--
You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/26d10b72-553c-4ce3-9223-3133f6254bf3n%40googlegroups.com.
Hi Benjamin,
First, thanks for the quick response.
So, I should click on that link and cut/paste the displayed XML for client-tailored-saml-idp-metadata.xml?
I think that’s where I initially get confused, the documentation says to go to the installation tab and generate from there. Or am I missing something in my interpretation?
Thanks,
John
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/c4c313e7-72fa-4175-9271-180e8b3bc43dn%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/f216a22f-b795-41d8-bae8-0da806d64a84n%40googlegroups.com.
entityID="cbioportal"
Is it because there is no Identity Provider saved in Keycloak for cbioportal.
I set-up LDAP under User Federation.
I did not see how to add an Identity Providor for LDAP.
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
Benjamin Gross <benjami...@gmail.com>
Date: Friday, June 18, 2021 at 1:58 PM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
WARNING:
External Email - This email originated outside of Jefferson. |
The information contained in this transmission contains privileged and confidential information. It is intended only for the use of the person named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution
or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
|
Hi Banjamin,
Sorry, I’m off Mondays.
When I go to the url for cbioportaldev (http://cbioportaldev.kcc.tju.edu:8080/), I’m not getting a login page. I’m going straight to 404 – Not Found for the following url:
http://cbioportal.kcc.tju.edu:8081/saml/discovery?entityID=cbioportal&returnIDParam=idp.
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/ED47AEE8-2294-4CCA-83CB-862289E4CA90%40gmail.com.
Hi B,
Thanks for sticking with me.
Keycloak is running on http://cbioportal.kcc.tju.edu:8081.
cbioportaldev is running on http://cbioportaldev.kcc.tju.edu:8080 -> This is our development/testing version of cbioportal, which I’m testing keycloak authentication on
http://cbioportal.kcc.tju.edu:8081 takes me to the auth screen for keycloak:
http://cbioportal.kcc.tju.edu:8081/saml/metadata
returns an error
http://cbioportaldev.kcc.tju.edu:8080/saml/metadata brings up:
<?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="cbioportal" entityID="cbioportal"><md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="signing"><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:X509Data><ds:X509Certificate>MIID2TCCAsGgAwIBAgIEJowr3DANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCVVMxFTATBgNV
BAgTDFBlbm5zeWx2YW5pYTEVMBMGA1UEBxMMUGhpbGFkZWxwaGlhMSQwIgYDVQQKExtUaG9tYXMg
SmVmZmVyc29uIFVuaXZlcnNpdHkxJDAiBgNVBAsTG1NpZG5leSBLaW1tZWwgQ2FuY2VyIENlbnRl
cjETMBEGA1UEAxMKSm9obiBSZWJlcjAeFw0yMTA2MTcyMDUzMTBaFw0yMTA5MTUyMDUzMTBaMIGc
MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRUwEwYDVQQHEwxQaGlsYWRlbHBo
aWExJDAiBgNVBAoTG1Rob21hcyBKZWZmZXJzb24gVW5pdmVyc2l0eTEkMCIGA1UECxMbU2lkbmV5
IEtpbW1lbCBDYW5jZXIgQ2VudGVyMRMwEQYDVQQDEwpKb2huIFJlYmVyMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAs13KM+htKPNhWv3x2TjDCtMTAmkP509fs+XYSqvMMvST6I9X+HQY
mb83syUpDJPkg6yM6iyJg+29UfuWhH9kFvmqmcH3YGXalb6bSO1sPufYVIq7VFA1nqlD8MhZfNLa
FpUjgkd3jy84nVefeqUggi524UyGc9t87TvhGJEgZZVFyVv0RPAvVGsL0BLttV0XqdvRL0RK8MLp
e9/D9zX8E2Mh3euUasjw2LJwZVfHhsD4aOS4uxON3ZwJ1MKzfv43/J9z5xoXRLNbLlRiJzbRGm8g
S0BGncIF3RABpWZg5GfVeeZir58SKori4b2/QoTGbyRd/UhjMpESllhGtRAiSQIDAQABoyEwHzAd
BgNVHQ4EFgQUnC1FALezNT7OEG8yFXvP+0DAgQwwDQYJKoZIhvcNAQELBQADggEBAB0a6H2lASU+
3g9zp+UTzUjJJklByN8GX8E3OwEOkwZjuvMIDuvHLrc8ciq7GaoUQwPEwsq49ZP7l6Z+B+NU1IZK
n7VPS9Uw2PgM2NtTcXlks8sF9XwlYt5c8Hjuo7rPEQ8a8CVY7rDRUhF/TYQ+LUY0Q8yLblmrpy2q
WzgIFJdUnuxD/fIHAmDEppiXIrRg3nkekDJDXSeX+8U6R9yW+8sDQh2Z2bu5e5YCsQnzyY9SlzuY
l7/X/SgESWhUcSt5L2Lz0HbvfEahfHiaY2nIziJlfKqy9h39BTYBMr5O3eYZYiG+MFUdp/fPFqjJ
