp$Companion.main(ManagementPortalApp.kt:80)
at org.radarbase.management.ManagementPortalApp.main(ManagementPortalApp.kt)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59)
I also experience the following error in Kratos testing the MP locally. It relates to evaluation of the logoutUrl by MP?
We don't need logoutUrl anymore, so that has been removed.
I also see serveral other errors during MP startup:
This is fixed now, I've added a check for auth server before loading clients.