Affects: latest - multiple dockerhub images randomly tested back to 3.4.2

When running the docker images: docker run -t -p 8080:8080 -v logs:/hygieia/logs -e "SPRING_DATA_MONGODB_HOST=192.168.254.2" -e "SPRING_DATA_MONGODB_PORT=27017" -e "SPRING_DATA_MONGODB_DATABASE=dashboarddb" -e "SPRING_DATA_MONGODB_USERNAME=dashboarduser" -e "SPRING_DATA_MONGODB_PASSWORD=dbpassword" -i hygieiadoc/api

Receive the error: "no main manifest attribute, in api-javadoc.jar"

Building the application from source and the docker image using the Dockerfile found in the repo, and the image runs correctly. In locally built image there is no api-javadoc.jar nor api-sources.jar both of which are in the Dockerhub images

Possible Solutions:

• Remove extra jars from docker image
• Modify Dockerfile "CMD" to only run the expected api.jar instead of *.jar

Hopefully this helps the next person because there's issues with the docs..
From http://hygieia.github.io/Hygieia/api.html,

• -v ./mongo:/data/db won't work because you must first create a mongo dir and set -v $PWD/mongo:/data/db instead of -v ./mongo:/data/db (can't use relative paths)

• after exec'ing into the container docker exec -t -i mongodb bash , you must run mongo before use dashboarddb

• Step 3, which asks you to set Env. Variables, mounting logs file has the same issue as the first point with relative volume paths

I'm unable to get past Step 3 .. Getting timeout issues with mongo and other dep issues

Please let me know how I can fix this, thanks.
I'm using the master branch.

CVE-2020-25649 - High Severity Vulnerability

Vulnerable Library - jackson-databind-2.10.3.jar

General data-binding functionality for Jackson: works on core streaming API

Library home page: http://github.com/FasterXML/jackson

Path to dependency file: api/pom.xml

Path to vulnerable library: canner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.3/jackson-databind-2.10.3.jar

Dependency Hierarchy:

• ❌ jackson-databind-2.10.3.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

Publish Date: 2020-12-03

URL: CVE-2020-25649

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: FasterXML/jackson-databind#2589

Release Date: 2020-12-03

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.6.7.4,2.9.10.7,2.10.5.1,2.11.0.rc1

Step up your Open Source Security Game with WhiteSource here

WS-2021-0461 - Medium Severity Vulnerability

Vulnerable Library - springfox-swagger-ui-2.4.0.jar

JSON API documentation for spring based applications

Library home page: https://github.com/springfox/springfox

Path to dependency file: /pom.xml

Path to vulnerable library: /er/.m2/repository/io/springfox/springfox-swagger-ui/2.4.0/springfox-swagger-ui-2.4.0.jar

Dependency Hierarchy:

• ❌ springfox-swagger-ui-2.4.0.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users often want to see what their OpenAPI definitions would look like rendered.

However, this functionality may pose a risk for users who host their own SwaggerUI instances. In particular, including remote OpenAPI definitions opens a vector for phishing attacks by abusing the trusted names/domains of self-hosted instances.

Resolution:
We've made the decision to disable query parameters (#4872) by default starting with SwaggerUI version 4.1.3. Please update to this version when it becomes available (ETA: 2021 December). Users will still be able to be re-enable the options at their discretion. We'll continue to enable query parameters on the Swagger demo sites.

Publish Date: 2021-12-09

URL: WS-2021-0461

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-qrmm-w75w-3wpx

Release Date: 2021-12-09

Fix Resolution: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3

Step up your Open Source Security Game with Mend here

Swagger UI is showing controllers till
generic-collector-item-controller after that no controllers are visible .

CVE-2021-29425 - Medium Severity Vulnerability

Vulnerable Library - commons-io-2.4.jar

The Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Library home page: http://commons.apache.org/io/

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-io/commons-io/2.4/commons-io-2.4.jar

Dependency Hierarchy:

• core-3.15.0.jar (Root Library)
  • ❌ commons-io-2.4.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.

Publish Date: 2021-04-13

URL: CVE-2021-29425

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425

Release Date: 2021-04-13

Fix Resolution: commons-io:commons-io:2.7

Step up your Open Source Security Game with WhiteSource here

I've encountered some product dashboard slow response times. It takes up to 3 minutes to load the product dashboard from a single client. This maxes out the hygieia api container CPU while it is loading the product dashboard. I traced this issue down to PipelineServiceImpl.java. When a project has many commits (in our case thousands) it must loop through those thousand commits for each stage and compare the commits to calculate the time it takes to move commits through to each stage.

Affects: <api-version-number>.

Affects: <latest - 3.4.20>.

When running the docker image the error no main manifest attribute, in api-javadoc.jar is displayed. This is due to the command running *.jar instead of api.jar.

Solution:
Only copy the api.jar and remove the wildcard. This will reduce the docker image size as well.

Affects: 3.4.17

Documentation on using Docker image does not align with the scripting. Documentation states you can use a local application.properties file along with setting the docker environment variable SKIP_PROPERTIES_BUILDER=true. When setting this variable, the properties builder script is not skipped.

Possible Solutions:

• Correct api/README.md with the expected functionality
• uncomment the first if block in docker/properties-builder.sh (and troubleshoot the result, if necessary)

WS-2020-0293 - Medium Severity Vulnerability

Vulnerable Library - spring-security-web-4.2.18.RELEASE.jar

spring-security-web

Library home page: https://spring.io/spring-security

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/4.2.18.RELEASE/spring-security-web-4.2.18.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-security-1.5.22.RELEASE.jar (Root Library)
  • ❌ spring-security-web-4.2.18.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

Spring Security before 5.2.9, 5.3.7, and 5.4.3 vulnerable to side-channel attacks. Vulnerable versions of Spring Security don't use constant time comparisons for CSRF tokens.

Publish Date: 2020-12-17

URL: WS-2020-0293

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: spring-projects/spring-security#9291

Release Date: 2020-12-17

Fix Resolution: org.springframework.security:spring-security-web:5.2.9,5.3.7,5.4.3

Step up your Open Source Security Game with WhiteSource here

Not really a java person but, the above /encrypt is not working for me. Only an ERROR msg comes as a response. In order, I'm not able to add my bitbucket repo in the widget, because it saves passwords in an encrypted format.

My api.properties file is:

dbname=dashboard
server.contextPath=/api 
server.port=8080 
auth.expirationTime=10000
key=8jh6HIBi7AHav/5u+zjLDhZKC4/QMurx

Also when I dig a bit in code the below code from ./java/com/capitalone/dashboard/service/EncryptionServiceImpl.java is responsible for encryption.

public String encrypt(String message) {
        String key = apiSettings.getKey();
        String returnString = "ERROR";
        if (!"".equals(key)) {
            try {
                returnString = Encryption.encryptString(message, key);
            } catch (EncryptionException ignored) {
                LOGGER.debug("Caught encryption exception", ignored);
            }
        }
        return returnString;

which imports packages.
import com.capitalone.dashboard.util.Encryption;
import com.capitalone.dashboard.util.EncryptionException;

I'm not able to find these. Let me know if I'm running in the wrong direction.
Trying to integrate bitbucket cloud with hygieia.

Affects: latest.

After successfully configuring all the tools collectors in hygieia dashboard, any Anonymous user can see the user details and also able to see the all the data available in hygieia dashboards.

Is there any way to disable this type of api calls.

CVE-2020-5421 - Medium Severity Vulnerability

Vulnerable Library - spring-web-4.3.25.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.25.RELEASE/spring-web-4.3.25.RELEASE.jar

Dependency Hierarchy:

• core-3.15.44.jar (Root Library)
  • ❌ spring-web-4.3.25.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Publish Date: 2020-09-19

URL: CVE-2020-5421

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2020-5421

Release Date: 2020-09-19

Fix Resolution: org.springframework:spring-web:4.3.29,5.0.19,5.1.18,5.2.9

Step up your Open Source Security Game with Mend here

Hi ,

I am creating a new widget for Twistlock.

I have created colector and while making changes in api now.
I am able to maven install the api while tests are skipped.
But i am not able to maven install it with tests.

I am able to run the api. its working as expected.
But i want to run unit test as well, while maven install.

I have added below code In TestConfig.java test file
@bean
public TwistlockService twistlockService() {
return Mockito.mock(TwistlockService.class);
}

it gives below errors in 2 log files.

1. com.capitalone.dashboard.auth.DefaultAuthenticationTest
2. com.capitalone.dashboard.auth.DefaultSecurityTest

I have added the log above two log files.
com.capitalone.dashboard.auth.DefaultSecurityTest.txt
com.capitalone.dashboard.auth.DefaultAuthenticationTest.txt

It gives error as
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.18.1:test (default-test) on project api: There are test failures.

Please help with this ..

• The unit test pass when i run it as a seperate file.

CVE-2017-18640 - High Severity Vulnerability

Vulnerable Library - snakeyaml-1.17.jar

YAML 1.1 parser and emitter for Java

Library home page: http://www.snakeyaml.org

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-1.5.22.RELEASE.jar
    • ❌ snakeyaml-1.17.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

Publish Date: 2019-12-12

URL: CVE-2017-18640

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18640

Release Date: 2019-12-12

Fix Resolution: org.yaml:snakeyaml:1.26

Step up your Open Source Security Game with WhiteSource here

WS-2016-7107 - Medium Severity Vulnerability

Vulnerable Library - spring-security-web-4.2.18.RELEASE.jar

spring-security-web

Library home page: https://spring.io/spring-security

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/4.2.18.RELEASE/spring-security-web-4.2.18.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-security-1.5.22.RELEASE.jar (Root Library)
  • ❌ spring-security-web-4.2.18.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

CSRF tokens in Spring Security through 5.4.6 are vulnerable to a breach attack. Spring Security always returns the same CSRF token to the browser.

Publish Date: 2016-08-02

URL: WS-2016-7107

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with WhiteSource here

Affects: <api-version-number>.

Our company are trying to start using hygieia for displaying metrics. We are stuck when trying to setup with docker images with API and UI. We attempted to do docker run after we build the image with dockerfile originally attached in the repo(master branch). but it kept failing. And we tried to modify the dockerfile but still having issue with it. Would it be possible to have someone update the dockerfile in master branch or share what exactly we need modify in dockerfile in order to bring up the API component?

i am getting the below error while starting APi.
2019-10-24 17:47:07,701 [http-nio-8080-exec-2] ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [/api] threw exception
io.jsonwebtoken.MalformedJwtException: JWT strings must contain exactly 2 period characters. Found: 0
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:223) ~[jjwt-0.6.0.jar!/:0.6.0]
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:458) ~[jjwt-0.6.0.jar!/:0.6.0]
at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:518) ~[jjwt-0.6.0.jar!/:0.6.0]
at com.capitalone.dashboard.auth.token.TokenAuthenticationServiceImpl.getAuthentication(TokenAuthenticationServiceImpl.java:60) ~[api.jar!/:3.1.2-SNAPSHOT]
at com.capitalone.dashboard.auth.token.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:39) ~[api.jar!/:3.1.2-SNAPSHOT]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
at com.capitalone.dashboard.auth.apitoken.ApiTokenRequestFilter.doFilter(ApiTokenRequestFilter.java:48) ~[api.jar!/:3.1.2-SNAPSHOT]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]

Any idea?

Hello,

We are currently in the process of using Hygieia at our organization but we have found the state of the repositories insufficient for our use. In general what we like is:

• simple approach to collect data
• many collectors

What we don't like:

• unclear of roadmap (e.g. spring-boot 2 version seem inactive)
• hard to find a combination of components that work together
• Some bad quality in the code base (not everywhere)
• Poor modularization in the new UI
• no Cloud support
• Poor documentation in some areas

Therefore we have started refactoring the entire codebase to:

Done

• moved to monorepo
• 1 parent pom based on spring 1.5.22.RELEASE
• helm charts
• helmfile for complete deployment
• migrated angular codebase to nx
• moved from jasmine to jest
• moved from protractor to cypress
• extracted out npm modules from app

In progress

• upgrade to spring boot 2.4.1
• add readiness and liveness probes
• adapt spring properties to be easier to manage with kubernetes
• upgrade to angular 11
• remove ts any
• move to API first (design apis in swagger first then generate server/client stubs)
• move all issues to monorepo
• provide independent versioning of modules in monorepo
• maintain a CHANGELOG
• deprecate all unused repos
• have an public hygieia instance running in a cloud that monitors hygieia itself (good for demos and own improvements)
• create a document project for all modules

Future

• Deployment Frequency widget- How often an organization successfully releases to production
• Lead Time for Changes widget - The amount of time it takes a commit to get into production
• Change Failure Rate widget - The percentage of deployments causing a failure in production
• Time to Restore Service widget- How long it takes an organization to recover from a failure in production
• Deployment view widget - Similar to https://codefresh.io/devops/launching-future-devops-gitops-2-0

We originally were going to fork hygieia but though that it prob makes more sense to merge it back. If your interested, I would like to setup a video call so we can show what we have and if it makes sense to merge back?