/KlFVmfCH49kUBXEny1+fXyOgFg=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:KeyDescriptor use="encryption"><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:X509Data><ds:X509Certificate>MIID2TCCAsGgAwIBAgIEJowr3DANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCVVMxFTATBgNV
BAgTDFBlbm5zeWx2YW5pYTEVMBMGA1UEBxMMUGhpbGFkZWxwaGlhMSQwIgYDVQQKExtUaG9tYXMg
SmVmZmVyc29uIFVuaXZlcnNpdHkxJDAiBgNVBAsTG1NpZG5leSBLaW1tZWwgQ2FuY2VyIENlbnRl
cjETMBEGA1UEAxMKSm9obiBSZWJlcjAeFw0yMTA2MTcyMDUzMTBaFw0yMTA5MTUyMDUzMTBaMIGc
MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRUwEwYDVQQHEwxQaGlsYWRlbHBo
aWExJDAiBgNVBAoTG1Rob21hcyBKZWZmZXJzb24gVW5pdmVyc2l0eTEkMCIGA1UECxMbU2lkbmV5
IEtpbW1lbCBDYW5jZXIgQ2VudGVyMRMwEQYDVQQDEwpKb2huIFJlYmVyMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAs13KM+htKPNhWv3x2TjDCtMTAmkP509fs+XYSqvMMvST6I9X+HQY
mb83syUpDJPkg6yM6iyJg+29UfuWhH9kFvmqmcH3YGXalb6bSO1sPufYVIq7VFA1nqlD8MhZfNLa
FpUjgkd3jy84nVefeqUggi524UyGc9t87TvhGJEgZZVFyVv0RPAvVGsL0BLttV0XqdvRL0RK8MLp
e9/D9zX8E2Mh3euUasjw2LJwZVfHhsD4aOS4uxON3ZwJ1MKzfv43/J9z5xoXRLNbLlRiJzbRGm8g
S0BGncIF3RABpWZg5GfVeeZir58SKori4b2/QoTGbyRd/UhjMpESllhGtRAiSQIDAQABoyEwHzAd
BgNVHQ4EFgQUnC1FALezNT7OEG8yFXvP+0DAgQwwDQYJKoZIhvcNAQELBQADggEBAB0a6H2lASU+
3g9zp+UTzUjJJklByN8GX8E3OwEOkwZjuvMIDuvHLrc8ciq7GaoUQwPEwsq49ZP7l6Z+B+NU1IZK
n7VPS9Uw2PgM2NtTcXlks8sF9XwlYt5c8Hjuo7rPEQ8a8CVY7rDRUhF/TYQ+LUY0Q8yLblmrpy2q
WzgIFJdUnuxD/fIHAmDEppiXIrRg3nkekDJDXSeX+8U6R9yW+8sDQh2Z2bu5e5YCsQnzyY9SlzuY
l7/X/SgESWhUcSt5L2Lz0HbvfEahfHiaY2nIziJlfKqy9h39BTYBMr5O3eYZYiG+MFUdp/fPFqjJ
/KlFVmfCH49kUBXEny1+fXyOgFg=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://cbioportal.kcc.tju.edu:8081/saml/SingleLogout"/><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://cbioportal.kcc.tju.edu:8081/saml/SingleLogout"/><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://cbioportal.kcc.tju.edu:8081/saml/SSO" index="0" isDefault="true"/><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://cbioportal.kcc.tju.edu:8081/saml/SSO" index="1"/></md:SPSSODescriptor></md:EntityDescriptor>
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB619172AD4572A92B2015750885099%40MN2PR05MB6191.namprd05.prod.outlook.com.
Getting better! I am now getting the Keycloak login screen, on to getting Keycloak to talk to LDAP
Thanks for all your help,
Hi Benjamin,
I have setup LDAP under User Federation
Test Connection and Test authentication both tested successfully
When using "Installation"->SAML Metadata SPSSODescriptor I get
cbioportal_container | SEVERE: Servlet.service() for servlet [jsp] in context with path [] threw exception [org.opensaml.saml2.metadata.provider.MetadataProviderException: No IDP was configured, please update included metadata with at least one IDP] with root cause
If I use data from SAML 2.0 Identity Provider Metadata from Realm page for the metadata I get
Events shows the following
-Valid Redirect URIs
(should be http://cbioportaldev.kcc.tju.edu:8080/*)
-Master SAML Processing
(should be http://cbioportaldev.kcc.tju.edu:8080/saml)
- Logout Service POST Binding URL
(should be http://cbioportaldev.kcc.tju.edu:8080/saml/logout)
Are set as below:
Portal.properties saml section:
saml.sp.metadata.entityid=cbioportal
saml.sp.metadata.wantassertionsigned=true
saml.sp.metadata.entitybaseurl=http://cbioportaldev.kcc.tju.edu:8080
saml.idp.metadata.location=classpath:/client-tailored-saml-idp-metadata.xml
saml.idp.metadata.entityid=http://cbioportal.kcc.tju.edu:8081/auth/realms/cbioportal
saml.keystore.location=classpath:/samlKeystore.jks
saml.keystore.password=XXXXXXX
saml.keystore.private-key.key=secure-key
saml.keystore.private-key.password=XXXXXXX
saml.keystore.default-key=secure-key
saml.idp.comm.binding.settings=defaultBinding
saml.idp.comm.binding.type=
saml.idp.metadata.attribute.email=email
saml.idp.metadata.attribute.role=Role
saml.logout.local=false
saml.custom.userservice.class=org.cbioportal.security.spring.authentication.saml.SAMLUserDetailsServiceImpl
saml.logout.url=/
spring_saml_metadata is attached.
