If the same value is set for both keys, the following error appears :+1:
2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 10.234.250.81; SessionId: null}]
2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
It is a predictive behaviour thanks to the configureGlobal method in WebSecurityConfig class.
However, to prevent bosh cloudstack operators from failling, an assertation must be set in order to emphasize the same principal mustn't be shared between cpi.core.user and cpi.registry.user.
If the same value is set for both keys, the following error appears :+1:
2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 10.234.250.81; SessionId: null}] 2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
It is a predictive behaviour thanks to the configureGlobal method in WebSecurityConfig class.
However, to prevent bosh cloudstack operators from failling, an assertation must be set in order to emphasize the same principal mustn't be shared between cpi.core.user and cpi.registry.user.