I believe that hygieia has allot of potential but the currents state of the project is severely limiting its adoption and growth.

CVE-2016-1000027 - High Severity Vulnerability

Vulnerable Library - spring-web-5.3.18.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.18/spring-web-5.3.18.jar

Dependency Hierarchy:

• core-4.0.1.jar (Root Library)
  • ❌ spring-web-5.3.18.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.
Mend Note: After conducting further research, Mend has determined that all versions of spring-web up to version 6.0.0 are vulnerable to CVE-2016-1000027.

Publish Date: 2020-01-02

URL: CVE-2016-1000027

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-4wrc-f8pq-fpqp

Release Date: 2020-01-02

Fix Resolution: org.springframework:spring-web:6.0.0

Step up your Open Source Security Game with Mend here

Hey,

I am trying to create dashboards using scripts. When I do a POST on the endpoint /dashboard/remoteCreate, I get a 500 Internal Server Error.

The following is the error message:

2019-07-12 15:40:50,892 ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [/api] threw exception
io.jsonwebtoken.MalformedJwtException: JWT strings must contain exactly 2 period characters. Found: 0
        at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:223) ~[jjwt-0.6.0.jar!/:0.6.0]
        at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:458) ~[jjwt-0.6.0.jar!/:0.6.0]
        at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:518) ~[jjwt-0.6.0.jar!/:0.6.0]
        at com.capitalone.dashboard.auth.token.TokenAuthenticationServiceImpl.getAuthentication(TokenAuthenticationServiceImpl.java:59) ~[api.jar!/:3.0.2-SNAPSHOT]
        at com.capitalone.dashboard.auth.token.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:37) ~[api.jar!/:3.0.2-SNAPSHOT]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at com.capitalone.dashboard.auth.apitoken.ApiTokenRequestFilter.doFilter(ApiTokenRequestFilter.java:48) ~[api.jar!/:3.0.2-SNAPSHOT]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176) ~[spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) ~[tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) ~[tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) ~[tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) ~[tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:217) ~[tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_212]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_212]
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.28.jar!/:8.0.28]
        at java.lang.Thread.run(Thread.java:748) [na:1.8.0_212]

Any idea where I might be going wrong?

Thank You

[error] Error: Cannot find module '@angular-devkit/build-angular/package.json'
Require stack:

• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/node_modules/@angular-devkit/architect/node/node-modules-architect-host.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/node_modules/@angular-devkit/architect/node/index.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/models/architect-command.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/commands/serve-impl.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/node_modules/@angular-devkit/schematics/tools/export-ref.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/node_modules/@angular-devkit/schematics/tools/index.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/utilities/json-schema.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/models/command-runner.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/lib/cli/index.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/lib/init.js
• /usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/bin/ng
  at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
  at Function.resolve (internal/modules/cjs/helpers.js:94:19)
  at WorkspaceNodeModulesArchitectHost.resolveBuilder (/usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/node_modules/@angular-devkit/architect/node/node-modules-architect-host.js:42:41)
  at ServeCommand.initialize (/usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/models/architect-command.js:139:55)
  at async ServeCommand.validateAndRun (/usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/models/command.js:124:9)
  at async Object.runCommand (/usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/models/command-runner.js:198:24)
  at async default_1 (/usr/local/Cellar/angular-cli/10.1.6/libexec/lib/node_modules/@angular/cli/lib/cli/index.js:59:31)

Affects: <api-version-number>.

WS-2021-0491 - Medium Severity Vulnerability

Vulnerable Library - logback-classic-1.2.3.jar

logback-classic module

Library home page: http://logback.qos.ch

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-1.5.22.RELEASE.jar
    • spring-boot-starter-logging-1.5.22.RELEASE.jar
      • ❌ logback-classic-1.2.3.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

LOGBack before 1.2.8 is vulnerable to Remote-Code-Execution (RCE) when the write access to 'logback.xml' and JNDI lookup are enabled.

Publish Date: 2021-12-13

URL: WS-2021-0491

CVSS 2 Score Details (0.0)

Base Score Metrics not available

Step up your Open Source Security Game with WhiteSource here

CVE-2021-25329 - High Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.5.57.jar

Core Tomcat implementation

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.57/tomcat-embed-core-8.5.57.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-tomcat-1.5.22.RELEASE.jar
    • ❌ tomcat-embed-core-8.5.57.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Publish Date: 2021-03-01

URL: CVE-2021-25329

CVSS 3 Score Details (7.0)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: org.apache.tomcat:tomcat:7.0.108, org.apache.tomcat:tomcat:8.5.63, org.apache.tomcat:tomcat:9.0.43,org.apache.tomcat:tomcat:10.0.2

Step up your Open Source Security Game with WhiteSource here

WS-2021-0616 - Medium Severity Vulnerability

Vulnerable Library - jackson-databind-2.10.3.jar

General data-binding functionality for Jackson: works on core streaming API

Library home page: http://github.com/FasterXML/jackson

Path to dependency file: /pom.xml

Path to vulnerable library: /er/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.3/jackson-databind-2.10.3.jar

Dependency Hierarchy:

• ❌ jackson-databind-2.10.3.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind before 2.12.6 and 2.13.1 there is DoS when using JDK serialization to serialize JsonNode.

Publish Date: 2021-11-20

URL: WS-2021-0616

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2021-11-20

Fix Resolution: 2.11.0

Step up your Open Source Security Game with Mend here

Hi,

I am trying to automate the dashboard creation using Hygieia API by making http://localhost:8080/api/dashboard/remoteCreate POST call. Below are the responses from swagger and Postman,

Swagger:

Postman:
I have generated the API Token using Admin menu and then did base64 encoding though I am getting 401 error,

Thanks,
Booma Baskaran.

CVE-2020-13956 - Medium Severity Vulnerability

Vulnerable Library - httpclient-4.5.9.jar

Apache HttpComponents Client

Library home page: http://hc.apache.org/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/httpcomponents/httpclient/4.5.9/httpclient-4.5.9.jar

Dependency Hierarchy:

• core-3.15.44.jar (Root Library)
  • ❌ httpclient-4.5.9.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

Publish Date: 2020-12-02

URL: CVE-2020-13956

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-13956

Release Date: 2020-12-02

Fix Resolution: org.apache.httpcomponents:httpclient:4.5.13;org.apache.httpcomponents:httpclient-osgi:4.5.13;org.apache.httpcomponents.client5:httpclient5:5.0.3;org.apache.httpcomponents.client5:httpclient5-osgi:5.0.3

Step up your Open Source Security Game with Mend here

Running containers as root is not a best practice, is there any forcing function for running as a privileged user?

Solution: Add user / permissions in Dockerfile

CVE-2021-22112 - High Severity Vulnerability

Vulnerable Library - spring-security-web-4.2.18.RELEASE.jar

spring-security-web

Library home page: https://spring.io/spring-security

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/4.2.18.RELEASE/spring-security-web-4.2.18.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-security-1.5.22.RELEASE.jar (Root Library)
  • ❌ spring-security-web-4.2.18.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

Publish Date: 2021-02-23

URL: CVE-2021-22112

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22112

Release Date: 2021-02-23

Fix Resolution: org.springframework.security:spring-security-web:5.2.9,5.3.8,5.4.4

Step up your Open Source Security Game with WhiteSource here

CVE-2021-25122 - High Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.5.57.jar

Core Tomcat implementation

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.57/tomcat-embed-core-8.5.57.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-tomcat-1.5.22.RELEASE.jar
    • ❌ tomcat-embed-core-8.5.57.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

Publish Date: 2021-03-01

URL: CVE-2021-25122

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:8.5.62,9.0.42,10.0.2;org.apache.tomcat:tomcat-coyote:8.5.62,9.0.42,10.0.2

Step up your Open Source Security Game with WhiteSource here

Hi,

The pull request #116 introduce (maybe) a new bug related to pipeline request.

Now, to "search" pipeline you must pass all parameters onto Request Body, which not the way the UI requests pipeline. As I don't know if it's whished or not, but it breaks the product view.

The modified file is src/main/java/com/capitalone/dashboard/rest/PipelineController.java line 27.

The PR #116 changed this line from

public Iterable<PipelineResponse> searchPipelines(@Valid PipelineSearchRequest searchRequest) throws HygieiaException {
to

public Iterable<PipelineResponse> searchPipelines(@Valid @RequestBody PipelineSearchRequest searchRequest) throws HygieiaException {

@chzhanpeng : Any idea ?

Affects: 3.4.13-SNAPSHOT

There is a bug in API module due to which whenever a user adds new widget of type "Code Repo", UI module sends request to add new widget to API, API module makes entry for the widget under the "dashboards" table in mongoDB. But API module doesn't make any entry for this widget under "components" table in mongo DB. Due to this the scm-bitbucket collector is unable to find any entry of type "SCM" in "components" components table in mongoDB for the given dashboard. Hence bitbucket colector shows repo count 0 etc etc (this issues are been reported already for scm-bitbucket" collector. But the issue is not with the collector, issue is with the API module.

Hi guys,

I'm facing issue when I try to login to Hygieia via the LDAP interface.

My properties file looks as below:
`# dashboard.properties
dbname=dashboarddb
dbusername=dashboarduser
dbpassword=ENC(xxcxcsdfsfdsdf)
dbhost=127.0.0.1
dbport=27017
dbreplicaset=[false if you are not using MongoDB replicaset]
server.contextPath=/api
server.port=8080
[email protected]@

logging.level.com.capitalone.dashboard=DEBUG

auth.expirationTime=1200000
auth.authenticationProviders=LDAP,STANDARD

#LDAP Server Url, including port of your LDAP server
auth.ldapServerUrl=ldap://ldapserverurl:389/dc=domain,dc=com

If using standard LDAP

LDAP User Dn Pattern, where the username is replaced with '{0}'

auth.ldapUserSearchFilter="(&(objectClass=user)(sAMAccountName={0}))"
auth.ldapUserDnPattern=sAMAccountName={0}

#Bind DN & Password
auth.ldapBindUser=username
auth.ldapBindPass=password

feature.dynamicPipeline=enabled`

The logs I get when I try to login:
2019-07-10 10:56:38,003 [http-nio-8080-exec-1] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Request is to process authentication 2019-07-10 10:56:38,026 [http-nio-8080-exec-1] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials 2019-07-10 10:56:38,026 [http-nio-8080-exec-1] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Updated SecurityContextHolder to contain null Authentication 2019-07-10 10:56:38,026 [http-nio-8080-exec-1] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@77672429

Same works when I use ldapsearch tools:

ldapsearch -D "username" -w "password" -p 389 -h ldapserverurl -b "DC=domain,DC=com" -s sub "sAMAccountName=someuser"

CVE-2021-22096 - Medium Severity Vulnerability

Vulnerable Libraries - spring-core-4.3.25.RELEASE.jar, spring-webmvc-4.3.25.RELEASE.jar, spring-web-4.3.25.RELEASE.jar

spring-core-4.3.25.RELEASE.jar

Spring Core

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/4.3.25.RELEASE/spring-core-4.3.25.RELEASE.jar

Dependency Hierarchy:

• spring-security-ldap-4.2.18.RELEASE.jar (Root Library)
  • ❌ spring-core-4.3.25.RELEASE.jar (Vulnerable Library)

spring-webmvc-4.3.25.RELEASE.jar

Spring Web MVC

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/4.3.25.RELEASE/spring-webmvc-4.3.25.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • ❌ spring-webmvc-4.3.25.RELEASE.jar (Vulnerable Library)

spring-web-4.3.25.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.25.RELEASE/spring-web-4.3.25.RELEASE.jar

Dependency Hierarchy:

• core-3.15.44.jar (Root Library)
  • ❌ spring-web-4.3.25.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.

Publish Date: 2021-10-28

URL: CVE-2021-22096

CVSS 3 Score Details (4.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22096

Release Date: 2021-10-28

Fix Resolution (org.springframework:spring-core): 5.2.18.RELEASE

Direct dependency fix Resolution (org.springframework.security:spring-security-ldap): 5.7.0

Fix Resolution (org.springframework:spring-webmvc): 5.2.18.RELEASE

Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.4.0

Step up your Open Source Security Game with Mend here

CVE-2021-24122 - Medium Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.5.57.jar

Core Tomcat implementation

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.57/tomcat-embed-core-8.5.57.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-tomcat-1.5.22.RELEASE.jar
    • ❌ tomcat-embed-core-8.5.57.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Publish Date: 2021-01-14

URL: CVE-2021-24122

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

Release Date: 2021-01-14

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:7.0.107,8.5.60,9.0.40,10.0.0-M10;org.apache.tomcat:tomcat-catalina:7.0.107,8.5.60,9.0.40,10.0.0-M10

Step up your Open Source Security Game with WhiteSource here

CVE-2020-8908 - Low Severity Vulnerability

Vulnerable Library - guava-29.0-jre.jar

Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.