Thanks again for all the pointers,
B
Hi Ben,
No problem, apparently my boss was also away 😊
So when I look at the Users listed in Keycloak, there are none. I have tried the “Synchronize changed users” and “Synchronize all users” within LDAP but receive an error:
Keycloak events show:
Auth:
Representation
{
"result": {
"ignored": false,
"added": 0,
"updated": 0,
"removed": 0,
"failed": 115839,
"status": "0 imported users, 0 updated users, 115839 users failed sync! See server log for more details"
},
"action": "triggerFullSync"
}
I look at the keycloak jboss log, there is nothing beyond the initial startup.
Is there somewhere else I should be looking for the actual error?
Thanks for getting me this far,
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
Benjamin Gross <benjami...@gmail.com>
Date: Monday, June 28, 2021 at 4:48 PM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
WARNING:
External Email - This email originated outside of Jefferson. |
HI John,
Hi Ben,
A step closer.
By turning on “Always Read Value From LDAP” in LDAP Mappers username, I was able to populate Users in Keycloak.
I am now able to login (also tested with wrong password and login failed), but not seeing any studies. Now getting “There are no studies matching your filter”, which I’m guessing is something with my groups setting.
Thanks again for getting me this far,
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB61915FA4018E100E8346B36985029%40MN2PR05MB6191.namprd05.prod.outlook.com.
Hi Ben,
With authentication set to false, I can see the studies and select them and cbioportal acts as expected.
With saml enabled:
When I select a study I get the “Oops. There was an error retrieving data.”:
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Root Cause</b></p><pre>org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:170)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:112)\n\torg.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)\n\torg.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)\n\torg.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)\n\torg.springframework.web.client.RestTemplate.execute(RestTemplate.java:674)\n\torg.springframework.web.client.RestTemplate.exchange(RestTemplate.java:612)\n\torg.cbioportal.web.SessionServiceController.fetchCustomProperties(SessionServiceController.java:472)\n\torg.cbioportal.web.SessionServiceController$$FastClassBySpringCGLIB$$6b4f2f08.invoke(<generated>)\n\torg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:95)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)\n\torg.cbioportal.web.SessionServiceController$$EnhancerBySpringCGLIB$$2076c637.fetchCustomProperties(<generated>)\n\tjava.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)\n\tjava.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/java.lang.reflect.Method.invoke(Unknown Source)\n\torg.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)\n\torg.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)\n\torg.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)\n\torg.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\n\torg.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)\n\torg.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.61</h3></body></html>","statusText":"","statusCode":500,"status":500,"statusType":5,"info":false,"ok":false,"redirect":false,"clientError":false,"serverError":true,"error":{"status":500,"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch"},"created":false,"accepted":false,"noContent":false,"badRequest":false,"unauthorized":false,"notAcceptable":false,"forbidden":false,"notFound":false,"unprocessableEntity":false,"headers":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 29 Jun 2021 14:51:28 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"Identity","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"header":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 29 Jun 2021 14:51:28 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"Identity","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"type":"text/html","charset":"utf-8","links":{},"body":null,"url":"http://cbioportaldev.kcc.tju.edu:8080/study/summary?id=jefferson_fmi_research_pmi"}
Also in the logging from docker-compose up is an error about Bas Request:
cbioportal_container | INFO: Error parsing HTTP request header
cbioportal_container | Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
cbioportal_container | java.lang.IllegalArgumentException: Invalid character found in method name [0x160x030x010x020x000x010x000x010xfc0x030x03!0xfa*F0xa2ft0xb60x8ftI0xd7]. HTTP method names must be tokens
cbioportal_container | at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:431)
cbioportal_container | at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:503)
cbioportal_container | at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
cbioportal_container | at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
cbioportal_container | at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1634)
cbioportal_container | at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
cbioportal_container | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
cbioportal_container | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
cbioportal_container | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
cbioportal_container | at java.base/java.lang.Thread.run(Unknown Source)
cbioportal_container |
cbioportal_container | Jun 30, 2021 12:42:01 PM org.apache.catalina.core.StandardWrapperValve invoke
cbioportal_container | SEVERE: Servlet.service() for servlet [api] in context with path [] threw exception [Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625056920827,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]] with root cause
cbioportal_container | org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625056920827,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]
cbioportal_container | at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)
cbioportal_container | at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:170)
cbioportal_container | at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:112)
cbioportal_container | at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)
cbioportal_container | at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)
cbioportal_container | at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)
cbioportal_container | at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:674)
cbioportal_container | at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:612)
cbioportal_container | at org.cbioportal.web.SessionServiceController.fetchCustomProperties(SessionServiceController.java:472)
cbioportal_container | at org.cbioportal.web.SessionServiceController$$FastClassBySpringCGLIB$$6b4f2f08.invoke(<generated>)
cbioportal_container | at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771)
cbioportal_container | at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)
cbioportal_container | at org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)
cbioportal_container | at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)
cbioportal_container | at org.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)
cbioportal_container | at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)
cbioportal_container | at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:95)
cbioportal_container | at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)
cbioportal_container | at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)
cbioportal_container | at org.cbioportal.web.SessionServiceController$$EnhancerBySpringCGLIB$$279490a2.fetchCustomProperties(<generated>)
cbioportal_container | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
cbioportal_container | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
cbioportal_container | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
cbioportal_container | at java.base/java.lang.reflect.Method.invoke(Unknown Source)
cbioportal_container | at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
cbioportal_container | at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
cbioportal_container | at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)
cbioportal_container | at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)
cbioportal_container | at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)
cbioportal_container | at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
cbioportal_container | at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
cbioportal_container | at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
cbioportal_container | at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
cbioportal_container | at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
cbioportal_container | at javax.servlet.http.HttpServlet.service(HttpServlet.java:652)
cbioportal_container | at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
cbioportal_container | at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
cbioportal_container | at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
cbioportal_container | at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
cbioportal_container | at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
cbioportal_container | at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
cbioportal_container | at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
cbioportal_container | at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
cbioportal_container | at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
cbioportal_container | at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
cbioportal_container | at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
cbioportal_container | at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at com.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)
cbioportal_container | at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)
cbioportal_container | at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
cbioportal_container | at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
cbioportal_container | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
cbioportal_container | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
cbioportal_container | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
cbioportal_container | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
cbioportal_container | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
cbioportal_container | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
cbioportal_container | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
cbioportal_container | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
cbioportal_container | at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616)
cbioportal_container | at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
cbioportal_container | at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
cbioportal_container | at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1634)
cbioportal_container | at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
cbioportal_container | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
cbioportal_container | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
cbioportal_container | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
cbioportal_container | at java.base/java.lang.Thread.run(Unknown Source)
cbioportal_container |
cbioportal_container | WARNING: An illegal reflective access operation has occurred
cbioportal_container | WARNING: Illegal reflective access by org.apache.ibatis.ognl.AccessibleObjectHandlerPreJDK9 (file:/cbioportal-webapp/WEB-INF/lib/mybatis-3.5.6.jar) to method java.util.stream.ReferencePipeline.distinct()
cbioportal_container | WARNING: Please consider reporting this to the maintainers of org.apache.ibatis.ognl.AccessibleObjectHandlerPreJDK9
cbioportal_container | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
cbioportal_container | WARNING: All illegal access operations will be denied in a future release
Attached is SAML-tracer.
Went through all the steps in Authenticating Users via SAML, except OpenID steps at the end. Is OpenID required to be active? Is there documentation on the necessary keycloak mappers?
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
Benjamin Gross <benjami...@gmail.com>
Date: Tuesday, June 29, 2021 at 9:57 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
Great news.
Ok, no studies matching your filter could indicate one of two things -
1) authorities are not properly getting to the cbioportal website - check that the keycloak mappers are properly configured.
2) authorities are getting to the cbioportal website, but the study in question did not get importer into the database property. If you turn off authentication in portal.properties, can you get to the study when visiting the website?
For 1), you can install a saml plugin into your browser and see what saml package (email/role), is delivered from keycloak back to the browser or turnoff the security library logging on the backend of cBioPortal. You can find more information about this here:
Let me know how it goes.
B
On Jun 29, 2021, at 9:45 AM, John Reber <John....@jefferson.edu> wrote:
Hi Ben,
A step closer.
By turning on “Always Read Value From LDAP” in LDAP Mappers username, I was able to populate Users in Keycloak.
I am now able to login (also tested with wrong password and login failed), but not seeing any studies. Now getting “There are no studies matching your filter”, which I’m guessing is something with my groups setting.
Thanks again for getting me this far,
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
On Jun 30, 2021, at 8:45 AM, John Reber <John....@jefferson.edu> wrote:
Hi Ben,
Hi Benjamin,
Sorry, still at a loss with Keycloak.
As far as I can tell, the mappers are set-up correctly.
I created a new KC on the same server just to eliminate any network issues.
I can login and see the studies I’m authorized to see.
