Hello,

We are trying to update from 6.3.7.1 to 6.4.3 and have identified what 
seems a regression.

Authentication handlers are called twice if using the REST API (whereas 
only once when loging in with the UI)

Reproduced with a minimal overlay with no specific customization (use 
of cas-server-support-saml + cas-server-support-rest 
+ cas-server-support-json-service-registry in an overlay 
of  cas-server-webapp-jetty WAR / spring boot package and static 
auth cas.authn.accept.users=user::user )

curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -i 
http://localhost/cas/v1/tickets --data 'username=user&password=user'

The log has duplicated lines [see below] showing that the authentication 
handler is called twice (and audit entries are generated twice, also).
   
Reproduced with 6.4.0-RC4, 6.4.0, 6.4.2 and 6.4.3 but not 6.4.0-RC1/RC2/RC3


  Damien

---------------------
2021-11-23 10:37:40,838 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
Authenticated principal [user] with attributes [{}] via credentials 
[[UsernamePasswordCredential(username=user, source=null, customFields={})]].
2021-11-23 10:37:40,838 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: user
WHAT: [UsernamePasswordCredential(username=user, source=null, 
customFields={})]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 23 10:37:40 CET 2021
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================


2021-11-23 10:37:40,854 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
Authenticated principal [user] with attributes [{}] via credentials 
[[UsernamePasswordCredential(username=user, source=null, customFields={})]].
2021-11-23 10:37:40,854 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: user
WHAT: [UsernamePasswordCredential(username=user, source=null, 
customFields={})]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 23 10:37:40 CET 2021
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================


2021-11-23 10:37:40,892 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: user
WHAT: TGT-1-*****nTHRzbxGTw-FRL012435
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 23 10:37:40 CET 2021
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================


2021-11-23 10:37:40,892 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit 
trail record BEGIN
=============================================================
WHO: user
WHAT: 
{location=http://localhost:15446/cas/v1/tickets/TGT-1--GOVpcgd2ew2gc-JX5ZkxuxrVZYebA0-cqawxaTV9vZUcKA9YaVD95eOQnTHRzbxGTw-FRL012435,
 
status=201-CREATED}
ACTION: REST_API_TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 23 10:37:40 CET 2021
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================


-- 
You received this message because you are subscribed to the Google Groups "CAS 
Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-dev/5ed2f399-9367-47eb-8fdf-0d966889f18bn%40apereo.org.

Reply via email to