Library home page: https://github.com/google/guava

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/29.0-jre/guava-29.0-jre.jar

Dependency Hierarchy:

• core-3.15.44.jar (Root Library)
  • ❌ guava-29.0-jre.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

Publish Date: 2020-12-10

URL: CVE-2020-8908

CVSS 3 Score Details (3.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908

Release Date: 2020-12-10

Fix Resolution: v30.0

Step up your Open Source Security Game with Mend here

So I recently noticed that when i create a product dashboard and try to add a team there, on clicking to add the team im redirected to the login page (even though I am already logged in) and when i try to login, it just keeps on redirecting me to the login page repeatedly.

The following error i could get from the logs of api collector.

2019-06-24 20:56:38,449 ERROR c.c.d.rest.RestApiExceptionHandler - null java.lang.NullPointerException: null at com.capitalone.dashboard.util.PipelineUtils.getStageToEnvironmentNameMap(PipelineUtils.java:49) ~[core-3.1.1-SNAPSHOT.jar!/:3.0.2-SNAPSHOT] at com.capitalone.dashboard.service.PipelineServiceImpl.buildPipelineResponse(PipelineServiceImpl.java:92) ~[api.jar!/:3.0.2-SNAPSHOT] at com.capitalone.dashboard.service.PipelineServiceImpl.search(PipelineServiceImpl.java:55) ~[api.jar!/:3.0.2-SNAPSHOT] at com.capitalone.dashboard.rest.PipelineController.searchPipelines(PipelineController.java:26) ~[api.jar!/:3.0.2-SNAPSHOT] at sun.reflect.GeneratedMethodAccessor267.invoke(Unknown Source) ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_212] at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_212] at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136) ~[spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:817) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:731) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:968) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:859) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:844) ~[spring-webmvc-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-embed-websocket-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at com.capitalone.dashboard.auth.apitoken.ApiTokenRequestFilter.doFilter(ApiTokenRequestFilter.java:48) [api.jar!/:3.0.2-SNAPSHOT] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at com.capitalone.dashboard.auth.webhook.github.GithubWebHookRequestFilter.doFilter(GithubWebHookRequestFilter.java:54) [api.jar!/:3.0.2-SNAPSHOT] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at com.capitalone.dashboard.auth.token.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:40) [api.jar!/:3.0.2-SNAPSHOT] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:316) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at com.capitalone.dashboard.auth.webhook.github.GithubWebHookRequestFilter.doFilter(GithubWebHookRequestFilter.java:54) [api.jar!/:3.0.2-SNAPSHOT] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at com.capitalone.dashboard.auth.token.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:40) [api.jar!/:3.0.2-SNAPSHOT] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at com.capitalone.dashboard.auth.apitoken.ApiTokenRequestFilter.doFilter(ApiTokenRequestFilter.java:48) [api.jar!/:3.0.2-SNAPSHOT] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176) [spring-security-web-4.0.3.RELEASE.jar!/:4.0.3.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.2.5.RELEASE.jar!/:4.2.5.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:217) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_212] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_212] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.28.jar!/:8.0.28] at java.lang.Thread.run(Thread.java:748) [na:1.8.0_212]

Any help on what might be breaking this?
Thank You

Hello.
When I compiling vai mvn clean install" I getting this error.

My OS is Windows 10
java version "1.8.0_231"
Java(TM) SE Runtime Environment (build 1.8.0_231-b11)
Java HotSpot(TM) Client VM (build 25.231-b11, mixed mode)

...\hy\api\src\main\java\com\capitalone\dashboard\service\CommitServiceImpl.java

Error line is: 25: import org.omg.PortableInterceptor.USER_EXCEPTION;

org.omg.PortableInterceptor.USER_EXCEPTION
org/omg/PortableInterceptor/USER_EXCEPTION.java . Generated by the IDL-to-Java compiler (portable), version "3.2" from c:/re/workspace/8-2-build-windows-amd64-cygwin/jdk8u231/13620/corba/src/share/classes/org/omg/PortableInterceptor/Interceptors.idl Saturday, October 5, 2019 3:13:32 AM PDT

CVE-2019-17495 - High Severity Vulnerability

Vulnerable Library - springfox-swagger-ui-2.4.0.jar

JSON API documentation for spring based applications

Library home page: https://github.com/springfox/springfox

Path to dependency file: /pom.xml

Path to vulnerable library: /er/.m2/repository/io/springfox/springfox-swagger-ui/2.4.0/springfox-swagger-ui-2.4.0.jar

Dependency Hierarchy:

• ❌ springfox-swagger-ui-2.4.0.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.

Publish Date: 2019-10-10

URL: CVE-2019-17495

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17495

Release Date: 2019-10-10

Fix Resolution: 3.23.11

Step up your Open Source Security Game with WhiteSource here

WS-2021-0419 - High Severity Vulnerability

Vulnerable Library - gson-2.8.5.jar

Gson JSON library

Library home page: https://github.com/google/gson

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.8.5/gson-2.8.5.jar

Dependency Hierarchy:

• core-3.15.44.jar (Root Library)
  • ❌ gson-2.8.5.jar (Vulnerable Library)

Found in HEAD commit: a172d7c5c9a732c7b02c1e2c1bca72d1a7e806b4

Found in base branch: master

Vulnerability Details

Denial of Service vulnerability was discovered in gson before 2.8.9 via the writeReplace() method.

Publish Date: 2021-10-11

URL: WS-2021-0419

CVSS 3 Score Details (7.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2021-10-11

Fix Resolution (com.google.code.gson:gson): 2.8.9

Direct dependency fix Resolution (com.capitalone.dashboard:core): 3.15.45

Step up your Open Source Security Game with Mend here

I'm trying to setup Hygieia.

Have followed the instructions as in https://hygieia.github.io/Hygieia/setup.html. But i'm not able to execute the api. Have modified the properties file as well with DBusername and passwrod details.

java -jar api.jar --spring.config.location=C:\Hygieia\api\target\api.properties

And properties file is as below,

dbname=dashboarddb
dbusername=dashboarduser
dbpassword=dbpassword
dbhost=127.0.0.1
dbport=27017
dbreplicaset=false
dbhostport=localhost:27017
server.contextPath=/api
server.port=8080

devopsdashboard-api-2020-04-15.0.log

Have attached the log as well.
Kindly assist.

Regards,
Gowri

CVE-2021-33037 - Medium Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.5.57.jar

Core Tomcat implementation

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.57/tomcat-embed-core-8.5.57.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-tomcat-1.5.22.RELEASE.jar
    • ❌ tomcat-embed-core-8.5.57.jar (Vulnerable Library)

Found in HEAD commit: a67c10d8c1d67a5011bc1d98eb80403a3d0a7218

Found in base branch: master

Vulnerability Details

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.

Publish Date: 2021-07-12

URL: CVE-2021-33037

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/rd84fae1f474597bdf358f5bdc0a5c453c507bd527b83e8be6b5ea3f4%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-07-12

Fix Resolution: org.apache.tomcat:tomcat-coyote:8.5.68, 9.0.48, 10.0.7, org.apache.tomcat.embed:tomcat-embed-core:8.5.68, 9.0.48, 10.0.7

Step up your Open Source Security Game with WhiteSource here

To developers:
In recent versions , many components exists bug.
For example ,the api 3.4.23 version. The UI component 3.10 version request API 500.
So terrible.
Can u please test your codes before commit?

CVE-2021-42550 - Medium Severity Vulnerability

Vulnerable Libraries - logback-classic-1.2.3.jar, logback-core-1.2.3.jar

logback-classic-1.2.3.jar

logback-classic module

Library home page: http://logback.qos.ch

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-1.5.22.RELEASE.jar
    • spring-boot-starter-logging-1.5.22.RELEASE.jar
      • ❌ logback-classic-1.2.3.jar (Vulnerable Library)

logback-core-1.2.3.jar

logback-core module

Library home page: http://logback.qos.ch

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-1.5.22.RELEASE.jar
    • spring-boot-starter-logging-1.5.22.RELEASE.jar
      • logback-classic-1.2.3.jar
        • ❌ logback-core-1.2.3.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

Publish Date: 2021-12-16

URL: CVE-2021-42550

CVSS 3 Score Details (6.6)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2021-42550

Release Date: 2021-12-16

Fix Resolution (ch.qos.logback:logback-classic): 1.2.8

Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.0.0.RELEASE

Fix Resolution (ch.qos.logback:logback-core): 1.2.8

Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.0.0.RELEASE

Step up your Open Source Security Game with Mend here

Hi,

I'm trying to use this separate repo to build api jar. I'm able to build api jar successfully but not able to get 200 response for http://localhost:8090/api/.
Including my api logs

09:53:55,620 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback.groovy]
09:53:55,620 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]
09:53:55,621 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [jar:file:/opt/api/target/api.jar!/logback.xml]
09:53:55,622 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource [logback.xml] occurs multiple times on the classpath.
09:53:55,622 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource [logback.xml] occurs at [jar:file:/opt/api/target/api.jar!/logback.xml]
09:53:55,622 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource [logback.xml] occurs at [jar:file:/opt/api/target/api.jar!/lib/core-3.1.3-SNAPSHOT.jar!/logback.xml]
09:53:55,686 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@4502666a - URL [jar:file:/opt/api/target/api.jar!/logback.xml] is not of type file
09:53:55,795 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - debug attribute not set
09:53:55,817 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]
09:53:55,829 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STDOUT]
09:53:55,885 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
09:53:56,018 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
09:53:56,021 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [ROLLING]
09:53:56,113 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy - No compression will be used
09:53:56,114 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy - Will use the pattern logs/devopsdashboard-api-%d{yyyy-MM-dd}.%i.log for the active file
09:53:56,116 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@43c06f0b - The date pattern is 'yyyy-MM-dd' from file name pattern 'logs/devopsdashboard-api-%d{yyyy-MM-dd}.%i.log'.
09:53:56,116 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@43c06f0b - Roll-over at midnight.
09:53:56,118 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@43c06f0b - Setting initial period to Mon Aug 26 09:53:56 UTC 2019
09:53:56,120 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
09:53:56,120 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[ROLLING] - Active log file name: logs/devopsdashboard-api-2019-08-26.0.log
09:53:56,120 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[ROLLING] - File property is set to [null]
09:53:56,121 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to INFO
09:53:56,121 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [ROLLING] to Logger[ROOT]
09:53:56,122 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STDOUT] to Logger[ROOT]
09:53:56,122 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - End of configuration.
09:53:56,122 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@456e44e3 - Registering current configuration as safe fallback point

2019-08-26 09:53:57,594 [main] INFO o.s.c.a.AnnotationConfigApplicationContext - Refreshing org.springframework.context.annotation.AnnotationConfigApplicationContext@3285c7df: startup date [Mon Aug 26 09:53:57 UTC 2019]; root of context hierarchy
2019-08-26 09:53:57,684 [pool-1-thread-1] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 5.2.2.Final
2019-08-26 09:53:58,043 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
2019-08-26 09:53:58,249 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'configurationPropertiesRebinderAutoConfiguration' of type [class org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$df133cc7] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)

. ____ _ __ _ _
/\ / ' __ _ () __ __ _ \ \ \
( ( )__ | '_ | '| | ' / ` | \ \ \
\/ )| |)| | | | | || (| | ) ) ) )
' || .__|| ||| |_, | / / / /
=========||==============|/=////
:: Spring Boot :: (v1.3.0.RELEASE)