As soon as I select a study SAML tracer seems to point to this as the error:
POST http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch HTTP/1.1
Host: cbioportaldev.kcc.tju.edu:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:89.0) Gecko/20100101 Firefox/89.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cbioportaldev.kcc.tju.edu:8080/study?id=jefferson_fmi_research_pmi
Content-Type: application/json
Content-Length: 30
Origin: http://cbioportaldev.kcc.tju.edu:8080 Connection: keep-alive
Cookie: JSESSIONID=31424202A2D7E4048EA7F0479F785339
HTTP/1.1 500
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: total-count,sample-count
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0 vary: accept-encoding
Content-Encoding: gzip Content-Type: text/html;charset=utf-8
Content-Language: en
Transfer-Encoding: chunked
Date: Tue, 06 Jul 2021 14:41:36 GMT
Connection: close
This is what cBioportal displays:
Oops. There was an error retrieving data.
Please contact us at cbioportal at googlegroups dot com.
Copy-paste the error log below and provide a click-by-click description of how you arrived at the error.
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Root Cause</b></p><pre>org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:170)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:112)\n\torg.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)\n\torg.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)\n\torg.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)\n\torg.springframework.web.client.RestTemplate.execute(RestTemplate.java:674)\n\torg.springframework.web.client.RestTemplate.exchange(RestTemplate.java:612)\n\torg.cbioportal.web.SessionServiceController.fetchCustomProperties(SessionServiceController.java:472)\n\torg.cbioportal.web.SessionServiceController$$FastClassBySpringCGLIB$$6b4f2f08.invoke(<generated>)\n\torg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:95)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)\n\torg.cbioportal.web.SessionServiceController$$EnhancerBySpringCGLIB$$e06d5aa6.fetchCustomProperties(<generated>)\n\tjdk.internal.reflect.GeneratedMethodAccessor319.invoke(Unknown Source)\n\tjava.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/java.lang.reflect.Method.invoke(Unknown Source)\n\torg.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)\n\torg.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)\n\torg.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)\n\torg.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\n\torg.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)\n\torg.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.61</h3></body></html>","statusText":"","statusCode":500,"status":500,"statusType":5,"info":false,"ok":false,"redirect":false,"clientError":false,"serverError":true,"error":{"status":500,"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch"},"created":false,"accepted":false,"noContent":false,"badRequest":false,"unauthorized":false,"notAcceptable":false,"forbidden":false,"notFound":false,"unprocessableEntity":false,"headers":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 06 Jul 2021 14:41:36 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"chunked","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"header":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 06 Jul 2021 14:41:36 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"chunked","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"type":"text/html","charset":"utf-8","links":{},"body":null,"url":"http://cbioportaldev.kcc.tju.edu:8080/study/summary?id=jefferson_fmi_research_pmi"}
Do I need a specific version of Keycloak?
Does ssh need to be running on either/both KC and the portal?
Is straight LDAP authentication going away in the near future?
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
Benjamin Gross <benjami...@gmail.com>
Date: Wednesday, June 30, 2021 at 9:57 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
WARNING:
External Email - This email originated outside of Jefferson. |
This message is a little misleading. I think the issue is probably permissions. I would double-check that you’ve properly assigned the role to the user and that the role list mapper is configured:
I think the SAML - browser plugin could be helpful here - it will show you the saml package being delivered from KC to the browser (which will indicate if anything is missing like email or roles).
I would confirm this first…and you don’t need any OpenID setup.
B
On Jun 30, 2021, at 8:45 AM, John Reber <John....@jefferson.edu> wrote:
Hi Ben,
With authentication set to false, I can see the studies and select them and cbioportal acts as expected.
With saml enabled:
When I select a study I get the “Oops. There was an error retrieving data.”:
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Root Cause</b></p><pre>org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1624978288478,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:170)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:112)\n\torg.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)\n\torg.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)\n\torg.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)\n\torg.springframework.web.client.RestTemplate.execute(RestTemplate.java:674)\n\torg.springframework.web.client.RestTemplate.exchange(RestTemplate.java:612)\n\torg.cbioportal.web.SessionServiceController.fetchCustomProperties(SessionServiceController.java:472)\n\torg.cbioportal.web.SessionServiceController$$FastClassBySpringCGLIB$$6b4f2f08.invoke(<generated>)\n\torg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:95)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)\n\torg.cbioportal.web.SessionServiceController$$EnhancerBySpringCGLIB$$2076c637.fetchCustomProperties(<generated>)\n\tjava.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)\n\tjava.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/java.lang.reflect.Method.invoke(Unknown Source)\n\torg.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)\n\torg.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)\n\torg.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)\n\torg.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\n\torg.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)\n\torg.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.61</h3></body></html>","statusText":"","statusCode":500,"status":500,"statusType":5,"info":false,"ok":false,"redirect":false,"clientError":false,"serverError":true,"error":{"status":500,"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch"},"created":false,"accepted":false,"noContent":false,"badRequest":false,"unauthorized":false,"notAcceptable":false,"forbidden":false,"notFound":false,"unprocessableEntity":false,"headers":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 29 Jun 2021 14:51:28 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"Identity","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"header":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 29 Jun 2021 14:51:28 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"Identity","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"type":"text/html","charset":"utf-8","links":{},"body":null,"url":"http://cbioportaldev.kcc.tju.edu:8080/study/summary?id=jefferson_fmi_research_pmi"}
Also in the logging from docker-compose up is an error about Bad Request:
From: Benjamin Gross <benjami...@gmail.com>
Date: Tuesday, June 29, 2021 at 9:57 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionGreat news.
