Skip to content

Security configurations causing StackOverflowError #19438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
arahlf opened this issue Dec 23, 2019 · 1 comment
Closed

Security configurations causing StackOverflowError #19438

arahlf opened this issue Dec 23, 2019 · 1 comment
Labels
for: external-project For an external project and not something we can fix

Comments

@arahlf
Copy link

arahlf commented Dec 23, 2019

Using Spring Boot to configure a server application with a PreAuthenticatedAuthenticationProvider, but when running it I end up with a StackOverflowError. An example project that reproduces the issue (run the tests) is here: https://github.com/arahlf/StackOverflowErrorExample

The end of the stack trace looks like:

java.lang.StackOverflowError: null
	at java.lang.Exception.<init>(Exception.java:102) ~[na:1.8.0_172]
	at java.lang.ReflectiveOperationException.<init>(ReflectiveOperationException.java:89) ~[na:1.8.0_172]
	at java.lang.reflect.InvocationTargetException.<init>(InvocationTargetException.java:72) ~[na:1.8.0_172]
	at sun.reflect.GeneratedMethodAccessor27.invoke(Unknown Source) ~[na:na]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_172]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_172]
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) ~[spring-aop-5.2.2.RELEASE.jar:5.2.2.RELEASE]
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:205) ~[spring-aop-5.2.2.RELEASE.jar:5.2.2.RELEASE]
	at com.sun.proxy.$Proxy79.authenticate(Unknown Source) ~[na:na]
	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:195) ~[spring-security-core-5.2.1.RELEASE.jar:5.2.1.RELEASE]
	at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$AuthenticationManagerDelegator.authenticate(WebSecurityConfigurerAdapter.java:501) ~[spring-security-config-5.2.1.RELEASE.jar:5.2.1.RELEASE]
	at sun.reflect.GeneratedMethodAccessor27.invoke(Unknown Source) ~[na:na]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_172]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_172]
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) ~[spring-aop-5.2.2.RELEASE.jar:5.2.2.RELEASE]
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:205) ~[spring-aop-5.2.2.RELEASE.jar:5.2.2.RELEASE]
	at com.sun.proxy.$Proxy79.authenticate(Unknown Source) ~[na:na]
	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:195) ~[spring-security-core-5.2.1.RELEASE.jar:5.2.1.RELEASE]

Any ideas? Did I just configure something incorrectly?

Thanks
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 23, 2019
@snicoll
Copy link
Member

snicoll commented Dec 23, 2019
edited
Loading

@arahlf thanks for the sample. I don't see anything obvious that indicates Spring Boot would be responsible for the cycle here. I had a look to the sample and suspected the AuthenticationManager field injection in the web config to be the culprit but it wasn't. I am afraid I can't move this issue to the Spring Security project. Can you please create it there and add a reference to this issue so that we can follow what is going on?

If it turns out there is an issue in Spring Boot, we can reopen this one.

@snicoll snicoll closed this as completed Dec 23, 2019
@snicoll snicoll added for: external-project For an external project and not something we can fix and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 23, 2019
@arahlf arahlf mentioned this issue Dec 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
for: external-project For an external project and not something we can fix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@snicoll @arahlf @spring-projects-issues