2019-08-26 09:53:58,819 [main] INFO o.s.c.c.c.ConfigServicePropertySourceLocator - Fetching config from server at: http://localhost:8888
2019-08-26 09:53:59,106 [main] WARN o.s.c.c.c.ConfigServicePropertySourceLocator - Could not locate PropertySource: I/O error on GET request for "http://localhost:8888/application/default": Connection refused (Connection refused); nested exception is java.net.ConnectException: Connection refused (Connection refused)
2019-08-26 09:53:59,108 [main] INFO com.capitalone.dashboard.Application - No profiles are active
2019-08-26 09:53:59,201 [main] INFO o.s.b.c.e.AnnotationConfigEmbeddedWebApplicationContext - Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@7860d1e8: startup date [Mon Aug 26 09:53:59 UTC 2019]; parent: org.springframework.context.annotation.AnnotationConfigApplicationContext@3285c7df
2019-08-26 09:54:03,284 [main] INFO o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'ssoAuthenticationFilter' with a different definition: replacing [Generic bean: class [com.capitalone.dashboard.auth.sso.SsoAuthenticationFilter]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in URL [jar:file:/opt/api/target/api.jar!/com/capitalone/dashboard/auth/sso/SsoAuthenticationFilter.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=webSecurityConfig; factoryMethodName=ssoAuthenticationFilter; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [com/capitalone/dashboard/config/WebSecurityConfig.class]]
2019-08-26 09:54:04,035 [main] INFO o.s.cloud.context.scope.GenericScope - BeanFactory id=90ec6701-ff2a-332a-8883-73ebdd05166c
2019-08-26 09:54:04,068 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Post-processing PropertySource instances
2019-08-26 09:54:04,094 [main] INFO c.u.j.c.StringEncryptorConfiguration - String Encryptor custom Bean not found with name 'jasyptStringEncryptor'. Initializing String Encryptor based on properties with name 'jasyptStringEncryptor'
2019-08-26 09:54:04,097 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource servletConfigInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource servletContextInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource systemProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource systemEnvironment [org.springframework.core.env.SystemEnvironmentPropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource random [org.springframework.boot.context.config.RandomValuePropertySource] to EncryptablePropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource applicationConfig: [classpath:/application.properties] [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource springCloudClientHostInfo [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource class path resource [version.properties] [org.springframework.core.io.support.ResourcePropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,098 [main] INFO c.u.j.EnableEncryptablePropertySourcesPostProcessor - Converting PropertySource defaultProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2019-08-26 09:54:04,121 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
2019-08-26 09:54:04,363 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration' of type [class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration$$EnhancerBySpringCGLIB$$545b1e64] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:04,552 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'objectPostProcessor' of type [class org.springframework.security.config.annotation.configuration.AutowireBeanFactoryObjectPostProcessor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:04,553 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler@4fad143a' of type [class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:04,598 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration' of type [class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration$$EnhancerBySpringCGLIB$$73952d6] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:04,608 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'methodSecurityMetadataSource' of type [class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:04,662 [main] INFO o.s.c.s.PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration' of type [class org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$df133cc7] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2019-08-26 09:54:05,172 [main] INFO o.s.b.c.e.t.TomcatEmbeddedServletContainer - Tomcat initialized with port(s): 8090 (http)
2019-08-26 09:54:05,209 [main] INFO o.a.catalina.core.StandardService - Starting service Tomcat
2019-08-26 09:54:05,210 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet Engine: Apache Tomcat/8.0.28
2019-08-26 09:54:05,401 [localhost-startStop-1] INFO o.a.c.c.C.[.[localhost].[/api ] - Initializing Spring embedded WebApplicationContext
2019-08-26 09:54:05,401 [localhost-startStop-1] INFO o.s.web.context.ContextLoader - Root WebApplicationContext: initialization completed in 6200 ms
2019-08-26 09:54:05,715 [localhost-startStop-1] INFO c.c.dashboard.auth.AuthProperties - No JWT secret found in configuration, generating random secret by default.
2019-08-26 09:54:05,715 [localhost-startStop-1] INFO c.c.dashboard.auth.AuthProperties - No JWT expiration time found in configuration, setting to one day.
2019-08-26 09:54:06,155 [localhost-startStop-1] INFO c.c.dashboard.config.MongoConfig - ReplicaSetfalse
2019-08-26 09:54:06,216 [localhost-startStop-1] INFO c.c.dashboard.config.MongoConfig - Initializing Mongo Client server at: localhost:27017
2019-08-26 09:54:06,252 [localhost-startStop-1] INFO org.mongodb.driver.cluster - Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500}
2019-08-26 09:54:06,321 [localhost-startStop-1] INFO c.c.dashboard.config.MongoConfig - Connecting to Mongo: Mongo{options=MongoClientOptions{description='null', readPreference=primary, writeConcern=WriteConcern{w=1, wtimeout=0, fsync=false, j=false, codecRegistry=org.bson.codecs.configuration.ProvidersCodecRegistry@9ae246e7, minConnectionsPerHost=0, maxConnectionsPerHost=100, threadsAllowedToBlockForConnectionMultiplier=5, serverSelectionTimeout=30000, maxWaitTime=120000, maxConnectionIdleTime=60000, maxConnectionLifeTime=0, connectTimeout=10000, socketTimeout=0, socketKeepAlive=false, sslEnabled=false, sslInvalidHostNamesAllowed=false, alwaysUseMBeans=false, heartbeatFrequency=10000, minHeartbeatFrequency=500, heartbeatConnectTimeout=20000, heartbeatSocketTimeout=20000, localThreshold=15, requiredReplicaSetName='null', dbDecoderFactory=com.mongodb.DefaultDBDecoder$1@2a2c8035, dbEncoderFactory=com.mongodb.DefaultDBEncoder$1@5774970e, socketFactory=javax.net.DefaultSocketFactory@b724806, cursorFinalizerEnabled=true, connectionPoolSettings=ConnectionPoolSettings{maxSize=100, minSize=0, maxWaitQueueSize=500, maxWaitTimeMS=120000, maxConnectionLifeTimeMS=0, maxConnectionIdleTimeMS=60000, maintenanceInitialDelayMS=0, maintenanceFrequencyMS=60000}, socketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=0, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}, serverSettings=ServerSettings{heartbeatFrequencyMS=10000, minHeartbeatFrequencyMS=500}, heartbeatSocketSettings=SocketSettings{connectTimeoutMS=20000, readTimeoutMS=20000, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}}}
2019-08-26 09:54:06,714 [cluster-ClusterId{value='5d63ac3e609069739a963c22', description='null'}-localhost:27017] INFO org.mongodb.driver.connection - Opened connection [connectionId{localValue:1, serverValue:174}] to localhost:27017
2019-08-26 09:54:06,716 [cluster-ClusterId{value='5d63ac3e609069739a963c22', description='null'}-localhost:27017] INFO org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 0, 15]}, minWireVersion=0, maxWireVersion=3, electionId=null, maxDocumentSize=16777216, roundTripTimeNanos=1251597}
2019-08-26 09:54:07,613 [localhost-startStop-1] INFO org.mongodb.driver.connection - Opened connection [connectionId{localValue:2, serverValue:175}] to localhost:27017
2019-08-26 09:54:08,219 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'characterEncodingFilter' to: [/]
2019-08-26 09:54:08,220 [localhost-startStop-1] INFO o.s.b.c.e.DelegatingFilterProxyRegistrationBean - Mapping filter: 'springSecurityFilterChain' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'jwtAuthenticationFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'ssoAuthenticationFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'standardLoginRequestFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'githubWebhookRequestFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'ldapLoginRequestFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'apiTokenRequestFilter' to: [/]
2019-08-26 09:54:08,221 [localhost-startStop-1] INFO o.s.b.c.e.ServletRegistrationBean - Mapping servlet: 'dispatcherServlet' to [/]
2019-08-26 09:54:08,838 [localhost-startStop-1] INFO o.s.s.web.DefaultSecurityFilterChain - Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@603019e9, org.springframework.security.web.context.SecurityContextPersistenceFilter@52b95900, org.springframework.security.web.header.HeaderWriterFilter@24d61f50, org.springframework.security.web.authentication.logout.LogoutFilter@4d48112f, com.capitalone.dashboard.auth.standard.StandardLoginRequestFilter@2790d669, com.capitalone.dashboard.auth.sso.SsoAuthenticationFilter@16c66562, com.capitalone.dashboard.auth.ldap.LdapLoginRequestFilter@757a3219, com.capitalone.dashboard.auth.apitoken.ApiTokenRequestFilter@71301340, com.capitalone.dashboard.auth.token.JwtAuthenticationFilter@115467b9, com.capitalone.dashboard.auth.webhook.github.GithubWebHookRequestFilter@4f7eb457, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@39b9bd59, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@680897ae, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@74ff139, org.springframework.security.web.session.SessionManagementFilter@7b371ef6, org.springframework.security.web.access.ExceptionTranslationFilter@57b26f2d, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@44194c5a]
2019-08-26 09:54:11,431 [main] INFO o.s.b.a.s.AuthenticationManagerConfiguration -

