[ https://issues.apache.org/jira/browse/NIFI-13003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17834365#comment-17834365 ]
Igor Milavec edited comment on NIFI-13003 at 4/5/24 3:12 PM: ------------------------------------------------------------- I understand and agree, but there should be some retry mechanism or (better) on demand loading so that such (transient) errors do not cause NiFi service not to start. And debatably, logging on users is not the primary function of NiFi. :) was (Author: JIRAUSER302515): I understand and agree, but there should be some retry mechanism or (better) on demand loading so that such (transient) errors do not cause NiFi service not to start. > Service does not start if OIDC Metadata URL is unavailable > ---------------------------------------------------------- > > Key: NIFI-13003 > URL: https://issues.apache.org/jira/browse/NIFI-13003 > Project: Apache NiFi > Issue Type: Bug > Components: Configuration > Affects Versions: 1.23.2 > Environment: Ubuntu 20.04 LTS, OpenJDK 17 > Reporter: Igor Milavec > Priority: Major > > The NiFi service fails to start if it cannot retrieve the OpenID Connect > metadata. > The exception is: > > {code:java} > Context initialization > failedorg.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name > 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': > Unsatisfied dependency expressed through method 'setFilterChains' parameter > 0; nested exception is > org.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name 'securityFilterChain' defined in > org.apache.nifi.web.security.configuration.WebSecurityConfiguration: > Unsatisfied dependency expressed through method 'securityFilterChain' > parameter 7; nested exception is > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'oAuth2LoginAuthenticationFilter' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter]: > Factory method 'oAuth2LoginAuthenticationFilter' threw exception; nested > exception is org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'clientRegistrationRepository' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.resolveMethodArguments(AutowiredAnnotationBeanPostProcessor.java:774) > at > org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:727) > at > org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:119) > at > org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessProperties(AutowiredAnnotationBeanPostProcessor.java:399) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1431) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:619) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) > at > org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955) > at > org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:921) > at > org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583) > at > org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:399) > at > org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:278) > at > org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:103) > at > org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:1073) > at > org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:572) > at > org.eclipse.jetty.server.handler.ContextHandler.contextInitialized(ContextHandler.java:1002) > at > org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:765) > at > org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:379) > at > org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1449) > at > org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1414) > at > org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:916) > at > org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:288) > at > org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:524) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > at > org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:97) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110) > at > org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:97) > at > org.eclipse.jetty.server.handler.gzip.GzipHandler.doStart(GzipHandler.java:426) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > at > org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:97) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > at > org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:97) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at org.eclipse.jetty.server.Server.start(Server.java:423) at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110) > at > org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:97) > at org.eclipse.jetty.server.Server.doStart(Server.java:387) at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73) > at org.apache.nifi.web.server.JettyServer.start(JettyServer.java:818) at > org.apache.nifi.NiFi.<init>(NiFi.java:172) at > org.apache.nifi.NiFi.<init>(NiFi.java:83) at > org.apache.nifi.NiFi.main(NiFi.java:332)Caused by: > org.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name 'securityFilterChain' defined in > org.apache.nifi.web.security.configuration.WebSecurityConfiguration: > Unsatisfied dependency expressed through method 'securityFilterChain' > parameter 7; nested exception is > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'oAuth2LoginAuthenticationFilter' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter]: > Factory method 'oAuth2LoginAuthenticationFilter' threw exception; nested > exception is org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'clientRegistrationRepository' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800) > at > org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:541) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) > at > org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) > at > org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.addCandidateEntry(DefaultListableBeanFactory.java:1609) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:1573) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveMultipleBeans(DefaultListableBeanFactory.java:1462) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1349) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311) > at > org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.resolveMethodArguments(AutowiredAnnotationBeanPostProcessor.java:766) > ... 54 common frames omittedCaused by: > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'oAuth2LoginAuthenticationFilter' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter]: > Factory method 'oAuth2LoginAuthenticationFilter' threw exception; nested > exception is org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'clientRegistrationRepository' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658) > at > org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:638) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) > at > org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) > at > org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311) > at > org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887) > at > org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791) > ... 70 common frames omittedCaused by: > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter]: > Factory method 'oAuth2LoginAuthenticationFilter' threw exception; nested > exception is org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'clientRegistrationRepository' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) > at > org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) > ... 84 common frames omittedCaused by: > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'clientRegistrationRepository' defined in > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration: Bean > instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658) > at > org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:486) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) > at > org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) > at > org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.resolveBeanReference(ConfigurationClassEnhancer.java:362) > at > org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:334) > at > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration$$EnhancerBySpringCGLIB$$69945018.clientRegistrationRepository(<generated>) > at > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration.oAuth2LoginAuthenticationFilter(OidcSecurityConfiguration.java:200) > at > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration$$EnhancerBySpringCGLIB$$69945018.CGLIB$oAuth2LoginAuthenticationFilter$0(<generated>) > at > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration$$EnhancerBySpringCGLIB$$69945018$$FastClassBySpringCGLIB$$42f6cd8e.invoke(<generated>) > at > org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) > at > org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) > at > org.apache.nifi.web.security.configuration.OidcSecurityConfiguration$$EnhancerBySpringCGLIB$$69945018.oAuth2LoginAuthenticationFilter(<generated>) > at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) at > java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) > at > java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base/java.lang.reflect.Method.invoke(Method.java:568) at > org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) > ... 85 common frames omittedCaused by: > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.springframework.security.oauth2.client.registration.ClientRegistrationRepository]: > Factory method 'clientRegistrationRepository' threw exception; nested > exception is org.apache.nifi.web.security.oidc.OidcConfigurationException: > OpenID Connect Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed at > org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) > at > org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) > ... 108 common frames omittedCaused by: > org.apache.nifi.web.security.oidc.OidcConfigurationException: OpenID Connect > Metadata URL > [https://login.microsoftonline.com/REDACTED/.well-known/openid-configuration] > retrieval failed{code} > > -- This message was sent by Atlassian Jira (v8.20.10#820010)