poblin-orange
commented
7 years ago will add the assertion for clean error message @ cpi startup time
Closed f-guichard closed 7 years ago
poblin-orange
commented
7 years ago will add the assertion for clean error message @ cpi startup time
If the same value is set for both keys, the following error appears :+1:
2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 10.234.250.81; SessionId: null}] 2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
It is a predictive behaviour thanks to the configureGlobal method in WebSecurityConfig class.
However, to prevent bosh cloudstack operators from failling, an assertation must be set in order to emphasize the same principal mustn't be shared between cpi.core.user and cpi.registry.user.