Using default security password: 268444f5-aff9-4550-bdc1-f47ed8f5d596

2019-08-26 09:54:12,761 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/encrypt],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.EncryptionController.encrypt(com.capitalone.dashboard.request.EncryptionRequest)
2019-08-26 09:54:12,762 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/score/settings/type/{scoreValueType}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.score.settings.ScoreCriteriaSettings com.capitalone.dashboard.rest.ScoreCriteriaSettingsController.getScoreCriteriaSettingsByType(com.capitalone.dashboard.model.score.ScoreValueType)
2019-08-26 09:54:12,762 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/gitrequests/github/v3],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.GitRequestController.createGitHubv3(org.json.simple.JSONObject) throws org.json.simple.parser.ParseException,com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,763 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/gitrequests/type/{type}/state/{state}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.GitRequest>> com.capitalone.dashboard.rest.GitRequestController.search(com.capitalone.dashboard.request.GitRequestRequest,java.lang.String,java.lang.String)
2019-08-26 09:54:12,763 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.CodeQuality>> com.capitalone.dashboard.rest.CodeQualityController.qualityData(com.capitalone.dashboard.request.CodeQualityRequest)
2019-08-26 09:54:12,763 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/static-analysis],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.CodeQuality>> com.capitalone.dashboard.rest.CodeQualityController.qualityStaticAnalysis(com.capitalone.dashboard.request.CodeQualityRequest)
2019-08-26 09:54:12,764 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/static-analysis],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.CodeQualityController.createStaticAnanlysis(com.capitalone.dashboard.request.CodeQualityCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,764 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/quality/static-analysis],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.CodeQualityController.createStaticAnanlysisV2(com.capitalone.dashboard.request.CodeQualityCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,764 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/security-analysis],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.CodeQuality>> com.capitalone.dashboard.rest.CodeQualityController.qualitySecurityAnalysis(com.capitalone.dashboard.request.CodeQualityRequest)
2019-08-26 09:54:12,764 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/performance/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.PerformanceController.createPerformance(com.capitalone.dashboard.request.PerformanceCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,765 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/performance],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.Performance>> com.capitalone.dashboard.rest.PerformanceController.performanceData(com.capitalone.dashboard.request.PerformanceSearchRequest)
2019-08-26 09:54:12,765 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/performance/infrastructure],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.Performance>> com.capitalone.dashboard.rest.PerformanceController.searchAInfrastructurePerformance(com.capitalone.dashboard.request.PerformanceSearchRequest)
2019-08-26 09:54:12,765 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/performance/application],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.Performance>> com.capitalone.dashboard.rest.PerformanceController.searchApplicationPerformance(com.capitalone.dashboard.request.PerformanceSearchRequest)
2019-08-26 09:54:12,765 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cmdb/configItem/{itemType}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Cmdb>> com.capitalone.dashboard.rest.CmdbController.getConfigItemByType(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,766 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cmdb/remoteCreate],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.Object> com.capitalone.dashboard.rest.CmdbController.remoteCreateDashboard(com.capitalone.dashboard.request.CmdbRequest)
2019-08-26 09:54:12,767 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/users],methods=[GET]}" onto public java.util.Collection<com.capitalone.dashboard.model.UserInfo> com.capitalone.dashboard.rest.UserInfoController.getUsers()
2019-08-26 09:54:12,781 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/deploy/status/application/{applicationName}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.deploy.Environment>> com.capitalone.dashboard.rest.DeployController.deployStatus(java.lang.String)
2019-08-26 09:54:12,782 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/deploy/status/{componentId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.deploy.Environment>> com.capitalone.dashboard.rest.DeployController.deployStatus(org.bson.types.ObjectId)
2019-08-26 09:54:12,782 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/deploy],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DeployController.createDeploy(com.capitalone.dashboard.request.DeployDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,782 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/deploy],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DeployController.createDeployV2(com.capitalone.dashboard.request.DeployDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,782 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/deploy/rundeck],methods=[POST],consumes=[text/xml],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DeployController.createRundeckBuild(javax.servlet.http.HttpServletRequest,java.lang.String,java.lang.String) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,782 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/deploy/rundeck],methods=[POST],consumes=[text/xml],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DeployController.createRundeckBuildV2(javax.servlet.http.HttpServletRequest,java.lang.String,java.lang.String) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,783 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/artifact],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.BinaryArtifactController.create(com.capitalone.dashboard.request.BinaryArtifactCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,783 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/artifact],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.BinaryArtifact>> com.capitalone.dashboard.rest.BinaryArtifactController.search(com.capitalone.dashboard.request.BinaryArtifactSearchRequest)
2019-08-26 09:54:12,784 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/build],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.BuildController.createBuild(com.capitalone.dashboard.request.BuildDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,784 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/build],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.BuildController.createBuildv2(com.capitalone.dashboard.request.BuildDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,784 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v3/build],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.response.BuildDataCreateResponse> com.capitalone.dashboard.rest.BuildController.createBuildv3(com.capitalone.dashboard.request.BuildDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,784 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/build],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.Build>> com.capitalone.dashboard.rest.BuildController.builds(com.capitalone.dashboard.request.BuildSearchRequest)
2019-08-26 09:54:12,785 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/iteration],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.currentSprintDetail(java.lang.String,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,785 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/estimates/super],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.featureEpics(java.lang.String,java.util.Optional<java.lang.String>,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,785 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/estimates/aggregatedsprints],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<com.capitalone.dashboard.model.SprintEstimate> com.capitalone.dashboard.rest.FeatureController.featureAggregatedSprintEstimates(java.lang.String,java.util.Optional<java.lang.String>,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,785 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/estimates/total/{teamId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.featureTotalEstimate(java.util.Optional<java.lang.String>,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,802 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/estimates/wip/{teamId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.featureInProgressEstimate(java.util.Optional<java.lang.String>,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,802 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/estimates/done/{teamId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.featureDoneEstimate(java.util.Optional<java.lang.String>,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,803 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature/{number}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.story(java.lang.String,java.lang.String)
2019-08-26 09:54:12,803 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/feature],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Feature>> com.capitalone.dashboard.rest.FeatureController.relevantStories(java.lang.String,java.util.Optional<java.lang.String>,java.lang.String,java.lang.String)
2019-08-26 09:54:12,803 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/metadata/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.MetadataController.create(com.capitalone.dashboard.request.MetadataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,805 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/aggregate/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.response.CloudVolumeAggregatedResponse> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeAggregatedData(java.lang.String)
2019-08-26 09:54:12,805 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/details/instanceIds],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVolumeStorage>> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeDetailsByInstanceIds(java.util.List<java.lang.String>)
2019-08-26 09:54:12,805 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/refresh],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<java.lang.String>> com.capitalone.dashboard.rest.CloudVolumeController.refreshVolumes(com.capitalone.dashboard.request.CloudVolumeListRefreshRequest)
2019-08-26 09:54:12,805 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<java.lang.String>> com.capitalone.dashboard.rest.CloudVolumeController.upsertVolume(java.util.List<com.capitalone.dashboard.request.CloudVolumeCreateRequest>)
2019-08-26 09:54:12,805 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/details/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVolumeStorage>> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeDetailsByComponentId(java.lang.String)
2019-08-26 09:54:12,806 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/details/volumes/{volumeIds}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVolumeStorage>> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeDetailsByVolumeIds(java.util.List<java.lang.String>)
2019-08-26 09:54:12,806 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/details/tags],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVolumeStorage>> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeDetailsByTags(java.util.List<com.capitalone.dashboard.model.NameValue>)
2019-08-26 09:54:12,806 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/volume/details/account/{accountNumber}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVolumeStorage>> com.capitalone.dashboard.rest.CloudVolumeController.getVolumeDetailsByAccount(java.lang.String)
2019-08-26 09:54:12,806 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/commit/github/v3],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.ZCommitController.createGitHubv3(org.json.simple.JSONObject) throws org.json.simple.parser.ParseException,com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,806 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/commit],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.Commit>> com.capitalone.dashboard.rest.ZCommitController.search(com.capitalone.dashboard.request.CommitRequest)
2019-08-26 09:54:12,809 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/ping],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.Boolean> com.capitalone.dashboard.rest.PingController.ping()
2019-08-26 09:54:12,809 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/appinfo],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.PingController.getAppInfo()
2019-08-26 09:54:12,809 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/findUser],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.Boolean> com.capitalone.dashboard.rest.PingController.authenticatedPing()
2019-08-26 09:54:12,810 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/refresh],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<java.lang.String>> com.capitalone.dashboard.rest.CloudSubnetController.refreshInstances(com.capitalone.dashboard.request.CloudInstanceListRefreshRequest)
2019-08-26 09:54:12,810 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/details/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudSubNetwork>> com.capitalone.dashboard.rest.CloudSubnetController.getSubNetworkDetailsByComponentId(java.lang.String)
2019-08-26 09:54:12,811 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/details/account/{accountNumber}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudSubNetwork>> com.capitalone.dashboard.rest.CloudSubnetController.getSubNetworkDetailsByAccount(java.lang.String)
2019-08-26 09:54:12,811 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/details/subnets/{subnetIds}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudSubNetwork>> com.capitalone.dashboard.rest.CloudSubnetController.getSubNetworkDetailsBySubnetIds(java.util.List<java.lang.String>)
2019-08-26 09:54:12,811 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/aggregate/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.response.CloudSubNetworkAggregatedResponse> com.capitalone.dashboard.rest.CloudSubnetController.getSubNetworkAggregatedData(java.lang.String)
2019-08-26 09:54:12,811 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/details/tags],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudSubNetwork>> com.capitalone.dashboard.rest.CloudSubnetController.getSubNetworkDetailsByTag(java.util.List<com.capitalone.dashboard.model.NameValue>)
2019-08-26 09:54:12,811 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/subnet/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<java.lang.String>> com.capitalone.dashboard.rest.CloudSubnetController.upsertSubNetwork(java.util.List<com.capitalone.dashboard.request.CloudSubnetCreateRequest>)
2019-08-26 09:54:12,812 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/generalConfig],methods=[PUT],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Configuration>> com.capitalone.dashboard.rest.ConfigurationController.insertConfigurationFile(java.util.List<com.capitalone.dashboard.model.Configuration>)
2019-08-26 09:54:12,812 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/generalConfig/fetch],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Configuration> com.capitalone.dashboard.rest.ConfigurationController.getConfigurationFile()
2019-08-26 09:54:12,813 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/dependent-service/{serviceId}],methods=[POST],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Service> com.capitalone.dashboard.rest.ServiceController.addDependentService(org.bson.types.ObjectId,org.bson.types.ObjectId)
2019-08-26 09:54:12,813 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/dependent-service/{serviceId}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.ServiceController.deleteDependentService(org.bson.types.ObjectId,org.bson.types.ObjectId)
2019-08-26 09:54:12,813 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service/{serviceId}],methods=[GET]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.ServiceController.refreshService(org.bson.types.ObjectId,org.bson.types.ObjectId)
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service/{serviceId}],methods=[GET],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Service> com.capitalone.dashboard.rest.ServiceController.refreshService(org.bson.types.ObjectId,org.bson.types.ObjectId,com.capitalone.dashboard.request.ServiceRequest)
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.Map<java.lang.String, java.util.List<com.capitalone.dashboard.model.Service>>> com.capitalone.dashboard.rest.ServiceController.dashboardServices(org.bson.types.ObjectId)
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/service],methods=[GET],produces=[application/json]}" onto public java.lang.Iterable<com.capitalone.dashboard.model.Service> com.capitalone.dashboard.rest.ServiceController.services()
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service/{serviceId}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Service> com.capitalone.dashboard.rest.ServiceController.updateService(org.bson.types.ObjectId,org.bson.types.ObjectId,com.capitalone.dashboard.request.ServiceRequest)
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service/{serviceId}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.ServiceController.deleteService(org.bson.types.ObjectId,org.bson.types.ObjectId)
2019-08-26 09:54:12,817 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/service],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Service> com.capitalone.dashboard.rest.ServiceController.createService(org.bson.types.ObjectId,com.capitalone.dashboard.request.ServiceRequest)
2019-08-26 09:54:12,818 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/score/metric/{dashboardId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<com.capitalone.dashboard.model.score.ScoreMetric> com.capitalone.dashboard.rest.ScoreController.scoreMetric(org.bson.types.ObjectId)
2019-08-26 09:54:12,818 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/virtualnetwork/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<org.bson.types.ObjectId>> com.capitalone.dashboard.rest.CloudVirtualNetworkController.upsertVirtualNetwork(java.util.List<com.capitalone.dashboard.model.CloudVirtualNetwork>)
2019-08-26 09:54:12,818 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/virtualnetwork/details/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudVirtualNetwork>> com.capitalone.dashboard.rest.CloudVirtualNetworkController.getVirtualNetworkDetails(org.bson.types.ObjectId)
2019-08-26 09:54:12,818 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/virtualnetwork/details/netrwork/{virtualNetworkId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.CloudVirtualNetwork> com.capitalone.dashboard.rest.CloudVirtualNetworkController.getVirtualNetworkDetails(java.lang.String)
2019-08-26 09:54:12,818 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/virtualnetwork/aggregate/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.response.CloudVirtualNetworkAggregatedResponse> com.capitalone.dashboard.rest.CloudVirtualNetworkController.getVirtualNetworkAggregatedData(org.bson.types.ObjectId)
2019-08-26 09:54:12,819 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/team/{teamId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<com.capitalone.dashboard.model.Team> com.capitalone.dashboard.rest.TeamController.team(java.lang.String,java.lang.String)
2019-08-26 09:54:12,819 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/teamcollector/{collectorId}],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Team> com.capitalone.dashboard.rest.TeamController.teamsByCollector(java.lang.String)
2019-08-26 09:54:12,819 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/team],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Team> com.capitalone.dashboard.rest.TeamController.allTeams()
2019-08-26 09:54:12,819 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/teamcollector/page/{collectorId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Team>> com.capitalone.dashboard.rest.TeamController.teamsByCollectorPage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,834 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/remoteUpdate],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardRemoteController.remoteUpdateDashboard(com.capitalone.dashboard.request.DashboardRemoteRequest)
2019-08-26 09:54:12,835 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/remoteCreate],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardRemoteController.remoteCreateDashboard(com.capitalone.dashboard.request.DashboardRemoteRequest)
2019-08-26 09:54:12,836 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/updateUser],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AuthenticationController.updateUser(com.capitalone.dashboard.request.AuthenticationRequest)
2019-08-26 09:54:12,837 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/registerUser],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.AuthenticationController.registerUser(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,com.capitalone.dashboard.request.AuthenticationRequest) throws java.io.IOException,javax.servlet.ServletException
2019-08-26 09:54:12,837 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/authenticationProviders],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.AuthType> com.capitalone.dashboard.rest.AuthenticationController.getAuthenticationProviders()
2019-08-26 09:54:12,839 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/createAccount],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AdminController.createAccount(com.capitalone.dashboard.request.ServiceAccountRequest)
2019-08-26 09:54:12,839 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/updateAccount/{id}],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AdminController.updateAccount(com.capitalone.dashboard.request.ServiceAccountRequest,org.bson.types.ObjectId)
2019-08-26 09:54:12,839 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/deleteAccount/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.AdminController.deleteAccount(org.bson.types.ObjectId)
2019-08-26 09:54:12,839 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/apitokens],methods=[GET]}" onto public java.util.Collection<com.capitalone.dashboard.model.ApiToken> com.capitalone.dashboard.rest.AdminController.getApiTokens()
2019-08-26 09:54:12,839 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/deleteToken/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.AdminController.deleteToken(org.bson.types.ObjectId)
2019-08-26 09:54:12,840 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/updateToken/{id}],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AdminController.updateToken(com.capitalone.dashboard.request.ApiTokenRequest,org.bson.types.ObjectId)
2019-08-26 09:54:12,840 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/featureFlags],methods=[GET]}" onto public java.util.List<com.capitalone.dashboard.model.FeatureFlag> com.capitalone.dashboard.rest.AdminController.getFeatureFlags()
2019-08-26 09:54:12,840 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/users/addAdmin],methods=[POST]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.UserInfo> com.capitalone.dashboard.rest.AdminController.addAdmin(com.capitalone.dashboard.model.UserInfo)
2019-08-26 09:54:12,840 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/users/removeAdmin],methods=[POST]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.UserInfo> com.capitalone.dashboard.rest.AdminController.removeAuthorityFromUser(com.capitalone.dashboard.model.UserInfo)
2019-08-26 09:54:12,840 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/createToken],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AdminController.createToken(com.capitalone.dashboard.request.ApiTokenRequest)
2019-08-26 09:54:12,844 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/allServiceAccounts],methods=[GET]}" onto public java.util.Collection<com.capitalone.dashboard.model.ServiceAccount> com.capitalone.dashboard.rest.AdminController.getAllServiceAccouts()
2019-08-26 09:54:12,844 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/addOrUpdateFeatureFlags],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.AdminController.addFeatureFlags(com.capitalone.dashboard.request.FeatureFlagRequest)
2019-08-26 09:54:12,844 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/admin/deleteFeatureFlags/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.AdminController.deleteFeatureFlags(org.bson.types.ObjectId)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/count/{type}],methods=[GET],produces=[application/json]}" onto public long com.capitalone.dashboard.rest.DashboardController.dashboardsCount(java.lang.String)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/filter/count/{title}/{type}],methods=[GET],produces=[application/json]}" onto public long com.capitalone.dashboard.rest.DashboardController.dashboardsFilterCount(java.lang.String,java.lang.String)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/page/filter],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Dashboard>> com.capitalone.dashboard.rest.DashboardController.dashboardByTitlePage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/page],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Dashboard>> com.capitalone.dashboard.rest.DashboardController.dashboardByPage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/mydashboard/page],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Dashboard>> com.capitalone.dashboard.rest.DashboardController.myDashboardByPage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/mydashboard/count/{type}],methods=[GET],produces=[application/json]}" onto public long com.capitalone.dashboard.rest.DashboardController.myDashboardCount(java.lang.String)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/mydashboard/filter/count/{title}/{type}],methods=[GET],produces=[application/json]}" onto public long com.capitalone.dashboard.rest.DashboardController.myDashboardsFilterCount(java.lang.String,java.lang.String)
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/mydashboard/page/filter],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Dashboard>> com.capitalone.dashboard.rest.DashboardController.myDashboardByTitlePage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,847 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard],methods=[GET],produces=[application/json]}" onto public java.lang.Iterable<com.capitalone.dashboard.model.Dashboard> com.capitalone.dashboard.rest.DashboardController.dashboards()
2019-08-26 09:54:12,848 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/deleteWidget/{widgetId}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.WidgetResponse> com.capitalone.dashboard.rest.DashboardController.deleteWidget(org.bson.types.ObjectId,org.bson.types.ObjectId,com.capitalone.dashboard.request.WidgetRequest)
2019-08-26 09:54:12,848 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/updateScoreSettings/{id}],methods=[PUT]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardController.updateScoreSettings(org.bson.types.ObjectId,boolean,java.lang.String)
2019-08-26 09:54:12,848 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/pagesize],methods=[GET],produces=[application/json]}" onto public int com.capitalone.dashboard.rest.DashboardController.getPageSize()
2019-08-26 09:54:12,848 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/widget],methods=[POST],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.WidgetResponse> com.capitalone.dashboard.rest.DashboardController.addWidget(org.bson.types.ObjectId,com.capitalone.dashboard.request.WidgetRequest)
2019-08-26 09:54:12,862 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.DashboardController.deleteDashboard(org.bson.types.ObjectId)
2019-08-26 09:54:12,862 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/component/{componentId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.Component com.capitalone.dashboard.rest.DashboardController.getComponentForDashboard(org.bson.types.ObjectId)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/configItemApp/{configItem}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity com.capitalone.dashboard.rest.DashboardController.getDashboardByApp(java.lang.String)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/configItemComponent/{configItem}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity com.capitalone.dashboard.rest.DashboardController.getDashboardByComp(java.lang.String)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/configItemComponentAndApp/{configItemComp}/{configItemApp}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity com.capitalone.dashboard.rest.DashboardController.getDashboardByCompAndApp(java.lang.String,java.lang.String)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Dashboard> com.capitalone.dashboard.rest.DashboardController.createDashboard(com.capitalone.dashboard.request.DashboardRequest)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.Dashboard com.capitalone.dashboard.rest.DashboardController.getDashboard(org.bson.types.ObjectId)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardController.updateDashboard(org.bson.types.ObjectId,com.capitalone.dashboard.request.DashboardRequest)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/rename/{id}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardController.renameDashboard(org.bson.types.ObjectId,com.capitalone.dashboard.request.DashboardRequestTitle)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/widget/{widgetId}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.WidgetResponse> com.capitalone.dashboard.rest.DashboardController.updateWidget(org.bson.types.ObjectId,org.bson.types.ObjectId,com.capitalone.dashboard.request.WidgetRequest)
2019-08-26 09:54:12,863 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/mydashboard],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Dashboard> com.capitalone.dashboard.rest.DashboardController.getOwnedDashboards()
2019-08-26 09:54:12,864 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/owners],methods=[GET],produces=[application/json]}" onto public java.lang.Iterable<com.capitalone.dashboard.model.Owner> com.capitalone.dashboard.rest.DashboardController.getOwners(org.bson.types.ObjectId)
2019-08-26 09:54:12,864 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/{id}/owners],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.Iterable<com.capitalone.dashboard.model.Owner>> com.capitalone.dashboard.rest.DashboardController.updateOwners(org.bson.types.ObjectId,java.lang.Iterable<com.capitalone.dashboard.model.Owner>)
2019-08-26 09:54:12,864 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/myowner/{id}],methods=[GET],produces=[application/json]}" onto public java.lang.String com.capitalone.dashboard.rest.DashboardController.getDashboardOwner(org.bson.types.ObjectId)
2019-08-26 09:54:12,864 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/updateBusItems/{id}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardController.updateDashboardBusinessItems(org.bson.types.ObjectId,com.capitalone.dashboard.model.Dashboard)
2019-08-26 09:54:12,867 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/dashboard/updateDashboardWidgets/{id}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.DashboardController.updateDashboardWidgets(org.bson.types.ObjectId,com.capitalone.dashboard.model.Dashboard)
2019-08-26 09:54:12,868 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/item/component/{id}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.CollectorItem>> com.capitalone.dashboard.rest.CollectorController.getCollectorItemByComponentId(java.lang.String,java.lang.String)
2019-08-26 09:54:12,868 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/item/type/{collectorType}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.CollectorItem>> com.capitalone.dashboard.rest.CollectorController.collectorItemsByType(com.capitalone.dashboard.model.CollectorType,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,868 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/item],methods=[DELETE],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.CollectorItem> com.capitalone.dashboard.rest.CollectorController.deleteCollectorItem(com.capitalone.dashboard.request.CollectorItemRequest)
2019-08-26 09:54:12,868 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/type/{collectorType}],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Collector> com.capitalone.dashboard.rest.CollectorController.collectorsByType(com.capitalone.dashboard.model.CollectorType)
2019-08-26 09:54:12,868 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/collectorId/{id}],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Collector> com.capitalone.dashboard.rest.CollectorController.collectorsByType(org.bson.types.ObjectId)
2019-08-26 09:54:12,869 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public com.capitalone.dashboard.model.Collector com.capitalone.dashboard.rest.CollectorController.createCollector(com.capitalone.dashboard.request.CollectorRequest)
2019-08-26 09:54:12,869 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/item],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.CollectorItem> com.capitalone.dashboard.rest.CollectorController.createCollectorItem(com.capitalone.dashboard.request.CollectorItemRequest)
2019-08-26 09:54:12,869 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/collector/item/{id}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.CollectorItem> com.capitalone.dashboard.rest.CollectorController.getCollectorItem(org.bson.types.ObjectId)
2019-08-26 09:54:12,870 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/serviceaccount_deprecated/createAccount],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.ServiceAccountController.createAccount(com.capitalone.dashboard.request.ServiceAccountRequest)
2019-08-26 09:54:12,871 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/serviceaccount_deprecated/updateAccount/{id}],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.ServiceAccountController.updateAccount(com.capitalone.dashboard.request.ServiceAccountRequest,org.bson.types.ObjectId)
2019-08-26 09:54:12,872 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/serviceaccount_deprecated/deleteAccount/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.ServiceAccountController.deleteAccount(org.bson.types.ObjectId)
2019-08-26 09:54:12,873 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/serviceaccount_deprecated/allServiceAccounts],methods=[GET]}" onto public java.util.Collection<com.capitalone.dashboard.model.ServiceAccount> com.capitalone.dashboard.rest.ServiceAccountController.getAllServiceAccouts()
2019-08-26 09:54:12,875 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/quality/test],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.TestResultController.createTestV2(com.capitalone.dashboard.request.TestDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,875 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/quality/testresult],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.TestResultController.createPerfTestV2(com.capitalone.dashboard.request.PerfTestDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,889 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/test],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.TestResultController.createTest(com.capitalone.dashboard.request.TestDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,889 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/testresult],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.TestResultController.createPerfTest(com.capitalone.dashboard.request.PerfTestDataCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,889 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/quality/test],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.TestResult>> com.capitalone.dashboard.rest.TestResultController.qualityData(com.capitalone.dashboard.request.TestResultRequest)
2019-08-26 09:54:12,889 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/pipeline],methods=[GET],produces=[application/json]}" onto public java.lang.Iterable<com.capitalone.dashboard.model.PipelineResponse> com.capitalone.dashboard.rest.PipelineController.searchPipelines(com.capitalone.dashboard.request.PipelineSearchRequest)
2019-08-26 09:54:12,890 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/teamInventory],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<com.capitalone.dashboard.model.TeamInventory> com.capitalone.dashboard.rest.TeamInventoryController.getTeamWidgetData(com.capitalone.dashboard.request.TeamInventoryRequest)
2019-08-26 09:54:12,890 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/rally],methods=[GET],produces=[application/json]}" onto public java.util.List<java.util.Map<java.lang.String, java.lang.Object>> com.capitalone.dashboard.rest.RallyFeatureController.getRallyWidgetData(com.capitalone.dashboard.request.RallyFeatureRequest,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,890 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/generic-item],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.GenericCollectorItemController.createGenericItem(com.capitalone.dashboard.request.GenericCollectorItemCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,890 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/generic-binary-artifact],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.GenericCollectorItemController.createGenericBinaryArtifact(com.capitalone.dashboard.request.GenericCollectorItemCreateRequest) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/template],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.Template> com.capitalone.dashboard.rest.TemplateController.createTemplate(com.capitalone.dashboard.request.CreateTemplateRequest)
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/template/{id}],methods=[PUT],consumes=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.rest.TemplateController.updateTemplate(org.bson.types.ObjectId,com.capitalone.dashboard.request.CreateTemplateRequest)
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/template/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.capitalone.dashboard.rest.TemplateController.deleteTemplate(org.bson.types.ObjectId)
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/template/{template}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.Template com.capitalone.dashboard.rest.TemplateController.getTemplate(java.lang.String)
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/templates],methods=[GET],produces=[application/json]}" onto public java.lang.Iterable<com.capitalone.dashboard.model.Template> com.capitalone.dashboard.rest.TemplateController.templates()
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/maturityModel/profile/{profile}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<com.capitalone.dashboard.model.MaturityModel> com.capitalone.dashboard.rest.MaturityModelController.getMaturiyModel(java.lang.String)
2019-08-26 09:54:12,891 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/maturityModel/profiles],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<java.lang.String>> com.capitalone.dashboard.rest.MaturityModelController.getMaturiyModelProfiles()
2019-08-26 09:54:12,895 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/loganalysis],methods=[GET]}" onto public com.capitalone.dashboard.model.DataResponse<java.lang.Iterable<com.capitalone.dashboard.model.LogAnalysis>> com.capitalone.dashboard.rest.LogAnalysisController.findAllLogAnalysisJobs(com.capitalone.dashboard.request.LogAnalysisSearchRequest)
2019-08-26 09:54:12,896 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/create],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<java.lang.String>> com.capitalone.dashboard.rest.CloudInstanceController.upsertInstance(java.util.List<com.capitalone.dashboard.request.CloudInstanceCreateRequest>) throws com.capitalone.dashboard.misc.HygieiaException
2019-08-26 09:54:12,896 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/details/component/{componentId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudInstance>> com.capitalone.dashboard.rest.CloudInstanceController.getInstanceDetailsByComponentId(java.lang.String)
2019-08-26 09:54:12,897 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/details/instances/{instanceIds}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudInstance>> com.capitalone.dashboard.rest.CloudInstanceController.getInstanceDetailsByInstanceIds(java.util.List<java.lang.String>)
2019-08-26 09:54:12,897 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/details/tags],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudInstance>> com.capitalone.dashboard.rest.CloudInstanceController.getInstanceDetailsByTags(java.util.List<com.capitalone.dashboard.model.NameValue>)
2019-08-26 09:54:12,898 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/details/account/{accountNumber}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudInstance>> com.capitalone.dashboard.rest.CloudInstanceController.getInstanceDetailsByAccount(java.lang.String)
2019-08-26 09:54:12,898 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/refresh],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<java.lang.String>> com.capitalone.dashboard.rest.CloudInstanceController.refreshInstances(com.capitalone.dashboard.request.CloudInstanceListRefreshRequest)
2019-08-26 09:54:12,898 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/cloud/instance/history/account/{accountNumber}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.Collection<com.capitalone.dashboard.model.CloudInstanceHistory>> com.capitalone.dashboard.rest.CloudInstanceController.getInstanceAggregatedDataByAccount(java.lang.String)
2019-08-26 09:54:12,898 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/libraryPolicy],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.LibraryPolicyResult>> com.capitalone.dashboard.rest.LibraryPolicyController.libraryPolicySearch(com.capitalone.dashboard.request.LibraryPolicyRequest)
2019-08-26 09:54:12,899 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/scope/{scopeId}],methods=[GET],produces=[application/json]}" onto public com.capitalone.dashboard.model.DataResponse<java.util.List<com.capitalone.dashboard.model.Scope>> com.capitalone.dashboard.rest.ScopeController.scope(java.lang.String,java.lang.String)
2019-08-26 09:54:12,899 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/scopecollector/{collectorId}],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Scope> com.capitalone.dashboard.rest.ScopeController.teamsByCollector(java.lang.String)
2019-08-26 09:54:12,899 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/scopecollector/page/{collectorId}],methods=[GET],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.util.List<com.capitalone.dashboard.model.Scope>> com.capitalone.dashboard.rest.ScopeController.teamsByCollectorPage(java.lang.String,java.lang.String,org.springframework.data.domain.Pageable)
2019-08-26 09:54:12,899 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/scope],methods=[GET],produces=[application/json]}" onto public java.util.List<com.capitalone.dashboard.model.Scope> com.capitalone.dashboard.rest.ScopeController.allScopes()
2019-08-26 09:54:12,900 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/webhook/github/v3],methods=[POST],consumes=[application/json],produces=[application/json]}" onto public org.springframework.http.ResponseEntity<java.lang.String> com.capitalone.dashboard.webhook.github.GitHubHookController.createGitHubv3(org.json.simple.JSONObject) throws org.json.simple.parser.ParseException,com.capitalone.dashboard.misc.HygieiaException,java.net.MalformedURLException
2019-08-26 09:54:12,900 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/v2/api-docs],methods=[GET],produces=[application/json || application/hal+json]}" onto public org.springframework.http.ResponseEntity<springfox.documentation.spring.web.json.Json> springfox.documentation.swagger2.web.Swagger2Controller.getDocumentation(java.lang.String,javax.servlet.http.HttpServletRequest)
2019-08-26 09:54:12,920 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/configuration/security]}" onto org.springframework.http.ResponseEntity<springfox.documentation.swagger.web.SecurityConfiguration> springfox.documentation.swagger.web.ApiResourceController.securityConfiguration()
2019-08-26 09:54:12,929 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/swagger-resources]}" onto org.springframework.http.ResponseEntity<java.util.List<springfox.documentation.swagger.web.SwaggerResource>> springfox.documentation.swagger.web.ApiResourceController.swaggerResources()
2019-08-26 09:54:12,929 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/configuration/ui]}" onto org.springframework.http.ResponseEntity<springfox.documentation.swagger.web.UiConfiguration> springfox.documentation.swagger.web.ApiResourceController.uiConfiguration()
2019-08-26 09:54:12,932 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest)
2019-08-26 09:54:12,932 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
2019-08-26 09:54:13,234 [main] INFO o.s.w.s.h.SimpleUrlHandlerMapping - Mapped URL path [/] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2019-08-26 09:54:13,251 [main] INFO o.s.w.s.h.SimpleUrlHandlerMapping - Mapped URL path [/] onto handler of type [class org.springframework.web.servlet.resource.DefaultServletHttpRequestHandler]
2019-08-26 09:54:13,435 [main] INFO o.s.w.s.m.m.a.RequestMappingHandlerAdapter - Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@7860d1e8: startup date [Mon Aug 26 09:53:59 UTC 2019]; parent: org.springframework.context.annotation.AnnotationConfigApplicationContext@3285c7df
2019-08-26 09:54:13,551 [main] INFO o.s.w.s.m.m.a.ExceptionHandlerExceptionResolver - Detected @ExceptionHandler methods in restApiExceptionHandler
2019-08-26 09:54:13,617 [main] INFO o.s.s.c.ThreadPoolTaskScheduler - Initializing ExecutorService 'taskScheduler'
2019-08-26 09:54:13,683 [main] INFO c.c.dashboard.config.MongoConfig - ReplicaSetfalse
2019-08-26 09:54:13,684 [main] INFO c.c.dashboard.config.MongoConfig - Initializing Mongo Client server at: localhost:27017
2019-08-26 09:54:13,685 [main] INFO org.mongodb.driver.cluster - Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500}
2019-08-26 09:54:13,715 [main] INFO c.c.dashboard.config.MongoConfig - Connecting to Mongo: Mongo{options=MongoClientOptions{description='null', readPreference=primary, writeConcern=WriteConcern{w=1, wtimeout=0, fsync=false, j=false, codecRegistry=org.bson.codecs.configuration.ProvidersCodecRegistry@9ae246e7, minConnectionsPerHost=0, maxConnectionsPerHost=100, threadsAllowedToBlockForConnectionMultiplier=5, serverSelectionTimeout=30000, maxWaitTime=120000, maxConnectionIdleTime=60000, maxConnectionLifeTime=0, connectTimeout=10000, socketTimeout=0, socketKeepAlive=false, sslEnabled=false, sslInvalidHostNamesAllowed=false, alwaysUseMBeans=false, heartbeatFrequency=10000, minHeartbeatFrequency=500, heartbeatConnectTimeout=20000, heartbeatSocketTimeout=20000, localThreshold=15, requiredReplicaSetName='null', dbDecoderFactory=com.mongodb.DefaultDBDecoder$1@2a2c8035, dbEncoderFactory=com.mongodb.DefaultDBEncoder$1@5774970e, socketFactory=javax.net.DefaultSocketFactory@b724806, cursorFinalizerEnabled=true, connectionPoolSettings=ConnectionPoolSettings{maxSize=100, minSize=0, maxWaitQueueSize=500, maxWaitTimeMS=120000, maxConnectionLifeTimeMS=0, maxConnectionIdleTimeMS=60000, maintenanceInitialDelayMS=0, maintenanceFrequencyMS=60000}, socketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=0, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}, serverSettings=ServerSettings{heartbeatFrequencyMS=10000, minHeartbeatFrequencyMS=500}, heartbeatSocketSettings=SocketSettings{connectTimeoutMS=20000, readTimeoutMS=20000, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}}}
2019-08-26 09:54:13,861 [cluster-ClusterId{value='5d63ac45609069739a963c23', description='null'}-localhost:27017] INFO org.mongodb.driver.connection - Opened connection [connectionId{localValue:3, serverValue:176}] to localhost:27017
2019-08-26 09:54:13,863 [cluster-ClusterId{value='5d63ac45609069739a963c23', description='null'}-localhost:27017] INFO org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 0, 15]}, minWireVersion=0, maxWireVersion=3, electionId=null, maxDocumentSize=16777216, roundTripTimeNanos=1130964}
2019-08-26 09:54:14,419 [main] INFO c.c.dashboard.config.MongoConfig - ReplicaSetfalse
2019-08-26 09:54:14,419 [main] INFO c.c.dashboard.config.MongoConfig - Initializing Mongo Client server at: localhost:27017
2019-08-26 09:54:14,420 [main] INFO org.mongodb.driver.cluster - Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500}
2019-08-26 09:54:14,447 [main] INFO c.c.dashboard.config.MongoConfig - Connecting to Mongo: Mongo{options=MongoClientOptions{description='null', readPreference=primary, writeConcern=WriteConcern{w=1, wtimeout=0, fsync=false, j=false, codecRegistry=org.bson.codecs.configuration.ProvidersCodecRegistry@9ae246e7, minConnectionsPerHost=0, maxConnectionsPerHost=100, threadsAllowedToBlockForConnectionMultiplier=5, serverSelectionTimeout=30000, maxWaitTime=120000, maxConnectionIdleTime=60000, maxConnectionLifeTime=0, connectTimeout=10000, socketTimeout=0, socketKeepAlive=false, sslEnabled=false, sslInvalidHostNamesAllowed=false, alwaysUseMBeans=false, heartbeatFrequency=10000, minHeartbeatFrequency=500, heartbeatConnectTimeout=20000, heartbeatSocketTimeout=20000, localThreshold=15, requiredReplicaSetName='null', dbDecoderFactory=com.mongodb.DefaultDBDecoder$1@2a2c8035, dbEncoderFactory=com.mongodb.DefaultDBEncoder$1@5774970e, socketFactory=javax.net.DefaultSocketFactory@b724806, cursorFinalizerEnabled=true, connectionPoolSettings=ConnectionPoolSettings{maxSize=100, minSize=0, maxWaitQueueSize=500, maxWaitTimeMS=120000, maxConnectionLifeTimeMS=0, maxConnectionIdleTimeMS=60000, maintenanceInitialDelayMS=0, maintenanceFrequencyMS=60000}, socketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=0, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}, serverSettings=ServerSettings{heartbeatFrequencyMS=10000, minHeartbeatFrequencyMS=500}, heartbeatSocketSettings=SocketSettings{connectTimeoutMS=20000, readTimeoutMS=20000, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}}}
2019-08-26 09:54:14,449 [main] INFO c.c.dashboard.config.MongoConfig - ReplicaSetfalse
2019-08-26 09:54:14,449 [main] INFO c.c.dashboard.config.MongoConfig - Initializing Mongo Client server at: localhost:27017
2019-08-26 09:54:14,450 [main] INFO org.mongodb.driver.cluster - Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500}
2019-08-26 09:54:14,497 [cluster-ClusterId{value='5d63ac46609069739a963c24', description='null'}-localhost:27017] INFO org.mongodb.driver.connection - Opened connection [connectionId{localValue:4, serverValue:177}] to localhost:27017
2019-08-26 09:54:14,498 [cluster-ClusterId{value='5d63ac46609069739a963c24', description='null'}-localhost:27017] INFO org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 0, 15]}, minWireVersion=0, maxWireVersion=3, electionId=null, maxDocumentSize=16777216, roundTripTimeNanos=794066}
2019-08-26 09:54:14,511 [main] INFO c.c.dashboard.config.MongoConfig - Connecting to Mongo: Mongo{options=MongoClientOptions{description='null', readPreference=primary, writeConcern=WriteConcern{w=1, wtimeout=0, fsync=false, j=false, codecRegistry=org.bson.codecs.configuration.ProvidersCodecRegistry@9ae246e7, minConnectionsPerHost=0, maxConnectionsPerHost=100, threadsAllowedToBlockForConnectionMultiplier=5, serverSelectionTimeout=30000, maxWaitTime=120000, maxConnectionIdleTime=60000, maxConnectionLifeTime=0, connectTimeout=10000, socketTimeout=0, socketKeepAlive=false, sslEnabled=false, sslInvalidHostNamesAllowed=false, alwaysUseMBeans=false, heartbeatFrequency=10000, minHeartbeatFrequency=500, heartbeatConnectTimeout=20000, heartbeatSocketTimeout=20000, localThreshold=15, requiredReplicaSetName='null', dbDecoderFactory=com.mongodb.DefaultDBDecoder$1@2a2c8035, dbEncoderFactory=com.mongodb.DefaultDBEncoder$1@5774970e, socketFactory=javax.net.DefaultSocketFactory@b724806, cursorFinalizerEnabled=true, connectionPoolSettings=ConnectionPoolSettings{maxSize=100, minSize=0, maxWaitQueueSize=500, maxWaitTimeMS=120000, maxConnectionLifeTimeMS=0, maxConnectionIdleTimeMS=60000, maintenanceInitialDelayMS=0, maintenanceFrequencyMS=60000}, socketSettings=SocketSettings{connectTimeoutMS=10000, readTimeoutMS=0, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}, serverSettings=ServerSettings{heartbeatFrequencyMS=10000, minHeartbeatFrequencyMS=500}, heartbeatSocketSettings=SocketSettings{connectTimeoutMS=20000, readTimeoutMS=20000, keepAlive=false, receiveBufferSize=0, sendBufferSize=0}}}
2019-08-26 09:54:14,581 [cluster-ClusterId{value='5d63ac46609069739a963c25', description='null'}-localhost:27017] INFO org.mongodb.driver.connection - Opened connection [connectionId{localValue:5, serverValue:178}] to localhost:27017
2019-08-26 09:54:14,583 [cluster-ClusterId{value='5d63ac46609069739a963c25', description='null'}-localhost:27017] INFO org.mongodb.driver.cluster - Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 0, 15]}, minWireVersion=0, maxWireVersion=3, electionId=null, maxDocumentSize=16777216, roundTripTimeNanos=1355770}
2019-08-26 09:54:15,527 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Registering beans for JMX exposure on startup
2019-08-26 09:54:15,538 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Bean with name 'configurationPropertiesRebinder' has been autodetected for JMX exposure
2019-08-26 09:54:15,539 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Bean with name 'environmentManager' has been autodetected for JMX exposure
2019-08-26 09:54:15,539 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Bean with name 'refreshScope' has been autodetected for JMX exposure
2019-08-26 09:54:15,541 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Located managed bean 'environmentManager': registering with JMX server as MBean [org.springframework.cloud.context.environment:name=environmentManager,type=EnvironmentManager]
2019-08-26 09:54:15,584 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Located managed bean 'refreshScope': registering with JMX server as MBean [org.springframework.cloud.context.scope.refresh:name=refreshScope,type=RefreshScope]
2019-08-26 09:54:15,610 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Located managed bean 'configurationPropertiesRebinder': registering with JMX server as MBean [org.springframework.cloud.context.properties:name=configurationPropertiesRebinder,context=7860d1e8,type=ConfigurationPropertiesRebinder]
2019-08-26 09:54:15,719 [main] INFO s.d.s.w.p.DocumentationPluginsBootstrapper - Context refreshed
2019-08-26 09:54:15,751 [main] INFO s.d.s.w.p.DocumentationPluginsBootstrapper - Found 1 custom documentation plugin(s)
2019-08-26 09:54:15,791 [main] INFO s.d.s.w.s.ApiListingReferenceScanner - Scanning for api listing references
2019-08-26 09:54:16,365 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: refreshInstancesUsingPOST_1
2019-08-26 09:54:16,406 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: getVirtualNetworkDetailsUsingGET_1
2019-08-26 09:54:16,492 [main] WARN s.d.s.p.CachingModelPropertiesProvider - Exception calculating properties for model(com.capitalone.dashboard.model.Cmdb) -> ModelContext{type=com.capitalone.dashboard.model.Cmdb, isReturnType=true}. java.lang.IllegalArgumentException: Conflicting setter definitions for property "timestamp": com.capitalone.dashboard.model.Cmdb#setTimestamp(1 params) vs com.capitalone.dashboard.model.Cmdb#setTimestamp(1 params)
2019-08-26 09:54:16,493 [main] WARN s.d.s.p.CachingModelPropertiesProvider - Exception calculating properties for model(com.capitalone.dashboard.model.Cmdb) -> ModelContext{type=com.capitalone.dashboard.model.Cmdb, isReturnType=true}. java.lang.IllegalArgumentException: Conflicting setter definitions for property "timestamp": com.capitalone.dashboard.model.Cmdb#setTimestamp(1 params) vs com.capitalone.dashboard.model.Cmdb#setTimestamp(1 params)
2019-08-26 09:54:16,567 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: collectorsByTypeUsingGET_1
2019-08-26 09:54:17,011 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: remoteCreateDashboardUsingPOST_1
2019-08-26 09:54:17,048 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: deployStatusUsingGET_1
2019-08-26 09:54:17,178 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: createGitHubv3UsingPOST_1
2019-08-26 09:54:17,199 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: searchUsingGET_1
2019-08-26 09:54:17,230 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: createUsingPOST_1
2019-08-26 09:54:17,317 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: createAccountUsingPOST_1
2019-08-26 09:54:17,318 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: deleteAccountUsingDELETE_1
2019-08-26 09:54:17,319 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: getAllServiceAccoutsUsingGET_1
2019-08-26 09:54:17,336 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: updateAccountUsingPOST_1
2019-08-26 09:54:17,386 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: refreshServiceUsingGET_1
2019-08-26 09:54:17,411 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: teamsByCollectorUsingGET_1
2019-08-26 09:54:17,412 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: teamsByCollectorPageUsingGET_1
2019-08-26 09:54:17,522 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: qualityDataUsingGET_1
2019-08-26 09:54:17,525 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: createGitHubv3UsingPOST_2
2019-08-26 09:54:17,530 [main] INFO s.d.s.w.r.o.CachingOperationNameGenerator - Generating unique operation named: searchUsingGET_2
2019-08-26 09:54:17,583 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8090"]
2019-08-26 09:54:17,618 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8090"]
2019-08-26 09:54:17,627 [main] INFO o.a.tomcat.util.net.NioSelectorPool - Using a shared selector for servlet write/read
2019-08-26 09:54:17,684 [main] INFO o.s.b.c.e.t.TomcatEmbeddedServletContainer - Tomcat started on port(s): 8090 (http)
2019-08-26 09:54:17,688 [main] INFO com.capitalone.dashboard.Application - Started Application in 21.368 seconds (JVM running for 22.526)
2019-08-26 09:56:06,267 [pool-3-thread-1] INFO org.mongodb.driver.connection - Closed connection [connectionId{localValue:2, serverValue:175}] to localhost:27017 because it is past its maximum allowed idle time.