Ok, no studies matching your filter could indicate one of two things -
1) authorities are not properly getting to the cbioportal website - check that the keycloak mappers are properly configured.
2) authorities are getting to the cbioportal website, but the study in question did not get importer into the database property. If you turn off authentication in portal.properties, can you get to the study when visiting the website?
For 1), you can install a saml plugin into your browser and see what saml package (email/role), is delivered from keycloak back to the browser or turnoff the security library logging on the backend of cBioPortal. You can find more information about this here:
Let me know how it goes.
B
On Jun 29, 2021, at 9:45 AM, John Reber <John....@jefferson.edu> wrote:
Hi Ben,
A step closer.
By turning on “Always Read Value From LDAP” in LDAP Mappers username, I was able to populate Users in Keycloak.
I am now able to login (also tested with wrong password and login failed), but not seeing any studies. Now getting “There are no studies matching your filter”, which I’m guessing is something with my groups setting.
Thanks again for getting me this far,
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From: Benjamin Gross <benjami...@gmail.com>
Date: Wednesday, June 23, 2021 at 9:09 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionGreat news. I think I mentioned that you find that via the User Federation tab. Good luck!
B
On Jun 23, 2021, at 8:51 AM, John Reber <John....@jefferson.edu> wrote:
Getting better! I am now getting the Keycloak login screen, on to getting Keycloak to talk to LDAP
Thanks for all your help,
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From: cbiop...@googlegroups.com <cbiop...@googlegroups.com> on behalf of Benjamin Gross <benjami...@gmail.com>
Date: Friday, June 18, 2021 at 5:21 PM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionKeycloak is the identity provider until you setup another means, but you should still be able to get to a login page in Keycloak and just fail authentication until you setup LDAP (which you do through the User Federation tab on left margin).
I may have misunderstood your prior email. Are you ever getting to Keycloak (or a login page in Keycloak) and Keycloak is generating the 404 or is the cBioPortal generating the 404?
On Jun 18, 2021, at 2:16 PM, John Reber <John....@jefferson.edu> wrote:
entityID="cbioportal"
Is it because there is no Identity Provider saved in Keycloak for cbioportal.
I set-up LDAP under User Federation.
I did not see how to add an Identity Providor for LDAP.
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
<saml:Attribute FriendlyName="givenName" Name="urn:oid:2.5.4.42"
<saml:Attribute FriendlyName="email" Name="email"Thanks for hani
I’m seeing multiple attributes with the name “Role”:
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">uma_authorization</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">jefferson_fmi_research_pmi</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">manage-account</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">offline_access</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">default-roles-cbioportal</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">view-profile</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">jefferson_fmi_xml</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">manage-account-
Full output attached.
Thanks for hangin in there,
From within cbioportal, yes. I see it start up with docker-compose up. Or is this something I needed within the KC images? Below is my docker-compose.yml file:
version: '3'
services:
cbioportal:
restart: unless-stopped
image: ${DOCKER_IMAGE_CBIOPORTAL:-cbioportal/cbioportal}
container_name: cbioportal_container
environment:
SHOW_DEBUG_INFO: "true"
ports:
- "8080:8080"
volumes:
- ./study:/study/
- ./config/portal.properties:/cbioportal/portal.properties:ro
- ./config/client-tailored-saml-idp-metadata.xml:/cbioportal-webapp/WEB-INF/classes/client-tailored-saml-idp-metadata.xml
- ./config/samlKeystore.jks:/cbioportal-webapp/WEB-INF/classes/samlKeystore.jks
depends_on:
- cbioportal_database
- cbioportal_session
networks:
- cbio-net
command: /bin/sh -c "java -Xms32g -Xmx32g -Dauthenticate=saml -Dsession.service.url=http://cbioportal_session:5000/api/sessions/my_portal/ -jar webapp-runner.jar -AmaxHttpHeaderSize=16384 -AconnectionTimeout=20000 --enable-compression /cbioportal-webapp"
cbioportal_database:
restart: unless-stopped
image: mysql:5.7
container_name: cbioportal_database_container
environment:
MYSQL_DATABASE: cbioportal
MYSQL_USER: cbio_user
MYSQL_PASSWORD: XXXX
MYSQL_ROOT_PASSWORD: XXXX
ports:
- "3306:3306"
volumes:
- ./data/cgds.sql:/docker-entrypoint-initdb.d/cgds.sql:ro
- ./data/seed.sql.gz:/docker-entrypoint-initdb.d/seed.sql.gz:ro
- cbioportal_mysql_data:/var/lib/mysql
networks:
- cbio-net
cbioportal_session:
restart: unless-stopped
image: cbioportal/session-service:0.2.0
container_name: cbioportal_session_container
environment:
SERVER_PORT: 5000
JAVA_OPTS: -Dspring.data.mongodb.uri=mongodb://cbioportal_session_database:27017/session-service
depends_on:
- cbioportal_session_database
networks:
- cbio-net
cbioportal_session_database:
restart: unless-stopped
image: mongo:3.7.9
container_name: cbioportal_session_database_container
environment:
MONGO_INITDB_DATABASE: session_service
volumes:
- cbioportal_mongo_data:/data/db
networks:
- cbio-net
networks:
cbio-net:
volumes:
cbioportal_mysql_data:
cbioportal_mongo_data:
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
Benjamin Gross <benjami...@gmail.com>
Date: Tuesday, July 6, 2021 at 12:05 PM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
WARNING:
External Email - This email originated outside of Jefferson. |
Do you have a session service setup?
Oops. There was an error retrieving data.
Please contact us at cbioportal at googlegroups dot com.
Copy-paste the error log below and provide a click-by-click description of how you arrived at the error.
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Root Cause</b></p><pre>org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\n\torg.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:170)\n\torg.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:112)\n\torg.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)\n\torg.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)\n\torg.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)\n\torg.springframework.web.client.RestTemplate.execute(RestTemplate.java:674)\n\torg.springframework.web.client.RestTemplate.exchange(RestTemplate.java:612)\n\torg.cbioportal.web.SessionServiceController.fetchCustomProperties(SessionServiceController.java:472)\n\torg.cbioportal.web.SessionServiceController$$FastClassBySpringCGLIB$$6b4f2f08.invoke(<generated>)\n\torg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:47)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:95)\n\torg.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)\n\torg.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749)\n\torg.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)\n\torg.cbioportal.web.SessionServiceController$$EnhancerBySpringCGLIB$$e06d5aa6.fetchCustomProperties(<generated>)\n\tjdk.internal.reflect.GeneratedMethodAccessor319.invoke(Unknown Source)\n\tjava.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)\n\tjava.base/java.lang.reflect.Method.invoke(Unknown Source)\n\torg.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)\n\torg.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)\n\torg.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)\n\torg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)\n\torg.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\n\torg.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)\n\torg.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)\n\torg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\n\torg.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:652)\n\torg.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\n\tjavax.servlet.http.HttpServlet.service(HttpServlet.java:733)\n\torg.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\n\torg.mskcc.cbio.portal.util.XssFilter.doFilter(XssFilter.java:65)\n\torg.cbioportal.web.util.ResettableHttpServletRequestFilter.doFilter(ResettableHttpServletRequestFilter.java:29)\n\torg.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)\n\torg.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)\n\torg.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)\n\torg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)\n\torg.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)\n\torg.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)\n\torg.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n\tcom.vlkan.hrrs.servlet.HrrsFilter.doFilter(HrrsFilter.java:85)\n\torg.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:364)\n\torg.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)\n\torg.mskcc.cbio.portal.util.RequestBodyGZipFilter.doFilter(RequestBodyGZipFilter.java:72)\n\torg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)\n\torg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.61</h3></body></html>","statusText":"","statusCode":500,"status":500,"statusType":5,"info":false,"ok":false,"redirect":false,"clientError":false,"serverError":true,"error":{"status":500,"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch"},"created":false,"accepted":false,"noContent":false,"badRequest":false,"unauthorized":false,"notAcceptable":false,"forbidden":false,"notFound":false,"unprocessableEntity":false,"headers":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 06 Jul 2021 14:41:36 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"chunked","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"header":{"access-control-allow-origin":"*","access-control-expose-headers":"total-count,sample-count","cache-control":"no-cache, no-store, max-age=0, must-revalidate","connection":"close","content-encoding":"gzip","content-language":"en","content-type":"text/html;charset=utf-8","date":"Tue, 06 Jul 2021 14:41:36 GMT","expires":"0","pragma":"no-cache","transfer-encoding":"chunked","vary":"accept-encoding","x-content-type-options":"nosniff","x-frame-options":"DENY","x-xss-protection":"1; mode=block"},"type":"text/html","charset":"utf-8","links":{},"body":null,"url":"http://cbioportaldev.kcc.tju.edu:8080/study/summary?id=jefferson_fmi_research_pmi"}
Do I need a specific version of Keycloak?
Does ssh need to be running on either/both KC and the portal?
Is straight LDAP authentication going away in the near future?
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From: Benjamin Gross <benjami...@gmail.com>
Date: Tuesday, June 29, 2021 at 9:57 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionGreat news.
Ok, no studies matching your filter could indicate one of two things -
1) authorities are not properly getting to the cbioportal website - check that the keycloak mappers are properly configured.
2) authorities are getting to the cbioportal website, but the study in question did not get importer into the database property. If you turn off authentication in portal.properties, can you get to the study when visiting the website?
For 1), you can install a saml plugin into your browser and see what saml package (email/role), is delivered from keycloak back to the browser or turnoff the security library logging on the backend of cBioPortal. You can find more information about this here:
Let me know how it goes.
B
On Jun 29, 2021, at 9:45 AM, John Reber <John....@jefferson.edu> wrote:
Hi Ben,
A step closer.
By turning on “Always Read Value From LDAP” in LDAP Mappers username, I was able to populate Users in Keycloak.
I am now able to login (also tested with wrong password and login failed), but not seeing any studies. Now getting “There are no studies matching your filter”, which I’m guessing is something with my groups setting.
Thanks again for getting me this far,
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From: Benjamin Gross <benjami...@gmail.com>
Date: Wednesday, June 23, 2021 at 9:09 AM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionGreat news. I think I mentioned that you find that via the User Federation tab. Good luck!
B
On Jun 23, 2021, at 8:51 AM, John Reber <John....@jefferson.edu> wrote:
Getting better! I am now getting the Keycloak login screen, on to getting Keycloak to talk to LDAP
Thanks for all your help,
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From: cbiop...@googlegroups.com <cbiop...@googlegroups.com> on behalf of Benjamin Gross <benjami...@gmail.com>
Date: Friday, June 18, 2021 at 5:21 PM
To: John Reber <John....@jefferson.edu>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an optionKeycloak is the identity provider until you setup another means, but you should still be able to get to a login page in Keycloak and just fail authentication until you setup LDAP (which you do through the User Federation tab on left margin).
I may have misunderstood your prior email. Are you ever getting to Keycloak (or a login page in Keycloak) and Keycloak is generating the 404 or is the cBioPortal generating the 404?
On Jun 18, 2021, at 2:16 PM, John Reber <John....@jefferson.edu> wrote:
entityID="cbioportal"
Is it because there is no Identity Provider saved in Keycloak for cbioportal.
I set-up LDAP under User Federation.
I did not see how to add an Identity Providor for LDAP.
John
------
John Reber
Systems Development ManagerPhiladelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB6191C68DB316B41C096C175A851B9%40MN2PR05MB6191.namprd05.prod.outlook.com.
Hi B,
FYI:
If I select a study by checking the study in the check box, then use Query By Gene and select genes those genes in the study load into OncoPrint.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB6191871E1C0808079B06277E851B9%40MN2PR05MB6191.namprd05.prod.outlook.com.
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB6191903AA269D538FFC5617B851A9%40MN2PR05MB6191.namprd05.prod.outlook.com.
If I turn off authentication or switch to straight LDAP I don’t have any issues, so I don’t see where they would be out of sync.
In my docker-compose.yml file the cbioportal_session does specify a specific version, while cbioportal container does not:
image: ${DOCKER_IMAGE_CBIOPORTAL:-cbioportal/cbioportal}
image: cbioportal/session-service:0.2.0
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
From:
cbiop...@googlegroups.com <cbiop...@googlegroups.com> on behalf of Benjamin Gross <benjami...@gmail.com>
Date: Wednesday, July 7, 2021 at 11:25 AM
To: John Reber <John....@jefferson.edu>, de Bruijn, Ino/Sloan Kettering Institute <debr...@mskcc.org>
Cc: cBioPortal for Cancer Genomics Discussion Group <cbiop...@googlegroups.com>
Subject: Re: [cbioportal] Keycloak / SAML IDPSSODescriptor missing as an option
Hi John,
I asked about the session service because after looking more closely at the last error log, it looked like a call to the session service was returning an error (the call is made when the Query Page/Tab is loaded) and it was not an issue with KC.
Ino, did we have any issues recently with the cBioPortal being out of sync with the session service? I ask because this error snippet implies the cBioPortal is sending a bad request to the session service.
Thanks,
-B
{"req":{"method":"POST","url":"http://cbioportaldev.kcc.tju.edu:8080/api/session/custom_data/fetch","data":["jefferson_fmi_research_pmi"],"headers":{"content-type":"application/json"}},"xhr":{},"text":"<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 – Internal Server Error</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: [{"timestamp":1625582496505,"status":400,"error":"Bad Request","exception":"org.springframework.web.method.annotation.MethodArgumentTypeMismatchException","message":"valid types are: main_session, virtual_study, group, comparison_session, settings","path":"/api/sessions/my_portal/custom_data/query/fetch"}]\
On Jul 7, 2021, at 9:32 AM, John Reber <John....@jefferson.edu> wrote:
Hi B,
FYI:
If I select a study by checking the study in the check box, then use Query By Gene and select genes those genes in the study load into OncoPrint.
John
------
John Reber
Systems Development Manager
Philadelphia, PA 19107
T 215-503-4174
John....@jefferson.edu
KimmelCancerCenter.org
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/4D2B6B6A-C2B9-497C-89B0-0B3F52E6922A%40gmail.com.
Hi Ben,
I’m off Mondays throughout the summer, but anytime Tuesday my schedule is open.
Thanks again,
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/MN2PR05MB61917BC2BEA6BB3A198B24D8851A9%40MN2PR05MB6191.namprd05.prod.outlook.com.
Yes, that was the fix.
Thanks for all your help resolving this,