Hello, The bug can still be reproduced with CAS 6.5.0-RC4. Anything I can do to help track/fix the regression ?
Damien Le mardi 23 novembre 2021 à 11:10:57 UTC+1, Damien Gibou a écrit : > Hello, > > We are trying to update from 6.3.7.1 to 6.4.3 and have identified what > seems a regression. > > Authentication handlers are called twice if using the REST API (whereas > only once when loging in with the UI) > > Reproduced with a minimal overlay with no specific customization (use > of cas-server-support-saml + cas-server-support-rest > + cas-server-support-json-service-registry in an overlay > of cas-server-webapp-jetty WAR / spring boot package and static > auth cas.authn.accept.users=user::user ) > > curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -i > http://localhost/cas/v1/tickets --data 'username=user&password=user' > > The log has duplicated lines [see below] showing that the authentication > handler is called twice (and audit entries are generated twice, also). > > Reproduced with 6.4.0-RC4, 6.4.0, 6.4.2 and 6.4.3 but not 6.4.0-RC1/RC2/RC3 > > > Damien > > --------------------- > 2021-11-23 10:37:40,838 INFO > [org.apereo.cas.authentication.DefaultAuthenticationManager] - > Authenticated principal [user] with attributes [{}] via credentials > [[UsernamePasswordCredential(username=user, source=null, customFields={})]]. > 2021-11-23 10:37:40,838 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit > trail record BEGIN > ============================================================= > WHO: user > WHAT: [UsernamePasswordCredential(username=user, source=null, > customFields={})] > ACTION: AUTHENTICATION_SUCCESS > APPLICATION: CAS > WHEN: Tue Nov 23 10:37:40 CET 2021 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > 2021-11-23 10:37:40,854 INFO > [org.apereo.cas.authentication.DefaultAuthenticationManager] - > Authenticated principal [user] with attributes [{}] via credentials > [[UsernamePasswordCredential(username=user, source=null, customFields={})]]. > 2021-11-23 10:37:40,854 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit > trail record BEGIN > ============================================================= > WHO: user > WHAT: [UsernamePasswordCredential(username=user, source=null, > customFields={})] > ACTION: AUTHENTICATION_SUCCESS > APPLICATION: CAS > WHEN: Tue Nov 23 10:37:40 CET 2021 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > 2021-11-23 10:37:40,892 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit > trail record BEGIN > ============================================================= > WHO: user > WHAT: TGT-1-*****nTHRzbxGTw-FRL012435 > ACTION: TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Tue Nov 23 10:37:40 CET 2021 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > 2021-11-23 10:37:40,892 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit > trail record BEGIN > ============================================================= > WHO: user > WHAT: {location= > http://localhost:15446/cas/v1/tickets/TGT-1--GOVpcgd2ew2gc-JX5ZkxuxrVZYebA0-cqawxaTV9vZUcKA9YaVD95eOQnTHRzbxGTw-FRL012435, > > status=201-CREATED} > ACTION: REST_API_TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Tue Nov 23 10:37:40 CET 2021 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/4f580dfb-8a2a-495d-ad59-0380ed17377en%40apereo.org.
