Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-18715

/atlas/security-diagnostic api returns 500 halfway through response.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Parked
    • Affects Version/s: 3.11.0, 3.14.0
    • Fix Version/s: None
    • Component/s: Security
    • Story Points:
      1
    • Notability:
      3

      Description

      Hello,

      We've been using the /atlas/security diagnostics API in Nexus OSS 3.3.1-01. However, after an upgrade to 3.11.0-01 (and we tried 3.14.0-04 as well) we faced issues with the API. It had been moved, and it wasn't working correctly after the move.

      We have created a fake user to test if our ldap configuration is working correctly. When trying to request the details of this user, the API crashes when trying to expand the users permissions.

      Like this:

      [root@someserver /]# curl -k --silent --write-out HTTPSTATUS:%{http_code} -u admin:admin123 https://nexus.url/nexus/service/rest/atlas/security-diagnostic/user/fakeusr
        "user" : {
          "userId" : "fakeusr",
          "status" : "active",
          "firstName" : "fake user",
          "version" : "1",
          "lastName" : "User",
          "emailAddress" : "dummy@nomail.com",
          "readOnly" : false,
          "source" : "default",
          "name" : "fake user",
          "roles" : {
            "nx-admin" : {
              "version" : null,
              "description" : "Administrator Role",
              "readOnly" : true,
              "source" : "default",
              "name" : null,
              "privileges" : {
                "nx-all" : {
                  "type" : "wildcard",
                  "properties" : {
                    "pattern" : "nexus:*"
                  },
                  "version" : null,
                  "description" : "All permissions",
                  "permission"
                }
              }
            }
          }
        }
      }ERROR: (ID 1d7ee5f4-3c65-4dad-8a3a-61d812aab041) com.fasterxml.jackson.databind.exc.InvalidDefinitionException: No serializer found for class org.sonatype.nexus.security.authz.WildcardPermission2 and no properties discovered to create BeanSerializer (to avoid exception, disable SerializationFeature.FAIL_ON_EMPTY_BEANS) (through reference chain: java.util.LinkedHashMap["user"]>java.util.LinkedHashMap["roles"]>java.util.LinkedHashMap["nx-admin"]>java.util.LinkedHashMap["privileges"]>java.util.LinkedHashMap["nx-all"]->java.util.LinkedHashMap["permission"])
      HTTPSTATUS:500

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              ceruza Magnus Aronsson
              Last Updated By:
              Peter Lynch Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title