Develop: Zap stays in Scanner

I am using docker-compose.yml with a self build engine and zap. Both are current **develop**-branch without modifications.
I scan the juice shop via swagger:
`
[
    {
        "name": "ZAP Scan 10.10.11.104",
        "location": "http://10.10.11.104:3000/",
        "attributes": {
            "ZAP_BASE_URL": "http://10.10.11.104:3000/",
            "ZAP_SPIDER_MAX_DEPTH": 1
        }
    }
]
`

I am not sure which warning/error in the following log is the cause for zap to stay Scanner after finishing "Run OWASP Zap Spider" in the engine.

I see the following in the zap-container-logs:
```
214907 [ZAP-ProxyThread-70] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite  - Setting new active session for site '10.10.11.104:3000': HttpSession [name=secureCodeBoxSession, active=false, tokenValues='']
214911 [ZAP-ProxyThread-71] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite  - Setting new active session for site '10.10.11.104:3000': HttpSession [name=secureCodeBoxSession, active=true, tokenValues='']
2018-11-16 12:50:00.561  INFO 118 --- [pool-1-thread-4] i.s.zap.service.zap.ZapService           : Recalling 0 requests to zap.
2018-11-16 12:50:00.561  INFO 118 --- [pool-1-thread-4] i.s.zap.service.zap.ZapService           : Starting scanner for targetUrl 'http://10.10.11.104:3000/main.js' and userId -1.
2018-11-16 12:50:00.594  INFO 118 --- [pool-1-thread-4] i.s.zap.service.zap.ZapService           : No custom ZAP replacer rule defined yet.
214949 [ZAP-ProxyThread-78] WARN org.zaproxy.zap.extension.api.API  - Bad request to API endpoint [/xml/ascan/action/scan/] from [127.0.0.1]:
URL Not Found in the Scan Tree (url_not_found)
	at org.zaproxy.zap.extension.ascan.ActiveScanAPI.scanURL(ActiveScanAPI.java:779)
	at org.zaproxy.zap.extension.ascan.ActiveScanAPI.handleApiAction(ActiveScanAPI.java:293)
	at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:431)
	at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:456)
	at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:317)
	at java.lang.Thread.run(Thread.java:748)
2018-11-16 12:50:00.604 ERROR 118 --- [pool-1-thread-4] i.s.zap.jobs.definition.EngineWorkerJob  : Job execution error!

org.zaproxy.clientapi.core.ClientApiException: URL Not Found in the Scan Tree
	at org.zaproxy.clientapi.core.ApiResponseFactory.getResponse(ApiResponseFactory.java:50) ~[zap-clientapi-1.6.0.jar!/:1.6.0]
	at org.zaproxy.clientapi.core.ClientApi.callApi(ClientApi.java:332) ~[zap-clientapi-1.6.0.jar!/:1.6.0]
	at org.zaproxy.clientapi.gen.Ascan.scan(Ascan.java:278) ~[zap-clientapi-1.6.0.jar!/:1.6.0]
	at org.zaproxy.clientapi.gen.Ascan.scan(Ascan.java:236) ~[zap-clientapi-1.6.0.jar!/:1.6.0]
	at io.securecodebox.zap.service.zap.ZapService.startScannerAsUser(ZapService.java:260) ~[classes!/:na]
	at io.securecodebox.zap.jobs.definition.EngineWorkerJob.executeScanner(EngineWorkerJob.java:239) ~[classes!/:na]
	at io.securecodebox.zap.jobs.definition.EngineWorkerJob.performScannerTask(EngineWorkerJob.java:179) ~[classes!/:na]
	at io.securecodebox.zap.jobs.definition.EngineWorkerJob.execute(EngineWorkerJob.java:108) ~[classes!/:na]
	at de.otto.edison.jobs.service.JobService$1.execute(JobService.java:252) [edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobRunner.executeAndRetry(JobRunner.java:61) [edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobRunner.start(JobRunner.java:50) [edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobService.lambda$startAsync$7(JobService.java:216) [edison-jobs-0.82.2.jar!/:na]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) ~[na:1.8.0_131]
	at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) ~[na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) ~[na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[na:1.8.0_131]
	at java.lang.Thread.run(Thread.java:748) ~[na:1.8.0_131]

2018-11-16 12:50:00.728 ERROR 118 --- [pool-1-thread-4] d.o.e.jobs.eventbus.LogJobEventListener  : 'Fatal error in job engine/worker/owasp/zap (64287835-c2f1-42bd-aee7-e602b53f5034)
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure": http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure; nested exception is java.io.FileNotFoundException: http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure
	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:674)
	at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:621)
	at org.springframework.web.client.RestTemplate.postForEntity(RestTemplate.java:415)
	at io.securecodebox.zap.service.engine.EngineTaskApiClient.reportFailure(EngineTaskApiClient.java:145)
	at io.securecodebox.zap.service.engine.ZapTaskService.reportFailure(ZapTaskService.java:66)
	at io.securecodebox.zap.jobs.definition.EngineWorkerJob.execute(EngineWorkerJob.java:111)
	at de.otto.edison.jobs.service.JobService$1.execute(JobService.java:252)
	at de.otto.edison.jobs.service.JobRunner.executeAndRetry(JobRunner.java:61)
	at de.otto.edison.jobs.service.JobRunner.start(JobRunner.java:50)
	at de.otto.edison.jobs.service.JobService.lambda$startAsync$7(JobService.java:216)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.FileNotFoundException: http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1872)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
	at org.springframework.http.client.SimpleClientHttpResponse.getBody(SimpleClientHttpResponse.java:85)
	at org.springframework.http.client.BufferingClientHttpResponseWrapper.getBody(BufferingClientHttpResponseWrapper.java:69)
	at io.securecodebox.zap.service.engine.LoggingRequestInterceptor.traceResponse(LoggingRequestInterceptor.java:58)
	at io.securecodebox.zap.service.engine.LoggingRequestInterceptor.intercept(LoggingRequestInterceptor.java:44)
	at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:88)
	at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:72)
	at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
	at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:660)
	... 16 more
': '64287835-c2f1-42bd-aee7-e602b53f5034'
2018-11-16 12:50:00.730 ERROR 118 --- [pool-1-thread-4] de.otto.edison.jobs.service.JobRunner    : Fatal error in job engine/worker/owasp/zap (64287835-c2f1-42bd-aee7-e602b53f5034)

org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure": http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure; nested exception is java.io.FileNotFoundException: http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure
	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:674) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:621) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.web.client.RestTemplate.postForEntity(RestTemplate.java:415) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at io.securecodebox.zap.service.engine.EngineTaskApiClient.reportFailure(EngineTaskApiClient.java:145) ~[classes!/:na]
	at io.securecodebox.zap.service.engine.ZapTaskService.reportFailure(ZapTaskService.java:66) ~[classes!/:na]
	at io.securecodebox.zap.jobs.definition.EngineWorkerJob.execute(EngineWorkerJob.java:111) ~[classes!/:na]
	at de.otto.edison.jobs.service.JobService$1.execute(JobService.java:252) ~[edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobRunner.executeAndRetry(JobRunner.java:61) [edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobRunner.start(JobRunner.java:50) [edison-jobs-0.82.2.jar!/:na]
	at de.otto.edison.jobs.service.JobService.lambda$startAsync$7(JobService.java:216) [edison-jobs-0.82.2.jar!/:na]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) ~[na:1.8.0_131]
	at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) ~[na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) ~[na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[na:1.8.0_131]
	at java.lang.Thread.run(Thread.java:748) ~[na:1.8.0_131]
Caused by: java.io.FileNotFoundException: http://engine:8080/box/jobs/ff1825e9-e99d-11e8-a098-0242ac120006/failure
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1872) ~[na:1.8.0_131]
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474) ~[na:1.8.0_131]
	at org.springframework.http.client.SimpleClientHttpResponse.getBody(SimpleClientHttpResponse.java:85) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.http.client.BufferingClientHttpResponseWrapper.getBody(BufferingClientHttpResponseWrapper.java:69) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at io.securecodebox.zap.service.engine.LoggingRequestInterceptor.traceResponse(LoggingRequestInterceptor.java:58) ~[classes!/:na]
	at io.securecodebox.zap.service.engine.LoggingRequestInterceptor.intercept(LoggingRequestInterceptor.java:44) ~[classes!/:na]
	at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:88) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:72) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:660) ~[spring-web-4.3.15.RELEASE.jar!/:4.3.15.RELEASE]
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Develop: Zap stays in Scanner #26

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Develop: Zap stays in Scanner #26

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions