org.mule.api.security.UnauthorisedException

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • Currently today you can setup basic authentication for http. When the user makes the first request not using authentication an exception is put into the logs which when used in ION really clutters up the log viewer. The exception looks like the following: WARN 2011-06-08 16:01:07,283 [[testcaseproject-1.0-SNAPSHOT].connector.http.mule.default.receiver.3] org.mule.processor.SecurityFilterMessageProcessor: Outbound Request was made but was not authenticated: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8686/admin. Message payload is of type: String org.mule.api.security.UnauthorisedException: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8686/admin. Message payload is of type: String at org.mule.transport.http.filters.HttpBasicAuthenticationFilter.authenticateInbound(HttpBasicAuthenticationFilter.java:160) at org.mule.security.AbstractAuthenticationFilter.authenticate(AbstractAuthenticationFilter.java:70) at org.mule.security.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:60) at org.mule.security.AbstractEndpointSecurityFilter.doFilter(AbstractEndpointSecurityFilter.java:53) at org.mule.processor.SecurityFilterMessageProcessor.process(SecurityFilterMessageProcessor.java:59) at org.mule.processor.ExceptionHandlingMessageProcessor.process(ExceptionHandlingMessageProcessor.java:25) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:185) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:158) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:145) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.doRequest(HttpMessageReceiver.java:247) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.processRequest(HttpMessageReceiver.java:206) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:164) at org.mule.work.WorkerContext.run(WorkerContext.java:309) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528) at java.lang.Thread.run(Thread.java:680) In this case an exception should not be shown because the user tried to request the data with out providing any auth information and thus should have responded that it needed to send authentication. So in this case this should not be logged, instead perhaps a one line INFO request can be used instead.
    via by Roko Kruze,
  • Currently today you can setup basic authentication for http. When the user makes the first request not using authentication an exception is put into the logs which when used in ION really clutters up the log viewer. The exception looks like the following: WARN 2011-06-08 16:01:07,283 [[testcaseproject-1.0-SNAPSHOT].connector.http.mule.default.receiver.3] org.mule.processor.SecurityFilterMessageProcessor: Outbound Request was made but was not authenticated: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8686/admin. Message payload is of type: String org.mule.api.security.UnauthorisedException: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8686/admin. Message payload is of type: String at org.mule.transport.http.filters.HttpBasicAuthenticationFilter.authenticateInbound(HttpBasicAuthenticationFilter.java:160) at org.mule.security.AbstractAuthenticationFilter.authenticate(AbstractAuthenticationFilter.java:70) at org.mule.security.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:60) at org.mule.security.AbstractEndpointSecurityFilter.doFilter(AbstractEndpointSecurityFilter.java:53) at org.mule.processor.SecurityFilterMessageProcessor.process(SecurityFilterMessageProcessor.java:59) at org.mule.processor.ExceptionHandlingMessageProcessor.process(ExceptionHandlingMessageProcessor.java:25) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:185) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:158) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:145) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.doRequest(HttpMessageReceiver.java:247) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.processRequest(HttpMessageReceiver.java:206) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:164) at org.mule.work.WorkerContext.run(WorkerContext.java:309) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528) at java.lang.Thread.run(Thread.java:680) In this case an exception should not be shown because the user tried to request the data with out providing any auth information and thus should have responded that it needed to send authentication. So in this case this should not be logged, instead perhaps a one line INFO request can be used instead.
    via by Roko Kruze,
  • Mule User mailing list
    via by Unknown author,
  • http-security-filter doesn't work - MuleSoft
    via by Unknown author,
  • [mule-user] http-security-filter doesn't work
    via by Gabor Nagy,
    • org.mule.api.security.UnauthorisedException: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8686/admin. Message payload is of type: String at org.mule.transport.http.filters.HttpBasicAuthenticationFilter.authenticateInbound(HttpBasicAuthenticationFilter.java:160) at org.mule.security.AbstractAuthenticationFilter.authenticate(AbstractAuthenticationFilter.java:70) at org.mule.security.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:60) at org.mule.security.AbstractEndpointSecurityFilter.doFilter(AbstractEndpointSecurityFilter.java:53) at org.mule.processor.SecurityFilterMessageProcessor.process(SecurityFilterMessageProcessor.java:59) at org.mule.processor.ExceptionHandlingMessageProcessor.process(ExceptionHandlingMessageProcessor.java:25) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:185) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:158) at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:145) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.doRequest(HttpMessageReceiver.java:247) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.processRequest(HttpMessageReceiver.java:206) at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:164) at org.mule.work.WorkerContext.run(WorkerContext.java:309) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987) at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528) at java.lang.Thread.run(Thread.java:680)

    Users with the same issue

    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,
    Unknown visitor1 times, last one,