Hello, I am using ApPSensor 2.3.3 and report Events to it. However, as soon as a A

Error: Exception in UI when attacks should be displayed/are created,about jtmelton/appsensor

Comments (3)

jtmelton commented on July 28, 2024

Can you show me how you're sending events?

from appsensor.

jtmelton commented on July 28, 2024

also, can you share the appsensor log for the UI and the rest backend?

from appsensor.

Seppl2202 commented on July 28, 2024

Hey,
thanks for your reply. Here is how the events are created and sent:

Method that wraps AppSensor processes:

@Named
public class AppSensorReporter {
    @Autowired
    private org.owasp.appsensor.event.RestEventManager appsensorEventManager;

    @Autowired
    private AppSensorResponseHandlerObserver observer;

    @Value("${appsensor.client.header.value}")
    private String appsensorApplicationName;

    private ScheduledExecutorService scheduledExecutorService = Executors.newSingleThreadScheduledExecutor();

    private static final Logger logger = LogManager.getLogger(AppSensorReporter.class);


    public void reportEventToAppsensor(final String apiEndpoint, final String attackVector, final String category, final String categoryLabel) {
        Reportable appSensorEvent = new AppSensorEvent(
                new DetectionPoint(category, categoryLabel),
                new DetectionSystem(appsensorApplicationName),
                appsensorEventManager, apiEndpoint, attackVector);
        logger.info("Reporting event to AppSensor: " + appSensorEvent.log());
        CompletableFuture.runAsync(() -> appSensorEvent.reportToAppsensor(), AppsSensorThreadPool.executorService);
        updateResponsesFromAppsensor();
    }

    private void updateResponsesFromAppsensor() {
        scheduledExecutorService.schedule(() -> {
               Collection<Response> responses = appsensorEventManager.getResponses(new DateTime(DateTimeZone.UTC).minusMinutes(10).toString());
               logger.info("Updating AppSensor respones");
               observer.onUpdate(responses);
            }, 10, TimeUnit.SECONDS);
    }
}

And the class that executes the reporting:

public class AppSensorEvent implements Reportable {

    private final String APPSENSOR_TIMESTAMP_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'";
    private final User reportedUser;
    private org.owasp.appsensor.core.Event appsensorEvent;
    private final DetectionPoint detectionPoint;
    private final DetectionSystem detectionSystem;
    private final EventManager appsensorEventManager;
    private final List<KeyValuePair> metadata;
    private String parsedUsername = "";
    private static final Logger logger = LogManager.getLogger(AppSensorEvent.class);
    private IP2GeoLocation ip2GeoLocation;


    public AppSensorEvent(DetectionPoint detectionPoint, DetectionSystem detectionSystem, EventManager appsensorEventManager, String apiEndpoint, String attackVector) {
        ip2GeoLocation = new IP2GeoLocation();
        extractUserName();
        String ipAddress = extractIPAddress();
        this.reportedUser = new User(parsedUsername, new IPAddress(ipAddress, ipAddressToGeolocation(ipAddress)));
        this.detectionPoint = detectionPoint;
        this.detectionSystem = detectionSystem;
        this.appsensorEventManager = appsensorEventManager;
        this.metadata = new LinkedList<>();
        metadata.add(new KeyValuePair("Endpoint", apiEndpoint));
        metadata.add(new KeyValuePair("Vector", attackVector));
        createAppsensorEvent();
    }

    private GeoLocation ipAddressToGeolocation(String ipAddress) {
        return ip2GeoLocation.ipAddressToGeoLocation(ipAddress);
    }


    private void extractUserName() {
         Optional<Authentication> usernameOptional = Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication());
         usernameOptional.ifPresentOrElse(this::getUsernameFromContext, () -> this.parsedUsername = "Unknown");
    }

    private void getUsernameFromContext(Authentication authentication) {
        this.parsedUsername = authentication.getPrincipal().toString()
                .split(",")[2].split("\'")[1];
    }



    private String extractIPAddress() {
        return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes())
                .getRequest().getRemoteAddr();
    }


    private void createAppsensorEvent() {
        this.appsensorEvent = new Event(
                this.reportedUser, this.detectionPoint,
                this.detectionSystem
        );
        this.appsensorEvent.setMetadata(this.metadata);
    }

    @Override
    public void reportToAppsensor() {
        appsensorEventManager.addEvent(this.appsensorEvent);
    }


    @Override
    public String log() {
        return " [Category: " + this.detectionPoint.getCategory() + ":" + this.detectionPoint.getLabel() + ", User: "
                + this.reportedUser.getUsername() + ":" + this.reportedUser.getIPAddress().getAddress() + "]";
    }
}

Please not that the source code is for a POC so it has a lot of space for improvements.

Now the logs:

Startup log of rest-server:

appsensor-rest-server    |  :: Spring Boot ::        (v1.3.2.RELEASE)
appsensor-rest-server    |
appsensor-rest-server    | 07:37:06.477 [main] INFO  o.o.a.AppsensorWsRestServerWithWebsocketBootApplication - Starting AppsensorWsRestServerWithWebsocketBootApplication v1.0.0-SNAPSHOT on 7075f8333fce with PID 1 (/maven/appsensor-ws-rest-server-1.0.0-SNAPSHOT.jar started by root in /)
appsensor-rest-server    | 07:37:06.480 [main] DEBUG o.o.a.AppsensorWsRestServerWithWebsocketBootApplication - Running with Spring Boot v1.3.2.RELEASE, Spring v4.2.4.RELEASE
appsensor-rest-server    | 07:37:06.480 [main] INFO  o.o.a.AppsensorWsRestServerWithWebsocketBootApplication - No active profile set, falling back to default profiles: default
appsensor-rest-server    | 07:37:06.539 [main] INFO  o.s.b.c.e.AnnotationConfigEmbeddedWebApplicationContext - Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@16441287: startup date [Thu Feb 27 07:37:06 GMT 2020]; root of context hierarchy
appsensor-rest-server    | 07:37:06.795 [background-preinit] DEBUG o.j.logging - Logging Provider: org.jboss.logging.Slf4jLoggerProvider found via system property
appsensor-rest-server    | 07:37:06.796 [background-preinit] INFO  o.h.v.i.u.Version - HV000001: Hibernate Validator 5.2.2.Final
appsensor-rest-server    | 07:37:07.708 [main] INFO  o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'responseHandler' with a different definition: replacing [Generic bean: class [org.owasp.appsensor.ResponseHandler]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in URL [jar:file:/maven/appsensor-ws-rest-server-1.0.0-SNAPSHOT.jar!/org/owasp/appsensor/ResponseHandler.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=appsensorWsRestServerWithWebsocketBootApplication; factoryMethodName=responseHandler; initMethodName=null; destroyMethodName=(inferred); defined in org.owasp.appsensor.AppsensorWsRestServerWithWebsocketBootApplication]
appsensor-rest-server    | 07:37:07.824 [main] INFO  o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'requestContextFilter' with a different definition: replacing [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.jersey.JerseyAutoConfiguration; factoryMethodName=requestContextFilter; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/jersey/JerseyAutoConfiguration.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.web.WebMvcAutoConfiguration$WebMvcAutoConfigurationAdapter; factoryMethodName=requestContextFilter; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/web/WebMvcAutoConfiguration$WebMvcAutoConfigurationAdapter.class]]
appsensor-rest-server    | 07:37:07.825 [main] INFO  o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'beanNameViewResolver' with a different definition: replacing [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.web.ErrorMvcAutoConfiguration$WhitelabelErrorViewConfiguration; factoryMethodName=beanNameViewResolver; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/web/ErrorMvcAutoConfiguration$WhitelabelErrorViewConfiguration.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.web.WebMvcAutoConfiguration$WebMvcAutoConfigurationAdapter; factoryMethodName=beanNameViewResolver; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/web/WebMvcAutoConfiguration$WebMvcAutoConfigurationAdapter.class]]
appsensor-rest-server    | 07:37:08.166 [main] INFO  o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
appsensor-rest-server    | 07:37:08.684 [main] INFO  o.s.b.c.e.t.TomcatEmbeddedServletContainer - Tomcat initialized with port(s): 31085 (http)
appsensor-rest-server    | 07:37:08.698 [main] INFO  o.a.c.c.StandardService - Starting service Tomcat
appsensor-rest-server    | 07:37:08.700 [main] INFO  o.a.c.c.StandardEngine - Starting Servlet Engine: Apache Tomcat/8.0.30
appsensor-rest-server    | 07:37:08.822 [localhost-startStop-1] INFO  o.a.c.c.C.[.[.[/] - Initializing Spring embedded WebApplicationContext
appsensor-rest-server    | 07:37:08.823 [localhost-startStop-1] INFO  o.s.w.c.ContextLoader - Root WebApplicationContext: initialization completed in 2287 ms
appsensor-rest-server    | 07:37:09.523 [localhost-startStop-1] INFO  o.s.b.c.e.ServletRegistrationBean - Mapping servlet: 'org.owasp.appsensor.rest.AppSensorApplication' to [/*]
appsensor-rest-server    | 07:37:09.524 [localhost-startStop-1] INFO  o.s.b.c.e.ServletRegistrationBean - Mapping servlet: 'dispatcherServlet' to [/]
appsensor-rest-server    | 07:37:09.529 [localhost-startStop-1] INFO  o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'characterEncodingFilter' to: [/*]
appsensor-rest-server    | 07:37:09.530 [localhost-startStop-1] INFO  o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
appsensor-rest-server    | 07:37:09.530 [localhost-startStop-1] INFO  o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'httpPutFormContentFilter' to: [/*]
appsensor-rest-server    | 07:37:09.530 [localhost-startStop-1] INFO  o.s.b.c.e.FilterRegistrationBean - Mapping filter: 'requestContextFilter' to: [/*]
appsensor-rest-server    | Generating response handler
appsensor-rest-server    | 07:37:09.804 [main] WARN  o.o.a.c.s.c.StaxClientConfiguration - Could not load appsensor client configuration file. This error is fine if you are running a server.
appsensor-rest-server    | 07:37:10.105 [main] INFO  o.s.w.s.m.m.a.RequestMappingHandlerAdapter - Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@16441287: startup date [Thu Feb 27 07:37:06 GMT 2020]; root of context hierarchy
appsensor-rest-server    | 07:37:10.200 [main] INFO  o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
appsensor-rest-server    | 07:37:10.201 [main] INFO  o.s.w.s.m.m.a.RequestMappingHandlerMapping - Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
appsensor-rest-server    | 07:37:10.239 [main] INFO  o.s.w.s.h.SimpleUrlHandlerMapping - Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-rest-server    | 07:37:10.239 [main] INFO  o.s.w.s.h.SimpleUrlHandlerMapping - Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-rest-server    | 07:37:10.298 [main] INFO  o.s.w.s.h.SimpleUrlHandlerMapping - Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-rest-server    | 07:37:10.479 [main] INFO  o.s.w.s.s.s.ServerEndpointExporter - Registering @ServerEndpoint class: class org.owasp.appsensor.websocket.WebSocketDashboard
appsensor-rest-server    | 07:37:10.492 [main] INFO  o.s.j.e.a.AnnotationMBeanExporter - Registering beans for JMX exposure on startup
appsensor-rest-server    | 07:37:10.545 [main] INFO  o.a.c.h.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-31085"]
appsensor-rest-server    | 07:37:10.556 [main] INFO  o.a.c.h.Http11NioProtocol - Starting ProtocolHandler ["http-nio-31085"]
appsensor-rest-server    | 07:37:10.565 [main] INFO  o.a.t.u.n.NioSelectorPool - Using a shared selector for servlet write/read
appsensor-rest-server    | 07:37:10.597 [main] INFO  o.s.b.c.e.t.TomcatEmbeddedServletContainer - Tomcat started on port(s): 31085 (http)
appsensor-rest-server    | 07:37:10.605 [main] INFO  o.o.a.AppsensorWsRestServerWithWebsocketBootApplication - Started AppsensorWsRestServerWithWebsocketBootApplication in 4.546 seconds (JVM running for 5.662)

Startup log of the UI:

appsensor-ui             |
appsensor-ui             |   .   ____          _            __ _ _
appsensor-ui             |  /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
appsensor-ui             | ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
appsensor-ui             |  \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
appsensor-ui             |   '  |____| .__|_| |_|_| |_\__, | / / / /
appsensor-ui             |  =========|_|==============|___/=/_/_/_/
appsensor-ui             |  :: Spring Boot ::        (v1.2.6.RELEASE)
appsensor-ui             |
appsensor-ui             | 2020-02-27 07:37:11.554  INFO 1 --- [           main] o.o.appsensor.AppsensorUiApplication     : Starting AppsensorUiApplication v2.3.3 on e248eeeb7351 with PID 1 (/maven/appsensor-ui-2.3.3.jar started by root in /)
appsensor-ui             | 2020-02-27 07:37:11.624  INFO 1 --- [           main] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@3195b7f2: startup date [Thu Feb 27 07:37:11 GMT 2020]; root of context hierarchy
appsensor-ui             | 2020-02-27 07:37:14.226  INFO 1 --- [           main] f.a.AutowiredAnnotationBeanPostProcessor : JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
appsensor-ui             | 2020-02-27 07:37:14.424  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.scheduling.annotation.SchedulingConfiguration' of type [class org.springframework.scheduling.annotation.SchedulingConfiguration$$EnhancerBySpringCGLIB$$b6a33509] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.566  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration' of type [class org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration$$EnhancerBySpringCGLIB$$464db1ee] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.589  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'transactionAttributeSource' of type [class org.springframework.transaction.annotation.AnnotationTransactionAttributeSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.603  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'transactionInterceptor' of type [class org.springframework.transaction.interceptor.TransactionInterceptor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.614  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.transaction.config.internalTransactionAdvisor' of type [class org.springframework.transaction.interceptor.BeanFactoryTransactionAttributeSourceAdvisor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.639  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.cache.annotation.ProxyCachingConfiguration' of type [class org.springframework.cache.annotation.ProxyCachingConfiguration$$EnhancerBySpringCGLIB$$adab7c4c] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.661  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'cacheOperationSource' of type [class org.springframework.cache.annotation.AnnotationCacheOperationSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.680  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'cacheInterceptor' of type [class org.springframework.cache.interceptor.CacheInterceptor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.685  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.cache.config.internalCacheAdvisor' of type [class org.springframework.cache.interceptor.BeanFactoryCacheOperationSourceAdvisor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.733  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration' of type [class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration$$EnhancerBySpringCGLIB$$6f6efae8] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.755  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'objectPostProcessor' of type [class org.springframework.security.config.annotation.configuration.AutowireBeanFactoryObjectPostProcessor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.757  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler@66bd015f' of type [class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.782  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration' of type [class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration$$EnhancerBySpringCGLIB$$224d2f5a] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.813  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'methodSecurityMetadataSource' of type [class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:14.821  INFO 1 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'metaDataSourceAdvisor' of type [class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
appsensor-ui             | 2020-02-27 07:37:15.442  INFO 1 --- [           main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8084 (http)
appsensor-ui             | 2020-02-27 07:37:15.749  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Starting service Tomcat
appsensor-ui             | 2020-02-27 07:37:15.751  INFO 1 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet Engine: Apache Tomcat/8.0.26
appsensor-ui             | 2020-02-27 07:37:15.905  INFO 1 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
appsensor-ui             | 2020-02-27 07:37:15.906  INFO 1 --- [ost-startStop-1] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 4285 ms
appsensor-ui             | 2020-02-27 07:37:18.002  INFO 1 --- [ost-startStop-1] o.f.c.i.dbsupport.DbSupportFactory       : Database: jdbc:mysql://appsensor-db/appsensor (MySQL 5.7)
appsensor-ui             | 2020-02-27 07:37:18.058  INFO 1 --- [ost-startStop-1] o.f.core.internal.command.DbValidate     : Validated 1 migration (execution time 00:00.030s)
appsensor-ui             | 2020-02-27 07:37:18.088  INFO 1 --- [ost-startStop-1] o.f.core.internal.command.DbMigrate      : Current version of schema `appsensor`: 1
appsensor-ui             | 2020-02-27 07:37:18.089  INFO 1 --- [ost-startStop-1] o.f.core.internal.command.DbMigrate      : Schema `appsensor` is up to date. No migration necessary.
appsensor-ui             | 2020-02-27 07:37:18.280  INFO 1 --- [ost-startStop-1] j.LocalContainerEntityManagerFactoryBean : Building JPA container EntityManagerFactory for persistence unit 'default'
appsensor-ui             | 2020-02-27 07:37:18.293  INFO 1 --- [ost-startStop-1] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [
appsensor-ui             |      name: default
appsensor-ui             |      ...]
appsensor-ui             | 2020-02-27 07:37:18.377  INFO 1 --- [ost-startStop-1] org.hibernate.Version                    : HHH000412: Hibernate Core {4.3.11.Final}
appsensor-ui             | 2020-02-27 07:37:18.385  INFO 1 --- [ost-startStop-1] org.hibernate.cfg.Environment            : HHH000206: hibernate.properties not found
appsensor-ui             | 2020-02-27 07:37:18.387  INFO 1 --- [ost-startStop-1] org.hibernate.cfg.Environment            : HHH000021: Bytecode provider name : javassist
appsensor-ui             | 2020-02-27 07:37:18.848  INFO 1 --- [ost-startStop-1] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {4.0.5.Final}
appsensor-ui             | 2020-02-27 07:37:18.947  INFO 1 --- [ost-startStop-1] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: org.hibernate.dialect.MySQLDialect
appsensor-ui             | 2020-02-27 07:37:19.179  INFO 1 --- [ost-startStop-1] o.h.h.i.ast.ASTQueryTranslatorFactory    : HHH000397: Using ASTQueryTranslatorFactory
appsensor-ui             | 2020-02-27 07:37:21.278  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/trace],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.279  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/env/{name:.*}],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EnvironmentMvcEndpoint.value(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:21.279  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/env],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.280  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/health]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.HealthMvcEndpoint.invoke(java.security.Principal)
appsensor-ui             | 2020-02-27 07:37:21.280  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/info],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.280  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/dump],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.280  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/beans],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.281  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/configprops],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.281  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/autoconfig],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.281  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/metrics/{name:.*}],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.MetricsMvcEndpoint.value(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:21.282  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/metrics],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.282  INFO 1 --- [ost-startStop-1] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/mappings],methods=[GET]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
appsensor-ui             | 2020-02-27 07:37:21.451  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/css/**'], []
appsensor-ui             | 2020-02-27 07:37:21.451  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/js/**'], []
appsensor-ui             | 2020-02-27 07:37:21.451  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/images/**'], []
appsensor-ui             | 2020-02-27 07:37:21.451  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/**/favicon.ico'], []
appsensor-ui             | 2020-02-27 07:37:21.451  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/error'], []
appsensor-ui             | 2020-02-27 07:37:21.523  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@29263994, org.springframework.security.web.context.SecurityContextPersistenceFilter@78c50e09, org.springframework.security.web.header.HeaderWriterFilter@782366f1, org.springframework.security.web.csrf.CsrfFilter@4e3a9e58, org.springframework.security.web.authentication.logout.LogoutFilter@65b7c9e2, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1cbaaad0, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@2fdc3586, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@733ca95e, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@6083ea4a, org.springframework.security.web.session.SessionManagementFilter@659078d, org.springframework.security.web.access.ExceptionTranslationFilter@3f1587c4, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@4d73f2b5]
appsensor-ui             | 2020-02-27 07:37:21.531  INFO 1 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/health'], Ant [pattern='/health/**'], Ant [pattern='/health.*'], Ant [pattern='/info'], Ant [pattern='/info/**'], Ant [pattern='/info.*'], Ant [pattern='/trace'], Ant [pattern='/trace/**'], Ant [pattern='/trace.*'], Ant [pattern='/env'], Ant [pattern='/env/**'], Ant [pattern='/env.*'], Ant [pattern='/dump'], Ant [pattern='/dump/**'], Ant [pattern='/dump.*'], Ant [pattern='/beans'], Ant [pattern='/beans/**'], Ant [pattern='/beans.*'], Ant [pattern='/configprops'], Ant [pattern='/configprops/**'], Ant [pattern='/configprops.*'], Ant [pattern='/autoconfig'], Ant [pattern='/autoconfig/**'], Ant [pattern='/autoconfig.*'], Ant [pattern='/metrics'], Ant [pattern='/metrics/**'], Ant [pattern='/metrics.*'], Ant [pattern='/mappings'], Ant [pattern='/mappings/**'], Ant [pattern='/mappings.*']]], [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@46d009f3, org.springframework.security.web.context.SecurityContextPersistenceFilter@490aca92, org.springframework.security.web.header.HeaderWriterFilter@57da4942, org.springframework.security.web.authentication.logout.LogoutFilter@2160c33, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@5f5766a5, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@71e0f13e, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@74753619, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@281d3e26, org.springframework.security.web.session.SessionManagementFilter@3e590985, org.springframework.security.web.access.ExceptionTranslationFilter@149598fd, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@72038413]
appsensor-ui             | 2020-02-27 07:37:21.683  INFO 1 --- [ost-startStop-1] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService  'metricsExecutor'
appsensor-ui             | 2020-02-27 07:37:21.905  INFO 1 --- [ost-startStop-1] o.s.b.c.e.ServletRegistrationBean        : Mapping servlet: 'dispatcherServlet' to [/]
appsensor-ui             | 2020-02-27 07:37:21.911  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'metricFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.912  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'characterEncodingFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.912  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.912  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'webRequestLoggingFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.912  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'associatedApplicationsFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.913  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'springSecurityFilterChain' to: [/*]
appsensor-ui             | 2020-02-27 07:37:21.913  INFO 1 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean  : Mapping filter: 'applicationContextIdFilter' to: [/*]
appsensor-ui             | 2020-02-27 07:37:22.479  INFO 1 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService  'clientInboundChannelExecutor'
appsensor-ui             | 2020-02-27 07:37:22.483  INFO 1 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService  'clientOutboundChannelExecutor'
appsensor-ui             | 2020-02-27 07:37:24.457  INFO 1 --- [           main] o.o.a.u.w.WebSocketReportingEngineFacade : Connected ... 0
appsensor-ui             | 2020-02-27 07:37:24.459  INFO 1 --- [           main] o.o.a.u.w.WebSocketReportingEngineFacade : Connected to websocket host [%s]
appsensor-rest-server    | Opened connection with client: 0
appsensor-ui             | 2020-02-27 07:37:24.569  INFO 1 --- [           main] o.s.s.c.ThreadPoolTaskScheduler          : Initializing ExecutorService  'messageBrokerSockJsTaskScheduler'
appsensor-ui             | 2020-02-27 07:37:24.648  INFO 1 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/appsensor-websocket/**] onto handler of type [class org.springframework.web.socket.sockjs.support.SockJsHttpRequestHandler]
appsensor-ui             | 2020-02-27 07:37:24.696  INFO 1 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService  'brokerChannelExecutor'
appsensor-ui             | 2020-02-27 07:37:25.098  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@3195b7f2: startup date [Thu Feb 27 07:37:11 GMT 2020]; root of context hierarchy
appsensor-ui             | 2020-02-27 07:37:25.179  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/configuration/server-config-base64],methods=[GET]}" onto public org.owasp.appsensor.core.KeyValuePair org.owasp.appsensor.ui.controller.ConfigurationController.getBase64EncodedServerConfiguration()
appsensor-ui             | 2020-02-27 07:37:25.180  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/configuration/server-config],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ConfigurationController.getServerConfiguration()
appsensor-ui             | 2020-02-27 07:37:25.181  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/dashboard/by-time-frame],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.ui.controller.DashboardController$TimeFrameItem> org.owasp.appsensor.ui.controller.DashboardController.byTimeFrame()
appsensor-ui             | 2020-02-27 07:37:25.181  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/dashboard/by-category],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.ui.controller.DashboardController$CategoryItem> org.owasp.appsensor.ui.controller.DashboardController.byCategory(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.182  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/events/grouped],methods=[GET]}" onto public org.owasp.appsensor.ui.controller.DashboardController$ViewObject org.owasp.appsensor.ui.controller.DashboardController.groupedEvents(java.lang.String,int)
appsensor-ui             | 2020-02-27 07:37:25.182  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/responses/active],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Response> org.owasp.appsensor.ui.controller.DashboardController.activeResponses(java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.183  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/dashboard/all],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Object> org.owasp.appsensor.ui.controller.DashboardController.allContent(java.lang.String,int,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.184  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/grouped],methods=[GET]}" onto public org.owasp.appsensor.ui.controller.DetectionPointController$ViewObject org.owasp.appsensor.ui.controller.DetectionPointController.groupedDetectionPoints(java.lang.String,java.lang.String,int)
appsensor-ui             | 2020-02-27 07:37:25.184  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/top-users],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Long> org.owasp.appsensor.ui.controller.DetectionPointController.topUsers(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.185  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/top],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Long> org.owasp.appsensor.ui.controller.DetectionPointController.topDetectionPoints(java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.186  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/latest-events],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Event> org.owasp.appsensor.ui.controller.DetectionPointController.recentEvents(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.186  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/by-time-frame],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.ui.controller.DetectionPointController$TimeFrameItem> org.owasp.appsensor.ui.controller.DetectionPointController.byTimeFrame(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.186  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/configuration],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.DetectionPointController.configuration(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.187  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/all],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Object> org.owasp.appsensor.ui.controller.DetectionPointController.allContent(java.lang.String,java.lang.String,java.lang.Long,int)
appsensor-ui             | 2020-02-27 07:37:25.187  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/latest-attacks],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Attack> org.owasp.appsensor.ui.controller.DetectionPointController.recentAttacks(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.187  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/detection-points/{label}/by-client-application],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.DetectionPointController.byClientApplication(java.lang.String,java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.188  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ErrorExceptionController.error()
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/events],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Event> org.owasp.appsensor.ui.controller.SearchController.findEvents(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/attacks],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Attack> org.owasp.appsensor.ui.controller.SearchController.findAttacks(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/responses],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Response> org.owasp.appsensor.ui.controller.SearchController.findResponses(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/events/count],methods=[GET]}" onto public int org.owasp.appsensor.ui.controller.SearchController.countEvents(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/attacks/count],methods=[GET]}" onto public int org.owasp.appsensor.ui.controller.SearchController.countAttacks(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.189  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/responses/count],methods=[GET]}" onto public int org.owasp.appsensor.ui.controller.SearchController.countResponses(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.190  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/trends/by-time-frame],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.ui.controller.TrendsDashboardController$TrendItem> org.owasp.appsensor.ui.controller.TrendsDashboardController.countEvents()
appsensor-ui             | 2020-02-27 07:37:25.190  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/top],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Long> org.owasp.appsensor.ui.controller.UserController.topUsers(java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.191  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/latest-events],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Event> org.owasp.appsensor.ui.controller.UserController.recentEvents(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.191  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/grouped],methods=[GET]}" onto public org.owasp.appsensor.ui.controller.UserController$ViewObject org.owasp.appsensor.ui.controller.UserController.groupedUsers(java.lang.String,java.lang.String,int)
appsensor-ui             | 2020-02-27 07:37:25.191  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/latest-responses],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Response> org.owasp.appsensor.ui.controller.UserController.recentResponses(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.191  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/by-time-frame],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.ui.controller.UserController$TimeFrameItem> org.owasp.appsensor.ui.controller.UserController.byTimeFrame(java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.191  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/active-responses],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Response> org.owasp.appsensor.ui.controller.UserController.activeResponses(java.lang.String,java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.192  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/all],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.Object> org.owasp.appsensor.ui.controller.UserController.allContent(java.lang.String,java.lang.String,java.lang.Long,int)
appsensor-ui             | 2020-02-27 07:37:25.192  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/latest-attacks],methods=[GET]}" onto public java.util.Collection<org.owasp.appsensor.core.Attack> org.owasp.appsensor.ui.controller.UserController.recentAttacks(java.lang.String,java.lang.String,java.lang.Long)
appsensor-ui             | 2020-02-27 07:37:25.192  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/api/users/{username}/by-client-application],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.UserController.byClientApplication(java.lang.String,java.lang.String)
appsensor-ui             | 2020-02-27 07:37:25.193  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/trends-dashboard],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.trendsDashboard()
appsensor-ui             | 2020-02-27 07:37:25.193  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.login(java.util.Map<java.lang.String, java.lang.Object>,javax.servlet.http.HttpServletRequest)
appsensor-ui             | 2020-02-27 07:37:25.193  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/ping],methods=[GET]}" onto public boolean org.owasp.appsensor.ui.controller.ViewsController.keepalive()
appsensor-ui             | 2020-02-27 07:37:25.194  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/configuration],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.configuration()
appsensor-ui             | 2020-02-27 07:37:25.194  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/users/{username}],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.user(java.lang.String,java.util.Map<java.lang.String, java.lang.Object>)
appsensor-ui             | 2020-02-27 07:37:25.194  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/geo-map],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.geoMap()
appsensor-ui             | 2020-02-27 07:37:25.194  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.dashboard()
appsensor-ui             | 2020-02-27 07:37:25.195  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/about],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.about()
appsensor-ui             | 2020-02-27 07:37:25.195  INFO 1 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/detection-points/{label}],methods=[GET]}" onto public java.lang.String org.owasp.appsensor.ui.controller.ViewsController.detectionPoint(java.lang.String,java.util.Map<java.lang.String, java.lang.Object>)
appsensor-ui             | 2020-02-27 07:37:25.261  INFO 1 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-ui             | 2020-02-27 07:37:25.261  INFO 1 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-ui             | 2020-02-27 07:37:25.288  INFO 1 --- [           main] .m.m.a.ExceptionHandlerExceptionResolver : Detected @ExceptionHandler methods in globalControllerExceptionHandler
appsensor-ui             | 2020-02-27 07:37:25.330  INFO 1 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
appsensor-ui             | 2020-02-27 07:37:25.919  INFO 1 --- [           main] o.s.j.e.a.AnnotationMBeanExporter        : Registering beans for JMX exposure on startup
appsensor-ui             | 2020-02-27 07:37:25.932  INFO 1 --- [           main] o.s.c.support.DefaultLifecycleProcessor  : Starting beans in phase 0
appsensor-ui             | 2020-02-27 07:37:26.013  INFO 1 --- [           main] o.s.c.support.DefaultLifecycleProcessor  : Starting beans in phase 2147483647
appsensor-ui             | 2020-02-27 07:37:26.014  INFO 1 --- [           main] o.s.m.s.b.SimpleBrokerMessageHandler     : Starting...
appsensor-ui             | 2020-02-27 07:37:26.014  INFO 1 --- [           main] o.s.m.s.b.SimpleBrokerMessageHandler     : BrokerAvailabilityEvent[available=true, SimpleBroker[DefaultSubscriptionRegistry[cache[0 destination(s)], registry[0 sessions]]]]
appsensor-ui             | 2020-02-27 07:37:26.015  INFO 1 --- [           main] o.s.m.s.b.SimpleBrokerMessageHandler     : Started.
appsensor-ui             | 2020-02-27 07:37:26.091  INFO 1 --- [           main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8084 (http)
appsensor-ui             | 2020-02-27 07:37:26.093  INFO 1 --- [           main] o.o.appsensor.AppsensorUiApplication     : Started AppsensorUiApplication in 14.866 seconds (JVM running for 15.602)
appsensor-ui             | 2020-02-27 07:38:24.683  INFO 1 --- [eBrokerSockJS-1] o.s.w.s.c.WebSocketMessageBrokerStats    : WebSocketSession[0 current WS(0)-HttpStream(0)-HttpPoll(0), 0 total, 0 closed abnormally (0 connect failure, 0 send limit, 0 transport error)], stompSubProtocol[processed CONNECT(0)-CONNECTED(0)-DISCONNECT(0)], stompBrokerRelay[null], inboundChannel[pool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0], outboundChannelpool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0], sockJsScheduler[pool size = 4, active threads = 1, queued tasks = 1, completed tasks = 12]

Now adding an event (access a secured ressource without JWT header)from the way shown above:

Server:

appsensor-rest-server    | 07:39:58.703 [http-nio-31085-exec-2] WARN  o.o.a.s.m.InMemoryEventStore - Security event AE1 triggered by user: Unknown
appsensor-rest-server    | 07:39:58.838 [http-nio-31085-exec-2] INFO  o.o.a.a.ReferenceEventAnalysisEngine - Violation Observed for user <Unknown> - storing attack
appsensor-rest-server    | 07:39:58.839 [http-nio-31085-exec-2] WARN  o.o.a.s.m.InMemoryAttackStore - Security attack AE1 triggered by user: Unknown
appsensor-rest-server    | 07:39:58.840 [http-nio-31085-exec-2] INFO  o.o.a.a.ReferenceAttackAnalysisEngine - Response set for user <Unknown> - storing response action disableUser
appsensor-rest-server    | 07:39:58.840 [http-nio-31085-exec-2] WARN  o.o.a.s.m.InMemoryResponseStore - Security response disableUser triggered for user: Unknown
appsensor-rest-server    | 07:39:58.840 [http-nio-31085-exec-2] INFO  o.o.a.a.ReferenceResponseAnalysisEngine - NO-OP Response for user <Unknown> - should be executing response action disableUser
appsensor-rest-server    | 07:39:58.840 [http-nio-31085-exec-2] INFO  o.o.a.r.SimpleLoggingReportingEngine - Reporter observed response for user [Unknown]
appsensor-rest-server    | 07:39:58.840 [http-nio-31085-exec-2] INFO  o.o.a.i.c.s.CefSyslogEmitter - Security response disableUser created for user: Unknown
appsensor-rest-server    | Opened connection with client: 1
appsensor-rest-server    | 07:39:58.902 [http-nio-31085-exec-2] INFO  o.o.a.r.WebSocketReportingEngine - Connected ... 2
appsensor-rest-server    | started and connected
appsensor-rest-server    | 07:39:58.947 [http-nio-31085-exec-2] INFO  o.o.a.r.WebSocketReportingEngine - Reporter observed response for user [Unknown]
appsensor-rest-server    | 07:39:58.947 [http-nio-31085-exec-2] INFO  o.o.a.r.SimpleLoggingReportingEngine - Reporter observed attack by user [Unknown]
appsensor-rest-server    | New message from Client 1: {"dataType":"response","dataValue":{"user":{"username":"Unknown","ipAddress":{"address":"10.17.2.113","geoLocation":{"latitude":0.0,"longitude":0.0}}},"timestamp":"2020-02-27T07:39:58.154Z","action":"disableUser","detectionSystem":{"detectionSystemId":"clientapp","ipAddress":{"address":"10.10.10.5","geoLocation":{"latitude":52.629678,"longitude":-7.873585}}},"metadata":[],"active":false}}
appsensor-rest-server    | 07:39:58.948 [http-nio-31085-exec-2] INFO  o.o.a.i.c.s.CefSyslogEmitter - Security attack AE1 triggered by user: Unknown
appsensor-rest-server    | 07:39:58.999 [http-nio-31085-exec-2] INFO  o.o.a.r.WebSocketReportingEngine - Reporter observed attack by user [Unknown]
appsensor-rest-server    | 07:39:59.000 [http-nio-31085-exec-2] INFO  o.o.a.r.SimpleLoggingReportingEngine - Reporter observed event by user [Unknown]
appsensor-rest-server    | 07:39:59.000 [http-nio-31085-exec-2] INFO  o.o.a.i.c.s.CefSyslogEmitter - Security event AE1 triggered by user: Unknown
appsensor-rest-server    | New message from Client 1: {"dataType":"attack","dataValue":{"user":{"username":"Unknown","ipAddress":{"address":"10.17.2.113","geoLocation":{"latitude":0.0,"longitude":0.0}}},"detectionPoint":{"category":"Authentication","label":"AE1","threshold":{"count":1,"interval":{"duration":50,"unit":"seconds"}},"responses":[{"action":"disableUser","metadata":[],"active":false}]},"timestamp":"2020-02-27T07:39:58.154Z","detectionSystem":{"detectionSystemId":"clientapp","ipAddress":{"address":"10.10.10.5","geoLocation":{"latitude":52.629678,"longitude":-7.873585}}},"metadata":[]}}
appsensor-rest-server    | 07:39:59.018 [http-nio-31085-exec-2] INFO  o.o.a.r.WebSocketReportingEngine - Reporter observed event by user [Unknown]
appsensor-rest-server    | New message from Client 1: {"dataType":"event","dataValue":{"user":{"username":"Unknown","ipAddress":{"address":"10.17.2.113","geoLocation":{"latitude":0.0,"longitude":0.0}}},"detectionPoint":{"category":"Authentication","label":"AE1","responses":[]},"timestamp":"2020-02-27T07:39:58.154Z","detectionSystem":{"detectionSystemId":"clientapp","ipAddress":{"address":"10.10.10.5","geoLocation":{"latitude":52.629678,"longitude":-7.873585}}},"metadata":[{"key":"Endpoint","value":"http://localhost:30081/api/v1/risks/ce6b7e0f-7f88-4b26-b8a1-3060eff1351c"},{"key":"Vector","value":"Vollst▒ndige Authentifikation wird ben▒tigt um auf diese Resource zuzugreifen"}]}}

Now I call the UI:

appsensor-ui             | 2020-02-27 07:40:57.255  INFO 1 --- [nio-8084-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring FrameworkServlet 'dispatcherServlet'
appsensor-ui             | 2020-02-27 07:40:57.255  INFO 1 --- [nio-8084-exec-1] o.s.web.servlet.DispatcherServlet        : FrameworkServlet 'dispatcherServlet': initialization started
appsensor-ui             | 2020-02-27 07:40:57.289  INFO 1 --- [nio-8084-exec-1] o.s.web.servlet.DispatcherServlet        : FrameworkServlet 'dispatcherServlet': initialization completed in 34 ms
appsensor-ui             | 2020-02-27 07:40:57.333  INFO 1 --- [nio-8084-exec-2] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Thu Feb 27 07:40:57 GMT 2020, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
appsensor-ui             | 2020-02-27 07:40:57.333  INFO 1 --- [nio-8084-exec-1] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Thu Feb 27 07:40:57 GMT 2020, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
appsensor-ui             | 2020-02-27 07:41:13.598  INFO 1 --- [nio-8084-exec-7] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Thu Feb 27 07:41:13 GMT 2020, principal=analyst, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 172.18.0.1; SessionId: CB5AB6C67D882ED2F9155D73A1E76D24}]
appsensor-ui             | 2020-02-27 07:41:13.599  INFO 1 --- [nio-8084-exec-7] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Thu Feb 27 07:41:13 GMT 2020, principal=analyst, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 172.18.0.1; SessionId: CB5AB6C67D882ED2F9155D73A1E76D24}]
appsensor-ui             | 2020-02-27 07:41:13.601  INFO 1 --- [nio-8084-exec-7] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Thu Feb 27 07:41:13 GMT 2020, principal=analyst, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 172.18.0.1; SessionId: CB5AB6C67D882ED2F9155D73A1E76D24}]
appsensor-ui             | 2020-02-27 07:41:13.879  INFO 1 --- [nio-8084-exec-7] ApplicationsAuthenticationSuccessHandler : Successful authentication for user: User [username=analyst, userAuthorities=[], groups=[Group [id=1, name=ANALYST, authorities=[Authority [id=4, name=VIEW_DATA], Authority [id=2, name=VIEW_CONFIGURATION]]]], clientApplications=[clientapp, myclientapp, myclientgeoapp1, myclientgeoapp2, myclientgeoapp3]]
appsensor-ui             | 2020-02-27 07:41:15.187  INFO 1 --- [nio-8084-exec-8] o.o.a.ui.rest.RestReportingEngineFacade  : Making REST call to "http://appsensor-rest-server:31085/api/v1.0/reports/responses?earliest=2020-02-27T07:41:15%2B01:00" with header name: "X-Appsensor-Client-Application-Name" and value: "clientapp"
appsensor-ui             | 2020-02-27 07:41:15.503  INFO 1 --- [nio-8084-exec-8] o.o.a.ui.rest.RestReportingEngineFacade  : REST call success to "http://appsensor-rest-server:31085/api/v1.0/reports/responses?earliest=2020-02-27T07:41:15%2B01:00" with header name: "X-Appsensor-Client-Application-Name" and value: "clientapp"
appsensor-ui             | 2020-02-27 07:41:15.584  INFO 1 --- [nio-8084-exec-8] o.o.a.ui.rest.RestReportingEngineFacade  : Making REST call to http://appsensor-rest-server:31085 ... with path of /api/v1.0/reports/events
appsensor-ui             | 2020-02-27 07:41:15.609  INFO 1 --- [nio-8084-exec-8] o.o.a.ui.rest.RestReportingEngineFacade  : Making REST call to http://appsensor-rest-server:31085 ... with path of /api/v1.0/reports/attacks
appsensor-ui             | 2020-02-27 07:41:15.649 ERROR 1 --- [nio-8084-exec-8] o.o.a.u.h.AssociatedApplicationsFilter   : Error setting associated applications.
appsensor-ui             |
appsensor-ui             | org.springframework.web.util.NestedServletException: Request processing failed; nested exception is javax.ws.rs.ProcessingException: Error reading entity from input stream.
appsensor-ui             |      at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:979)
appsensor-ui             |      at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)
appsensor-ui             |      at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
appsensor-ui             |      at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)
appsensor-ui             |      at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration$ApplicationContextHeaderFilter.doFilterInternal(EndpointWebMvcAutoConfiguration.java:295)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
appsensor-ui             |      at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
appsensor-ui             |      at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:85)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
appsensor-ui             |      at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.owasp.appsensor.ui.handler.AssociatedApplicationsFilter.doFilter(AssociatedApplicationsFilter.java:31)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:102)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:69)
appsensor-ui             |      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
appsensor-ui             |      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
appsensor-ui             |      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
appsensor-ui             |      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
appsensor-ui             |      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
appsensor-ui             |      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
appsensor-ui             |      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
appsensor-ui             |      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
appsensor-ui             |      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
appsensor-ui             |      at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
appsensor-ui             |      at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
appsensor-ui             |      at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
appsensor-ui             |      at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
appsensor-ui             |      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
appsensor-ui             |      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
appsensor-ui             |      at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
appsensor-ui             |      at java.lang.Thread.run(Thread.java:748)
appsensor-ui             | Caused by: javax.ws.rs.ProcessingException: Error reading entity from input stream.
appsensor-ui             |      at org.glassfish.jersey.message.internal.InboundMessageContext.readEntity(InboundMessageContext.java:866)
appsensor-ui             |      at org.glassfish.jersey.message.internal.InboundMessageContext.readEntity(InboundMessageContext.java:810)
appsensor-ui             |      at org.glassfish.jersey.client.ClientResponse.readEntity(ClientResponse.java:368)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation.translate(JerseyInvocation.java:846)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation.access$600(JerseyInvocation.java:91)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation$3.call(JerseyInvocation.java:705)
appsensor-ui             |      at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
appsensor-ui             |      at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
appsensor-ui             |      at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
appsensor-ui             |      at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:424)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:701)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:417)
appsensor-ui             |      at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:313)
appsensor-ui             |      at org.owasp.appsensor.ui.rest.RestReportingEngineFacade.findAttacks(RestReportingEngineFacade.java:93)
appsensor-ui             |      at org.owasp.appsensor.ui.rest.RestReportingEngineFacade$$FastClassBySpringCGLIB$$5b83c141.invoke(<generated>)
appsensor-ui             |      at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
appsensor-ui             |      at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:717)
appsensor-ui             |      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
appsensor-ui             |      at org.springframework.cache.interceptor.CacheInterceptor$1.invoke(CacheInterceptor.java:52)
appsensor-ui             |      at org.springframework.cache.interceptor.CacheAspectSupport.invokeOperation(CacheAspectSupport.java:317)
appsensor-ui             |      at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:350)
appsensor-ui             |      at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:299)
appsensor-ui             |      at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:61)
appsensor-ui             |      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
appsensor-ui             |      at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:653)
appsensor-ui             |      at org.owasp.appsensor.ui.rest.RestReportingEngineFacade$$EnhancerBySpringCGLIB$$2a8ced78.findAttacks(<generated>)
appsensor-ui             |      at org.owasp.appsensor.ui.controller.DashboardController.byCategory(DashboardController.java:124)
appsensor-ui             |      at org.owasp.appsensor.ui.controller.DashboardController.allContent(DashboardController.java:56)
appsensor-ui             |      at org.owasp.appsensor.ui.controller.DashboardController$$FastClassBySpringCGLIB$$41fbf83.invoke(<generated>)
appsensor-ui             |      at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
appsensor-ui             |      at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:717)
appsensor-ui             |      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
appsensor-ui             |      at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64)
appsensor-ui             |      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
appsensor-ui             |      at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:653)
appsensor-ui             |      at org.owasp.appsensor.ui.controller.DashboardController$$EnhancerBySpringCGLIB$$648a8629.allContent(<generated>)
appsensor-ui             |      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
appsensor-ui             |      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
appsensor-ui             |      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
appsensor-ui             |      at java.lang.reflect.Method.invoke(Method.java:498)
appsensor-ui             |      at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
appsensor-ui             |      at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
appsensor-ui             |      at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
appsensor-ui             |      at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:776)
appsensor-ui             |      at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705)
appsensor-ui             |      at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
appsensor-ui             |      at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
appsensor-ui             |      at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
appsensor-ui             |      at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)
appsensor-ui             |      ... 80 common frames omitted
appsensor-ui             | Caused by: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "name" (class org.owasp.appsensor.core.Attack), not marked as ignorable (8 known properties: "detectionSystem", "timestamp", "id", "detectionPoint", "user", "rule", "resource", "metadata"])
appsensor-ui             |  at [Source: org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$UnCloseableInputStream@5c41b56; line: 1, column: 512] (through reference chain: java.util.ArrayList[0]->org.owasp.appsensor.core.Attack["name"])
appsensor-ui             |      at com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException.from(UnrecognizedPropertyException.java:51)
appsensor-ui             |      at com.fasterxml.jackson.databind.DeserializationContext.reportUnknownProperty(DeserializationContext.java:744)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.std.StdDeserializer.handleUnknownProperty(StdDeserializer.java:915)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.handleUnknownProperty(BeanDeserializerBase.java:1306)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.handleUnknownVanilla(BeanDeserializerBase.java:1284)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:243)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:118)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:232)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:206)
appsensor-ui             |      at com.fasterxml.jackson.databind.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:25)
appsensor-ui             |      at com.fasterxml.jackson.databind.ObjectReader._bind(ObjectReader.java:1232)
appsensor-ui             |      at com.fasterxml.jackson.databind.ObjectReader.readValue(ObjectReader.java:676)
appsensor-ui             |      at com.fasterxml.jackson.jaxrs.base.ProviderBase.readFrom(ProviderBase.java:777)
appsensor-ui             |      at org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$TerminalReaderInterceptor.invokeReadFrom(ReaderInterceptorExecutor.java:264)
appsensor-ui             |      at org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$TerminalReaderInterceptor.aroundReadFrom(ReaderInterceptorExecutor.java:234)
appsensor-ui             |      at org.glassfish.jersey.message.internal.ReaderInterceptorExecutor.proceed(ReaderInterceptorExecutor.java:154)
appsensor-ui             |      at org.glassfish.jersey.message.internal.MessageBodyFactory.readFrom(MessageBodyFactory.java:1124)
appsensor-ui             |      at org.glassfish.jersey.message.internal.InboundMessageContext.readEntity(InboundMessageContext.java:851)
appsensor-ui             |      ... 128 common frames omitted
appsensor-ui             |

That are the logs.

Additionally, my app-sensor-server-config. For demo purposes, all thresholds are set to 1:

<?xml version="1.0" encoding="UTF-8"?>
<appsensor-server-config xmlns="https://www.owasp.org/index.php/OWASP_AppSensor_Project/xsd/appsensor_server_config_2.0.xsd">
	
	<client-application-identification-header-name>X-Appsensor-Client-Application-Name</client-application-identification-header-name>
	
	<geolocation enabled="true" databasePath="src/main/resources/GeoLite2-City.mmdb" />
	
	<client-applications>
		<client-application>
			<name>clientapp</name>
			<roles>
				<role>ADD_EVENT</role>
				<role>ADD_ATTACK</role>
				<role>GET_RESPONSES</role>
				<role>EXECUTE_REPORT</role>	
			</roles>
			<ip-address latitude="52.629678" longitude="-7.873585">10.10.10.5</ip-address>
		</client-application>
	</client-applications>

	<detection-points>
		<detection-point>
			<category>Input Validation</category>
			<id>IE1</id>
			<threshold>
				<count>1</count>
				<interval unit="minutes">1</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
		<detection-point>
			<category>Input Validation</category>
			<id>IE2</id>
			<threshold>
				<count>1</count>
				<interval unit="seconds">30</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
		<detection-point>
			<category>Request</category>
			<id>RE3</id>
			<threshold>
				<count>1</count>
				<interval unit="seconds">40</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
		<detection-point>
			<category>Authentication</category>
			<id>AE1</id>
			<threshold>
				<count>1</count>
				<interval unit="seconds">50</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
			<detection-point>
			<category>Authentication</category>
			<id>AE2</id>
			<threshold>
				<count>1</count>
				<interval unit="seconds">50</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
		<detection-point>
			<category>Access Control</category>
			<id>ACE1</id>
			<threshold>
				<count>2</count>
				<interval unit="seconds">50</interval>
			</threshold>
			<responses>
				<response>
					<action>disableUser</action>
				</response>
			</responses>
		</detection-point>
	</detection-points>

</appsensor-server-config>

from appsensor.

Error: Exception in UI when attacks should be displayed/are created about appsensor HOT 3 OPEN

Comments (3)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs