Users may face the following application error from failing Spring Boot Application deployed with/on TAS:
[APP/PROC/WEB/0] [ERR] Caused by: java.lang.IllegalArgumentException: Could not resolve placeholder '<EXAMPLE>.clientSecret' in value "${<EXAMPLE>.clientSecret}"
Users may also see similar/corresponding errors below:
[APP/PROC/WEB/6] [OUT] Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '<EXAMPLE-CONFIG>': Injection of autowired dependencies failed; nested exception is java.lang. IllegalArgumentException: Could not resolve placeholder '<EXAMPLE>.clientSecret' in value
# and/or:
org-springframework.boot.loader.JarLauncher-main(JarLauncher.java:65)InCaused by: Org.springframework-web.client.HttpClientErrorException$BadRequesty 400 Bad Request: \"(\"errors)": [\"Error requesting apps: Get ||\"https://API.EXAMPLE-
depth=211\": oauth2: 11\"invalid_token||\" ||\"Could not verify token signature
ERROR -- : [55ba3b96-0162-4a0e-a7b7-464c19cea6f9] (cloudfoundry) error response: {"error"=>"access_denied", "error_description"=>"Invalid token does not contain resource id (openid)"}
oauth2: \"invalid_token\" \"Could not verify token signature.\"\n\tat org.springframework.vault.authentication.VaultLoginException.create(VaultLoginException.java:61)\n\tat org.springframework.vault.authentication.PcfAuthentication.login(PcfAuthentication.java:119)\n\tat org.springframework.vault.authentication.LifecycleAwareSessionManager.doGetSessionToken(LifecycleAwareSessionManager.java:292)\n\tat
This issue occurs when a Spring application that is deployed on TAS uses Spring Vault or a third party Vault tool/engine to embed secrets into an application, but then the Vaults authentication process fails to validate the apps identity/token. Therefore, crashing the app that utilizes the Vaults tooling/engine.
Restarting/reloading of auth engine config in Vault can potentially resolve the issue.
If restarting/reloading of auth engine config in Vault does not resolve the issue, then is recommended to create new ticket with the users actual Vault vendor (ie: Consul, HashiCorp Vault, Spring) will need to be created that mentions the missing/incorrect secret in the exception. For this scenario, said secret would be: '<EXAMPLE>'
as seen in the app log exception below:
[APP/PROC/WEB/6] [OUT] Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '<EXAMPLE>.Config': Injection of autowired dependencies failed; nested exception is java.lang. IllegalArgumentException: Could not resolve placeholder '<EXAMPLE>' in value