And api output:

curl -I http://localhost:8090/api/
HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Mon, 26 Aug 2019 09:54:45 GMT

curl -I http://localhost:8090/api/ping/
HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Mon, 26 Aug 2019 09:54:40 GMT

Let me know if I'm doing something wrong. Or this repo is still work in progress.

I've been unable to find any information as to how to bind with a user prior to authentication.

The Microsoft Active Directory server requires binding user and password.

CVE-2020-13943 - Medium Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.5.57.jar

Core Tomcat implementation

Path to dependency file: api/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.57/tomcat-embed-core-8.5.57.jar

Dependency Hierarchy:

• spring-boot-starter-web-1.5.22.RELEASE.jar (Root Library)
  • spring-boot-starter-tomcat-1.5.22.RELEASE.jar
    • ❌ tomcat-embed-core-8.5.57.jar (Vulnerable Library)

Found in HEAD commit: 37b603a7212a01a6b2bb0dd83fcfc64834928d71

Found in base branch: master

Vulnerability Details

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.

Publish Date: 2020-10-12

URL: CVE-2020-13943

CVSS 3 Score Details (4.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r4a390027eb27e4550142fac6c8317cc684b157ae314d31514747f307%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2020-10-12

Fix Resolution: org.apache.tomcat:tomcat-coyote:8.5.58,9.0.38,10.0.0-M8;org.apache.tomcat.embed:tomcat-embed-core:8.5.58,9.0.38,10.0.0-M8

Step up your Open Source Security Game with WhiteSource here

Hello,
I am trying to create dashboard remotely. I want to create the pipeline widget and deploy widget as pipeline depends on deploy. What should be the body for the POST method or where can I find the documentation? I tried the one mentioned in swagger, it did not publish anything. I am using the /dashboard/remoteCreate endpoint.

Thank You

I am trying to use groovy script to publish deploy data from Jenkins to Hygieia. Since hygieia is using JWT authentication by default /api/deploy POST method requires authentication token.

To obtain JWT token at the groovy script I need to use /api/login and it's not documented if I launch <HYGIEIA_BASE_URL>/api/swagger/index.html

Hi,

when I running "mvn install" command to create jar getting following compilation error

Jay:hygieia-api jaymomaya$ mvn install
[INFO] Scanning for projects...
[INFO]
[INFO] ----------------< com.capitalone.dashboard:hygieia-api >----------------
[INFO] Building com.capitalone.dashboard:api 4.0.0-SNAPSHOT
[INFO] --------------------------------[ jar ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (default-clean) @ hygieia-api ---
[INFO] Deleting /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/target
[INFO]
[INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ hygieia-api ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] Copying 47 resources
[INFO]
[INFO] --- maven-compiler-plugin:3.5.1:compile (default-compile) @ hygieia-api ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 222 source files to /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/target/classes
[INFO] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java: Some input files use or override a deprecated API.
[INFO] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java: Recompile with -Xlint:deprecation for details.
[INFO] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubPullRequestV3.java: Some input files use unchecked or unsafe operations.
[INFO] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubPullRequestV3.java: Recompile with -Xlint:unchecked for details.
[INFO] Some messages have been simplified; recompile with -Xdiags:verbose to get full output
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[14,24] package javax.activation does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[15,24] package javax.activation does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/FeatureServiceImpl.java:[24,22] package javax.xml.bind does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/PerformanceServiceImpl.java:[109,46] cannot find symbol
  symbol:   method firstNonNull(com.capitalone.dashboard.model.PerformanceType,com.capitalone.dashboard.model.PerformanceType)
  location: class com.google.common.base.Objects
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/CodeQualityServiceImpl.java:[121,46] cannot find symbol
  symbol:   method firstNonNull(com.capitalone.dashboard.model.CodeQualityType,com.capitalone.dashboard.model.CodeQualityType)
  location: class com.google.common.base.Objects
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubPullRequestV3.java:[78,39] non-static method getBoolean(java.lang.Object,java.lang.String) cannot be referenced from a static context
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[93,131] cannot find symbol
  symbol:   class MimeType
  location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[93,75] cannot find symbol
  symbol:   class MimeType
  location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[96,127] cannot find symbol
  symbol:   class MimeType
  location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[96,73] cannot find symbol
  symbol:   class MimeType
  location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[99,22] cannot find symbol
  symbol:   class MimeTypeParseException
  location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/DashboardRemoteServiceImpl.java:[219,111] incompatible types: com.capitalone.dashboard.model.Owner cannot be converted to java.util.List<com.capitalone.dashboard.model.Owner>
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/FeatureServiceImpl.java:[469,24] cannot find symbol
  symbol:   variable DatatypeConverter
  location: class com.capitalone.dashboard.service.FeatureServiceImpl
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/request/DashboardRequest.java:[136,11] incompatible types: com.capitalone.dashboard.model.Owner cannot be converted to java.util.List<com.capitalone.dashboard.model.Owner>
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[112,19] cannot find symbol
  symbol:   method setBuildInfo(com.capitalone.dashboard.model.Build)
  location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[151,30] cannot find symbol
  symbol:   method getBuildInfo()
  location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[152,30] cannot find symbol
  symbol:   method getBuildInfo()
  location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubCommitV3.java:[135,43] non-static method getBoolean(java.lang.Object,java.lang.String) cannot be referenced from a static context
[INFO] 18 errors
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  3.901 s
[INFO] Finished at: 2020-07-24T00:27:25+05:30
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.5.1:compile (default-compile) on project hygieia-api: Compilation failure: Compilation failure:
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[14,24] package javax.activation does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[15,24] package javax.activation does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/FeatureServiceImpl.java:[24,22] package javax.xml.bind does not exist
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/PerformanceServiceImpl.java:[109,46] cannot find symbol
[ERROR]   symbol:   method firstNonNull(com.capitalone.dashboard.model.PerformanceType,com.capitalone.dashboard.model.PerformanceType)
[ERROR]   location: class com.google.common.base.Objects
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/CodeQualityServiceImpl.java:[121,46] cannot find symbol
[ERROR]   symbol:   method firstNonNull(com.capitalone.dashboard.model.CodeQualityType,com.capitalone.dashboard.model.CodeQualityType)
[ERROR]   location: class com.google.common.base.Objects
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubPullRequestV3.java:[78,39] non-static method getBoolean(java.lang.Object,java.lang.String) cannot be referenced from a static context
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[93,131] cannot find symbol
[ERROR]   symbol:   class MimeType
[ERROR]   location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[93,75] cannot find symbol
[ERROR]   symbol:   class MimeType
[ERROR]   location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[96,127] cannot find symbol
[ERROR]   symbol:   class MimeType
[ERROR]   location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[96,73] cannot find symbol
[ERROR]   symbol:   class MimeType
[ERROR]   location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java:[99,22] cannot find symbol
[ERROR]   symbol:   class MimeTypeParseException
[ERROR]   location: class com.capitalone.dashboard.logging.LoggingFilter
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/DashboardRemoteServiceImpl.java:[219,111] incompatible types: com.capitalone.dashboard.model.Owner cannot be converted to java.util.List<com.capitalone.dashboard.model.Owner>
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/FeatureServiceImpl.java:[469,24] cannot find symbol
[ERROR]   symbol:   variable DatatypeConverter
[ERROR]   location: class com.capitalone.dashboard.service.FeatureServiceImpl
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/request/DashboardRequest.java:[136,11] incompatible types: com.capitalone.dashboard.model.Owner cannot be converted to java.util.List<com.capitalone.dashboard.model.Owner>
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[112,19] cannot find symbol
[ERROR]   symbol:   method setBuildInfo(com.capitalone.dashboard.model.Build)
[ERROR]   location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[151,30] cannot find symbol
[ERROR]   symbol:   method getBuildInfo()
[ERROR]   location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/service/BinaryArtifactServiceImpl.java:[152,30] cannot find symbol
[ERROR]   symbol:   method getBuildInfo()
[ERROR]   location: variable ba of type com.capitalone.dashboard.model.BinaryArtifact
[ERROR] /Users/jaymomaya/Documents/Projects/Opensource/Hygieia/hygieia-api/src/main/java/com/capitalone/dashboard/webhook/github/GitHubCommitV3.java:[135,43] non-static method getBoolean(java.lang.Object,java.lang.String) cannot be referenced from a static context
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException