Skip to content

StackOverflowError occurs during the login process. #12346

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
DAVE2404 opened this issue Apr 15, 2025 · 1 comment
Open

StackOverflowError occurs during the login process. #12346

DAVE2404 opened this issue Apr 15, 2025 · 1 comment

Comments

@DAVE2404
Copy link

DAVE2404 commented Apr 15, 2025
edited
Loading

Prerequisites

Please check the FAQ, and search existing issues for similar questions before creating a new issue.YOU MAY DELETE THIS PREREQUISITES SECTION.

  • [ v ] I have checked the FAQ, and issues and found no answer.

What version of pinpoint are you using?

web/batch/collector 3.0.2

Describe your problem**

After running the pinpoint-web jar, after the first login, when you clear your cache and cookies and try to log in again, a StackOverflowError occurs.
When the error occurs, it also affects other users (on different PCs), displaying the same error to them as well.

What have you done?

  1. login
  2. Clear Chrome's cookies and cache.
  3. Attempt to log
  4. java.lang.StackOverflowError occur

Screenshots

Image

Logs

web log

04-15 07:50:21.021 [nio-8080-exec-3] WARN  o.s.s.c.b.BCryptPasswordEncoder         :126 -- Empty encoded password
04-15 07:50:21.021 [nio-8080-exec-3] ERROR o.s.b.w.s.s.ErrorPageFilter             :182 -- Forwarding to error page from request [/login] due to exception [null]
java.lang.StackOverflowError: null
        at java.lang.StackStreamFactory$StackFrameTraverser.tryAdvance(StackStreamFactory.java:595) ~[?:?]
        at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:129) ~[?:?]
        at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:527) ~[?:?]
        at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:513) ~[?:?]
        at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499) ~[?:?]
        at java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:150) ~[?:?]
        at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
        at java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:647) ~[?:?]
        at org.apache.logging.log4j.util.StackLocator.lambda$calcLocation$15(StackLocator.java:100) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at java.lang.StackStreamFactory$StackFrameTraverser.consumeFrames(StackStreamFactory.java:534) ~[?:?]
        at java.lang.StackStreamFactory$AbstractStackWalker.doStackWalk(StackStreamFactory.java:306) ~[?:?]
        at java.lang.StackStreamFactory$AbstractStackWalker.callStackWalk(Native Method) ~[?:?]
        at java.lang.StackStreamFactory$AbstractStackWalker.beginStackWalk(StackStreamFactory.java:370) ~[?:?]
        at java.lang.StackStreamFactory$AbstractStackWalker.walk(StackStreamFactory.java:243) ~[?:?]
        at java.lang.StackWalker.walk(StackWalker.java:499) ~[?:?]
        at org.apache.logging.log4j.util.StackLocator.calcLocation(StackLocator.java:97) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.util.StackLocatorUtil.calcLocation(StackLocatorUtil.java:121) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.spi.AbstractLogger.getLocation(AbstractLogger.java:2179) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.spi.AbstractLogger.logMessageTrackRecursion(AbstractLogger.java:2122) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2105) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:1985) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1838) ~[log4j-api-2.20.0.jar!/:2.20.0]
        at org.apache.commons.logging.LogAdapter$Log4jLog.log(LogAdapter.java:260) ~[spring-jcl-6.1.5.jar!/:6.1.5]
        at org.apache.commons.logging.LogAdapter$Log4jLog.warn(LogAdapter.java:214) ~[spring-jcl-6.1.5.jar!/:6.1.5]
        at org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.matches(BCryptPasswordEncoder.java:126) ~[spring-security-crypto-6.1.8.jar!/:6.1.8]
        at org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration$LazyPasswordEncoder.matches(HttpSecurityConfiguration.java:208) ~[sp                   ring-security-config-6.1.8.jar!/:6.1.8]
        at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:86) ~[spring-security-c                   ore-6.1.8.jar!/:6.1.8]
        at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:147) ~[sp                   ring-security-core-6.1.8.jar!/:6.1.8]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]
        at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.8.jar!/:6.1.8]
        at jdk.internal.reflect.GeneratedMethodAccessor24.invoke(Unknown Source) ~[?:?]
        at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-6.1.5.jar!/:6.1.5]
        at jdk.proxy2.$Proxy131.authenticate(Unknown Source) ~[?:?]

Additional context

web.yml

pinpoint:
  zookeeper:
    address: xxx.xxx.xxx.xxx
  modules:
    web:
      login: basicLogin
      webhook: true

spring:
  pinot-datasource:
    pinot:
      jdbc-url: jdbc:pinot://xxx.xxx.xxx.xxx:9000
      username: admin
      password: ********
  profiles:
    active: local
  datasource:
    hikari:
      driver-class-name: com.mysql.cj.jdbc.Driver
      jdbc-url: jdbc:mysql://localhost:3306/pinpoint?characterEncoding=UTF-8
      username: pinpoint
      password: pinpoint

web:
  security:
    auth:
      user: testuser1:dlatl!00,testuser2:dlatl!00
      admin: admin:dlatl!00

config:
  show:
    systemMetric: false
donghun-cho added a commit to donghun-cho/pinpoint that referenced this issue Apr 22, 2025
@donghun-cho
[pinpoint-apm#12346] Fix unintended modification in InMemoryUserDetails
2511615
@donghun-cho
Copy link
Contributor

The password stored in the PinpointMemoryUserDetailsService map gets erased after authentication, which causes the error.
Even though PinpointBasicLoginConfig configures the AuthenticationManager not to erase credentials.

I've made some fixes that will work, but I'm not sure if they're correct. donghun-cho@2511615
If you have any additional context or know a better way to handle this, please share.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DAVE2404 @donghun-cho