For information, the bug is not preset anymore in 6.5.5 (and 6.5.9) Le lundi 3 janvier 2022 à 18:17:29 UTC+1, Damien Gibou a écrit :
> Hello, > > The bug can still be reproduced with CAS 6.5.0-RC4. > Anything I can do to help track/fix the regression ? > > Damien > > > Le mardi 23 novembre 2021 à 11:10:57 UTC+1, Damien Gibou a écrit : > >> Hello, >> >> We are trying to update from 6.3.7.1 to 6.4.3 and have identified what >> seems a regression. >> >> Authentication handlers are called twice if using the REST API (whereas >> only once when loging in with the UI) >> >> Reproduced with a minimal overlay with no specific customization (use >> of cas-server-support-saml + cas-server-support-rest >> + cas-server-support-json-service-registry in an overlay >> of cas-server-webapp-jetty WAR / spring boot package and static >> auth cas.authn.accept.users=user::user ) >> >> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -i >> http://localhost/cas/v1/tickets --data 'username=user&password=user' >> >> The log has duplicated lines [see below] showing that the authentication >> handler is called twice (and audit entries are generated twice, also). >> >> Reproduced with 6.4.0-RC4, 6.4.0, 6.4.2 and 6.4.3 but not >> 6.4.0-RC1/RC2/RC3 >> >> >> Damien >> >> --------------------- >> 2021-11-23 10:37:40,838 INFO >> [org.apereo.cas.authentication.DefaultAuthenticationManager] - >> Authenticated principal [user] with attributes [{}] via credentials >> [[UsernamePasswordCredential(username=user, source=null, customFields={})]]. >> 2021-11-23 10:37:40,838 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit >> trail record BEGIN >> ============================================================= >> WHO: user >> WHAT: [UsernamePasswordCredential(username=user, source=null, >> customFields={})] >> ACTION: AUTHENTICATION_SUCCESS >> APPLICATION: CAS >> WHEN: Tue Nov 23 10:37:40 CET 2021 >> CLIENT IP ADDRESS: 127.0.0.1 >> SERVER IP ADDRESS: 127.0.0.1 >> ============================================================= >> >> >> 2021-11-23 10:37:40,854 INFO >> [org.apereo.cas.authentication.DefaultAuthenticationManager] - >> Authenticated principal [user] with attributes [{}] via credentials >> [[UsernamePasswordCredential(username=user, source=null, customFields={})]]. >> 2021-11-23 10:37:40,854 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit >> trail record BEGIN >> ============================================================= >> WHO: user >> WHAT: [UsernamePasswordCredential(username=user, source=null, >> customFields={})] >> ACTION: AUTHENTICATION_SUCCESS >> APPLICATION: CAS >> WHEN: Tue Nov 23 10:37:40 CET 2021 >> CLIENT IP ADDRESS: 127.0.0.1 >> SERVER IP ADDRESS: 127.0.0.1 >> ============================================================= >> >> >> 2021-11-23 10:37:40,892 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit >> trail record BEGIN >> ============================================================= >> WHO: user >> WHAT: TGT-1-*****nTHRzbxGTw-FRL012435 >> ACTION: TICKET_GRANTING_TICKET_CREATED >> APPLICATION: CAS >> WHEN: Tue Nov 23 10:37:40 CET 2021 >> CLIENT IP ADDRESS: 127.0.0.1 >> SERVER IP ADDRESS: 127.0.0.1 >> ============================================================= >> >> >> 2021-11-23 10:37:40,892 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit >> trail record BEGIN >> ============================================================= >> WHO: user >> WHAT: {location= >> http://localhost:15446/cas/v1/tickets/TGT-1--GOVpcgd2ew2gc-JX5ZkxuxrVZYebA0-cqawxaTV9vZUcKA9YaVD95eOQnTHRzbxGTw-FRL012435, >> >> status=201-CREATED} >> ACTION: REST_API_TICKET_GRANTING_TICKET_CREATED >> APPLICATION: CAS >> WHEN: Tue Nov 23 10:37:40 CET 2021 >> CLIENT IP ADDRESS: 127.0.0.1 >> SERVER IP ADDRESS: 127.0.0.1 >> ============================================================= >> >> >> -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/b0b8e18d-1921-4591-a220-4afbdda4acb6n%40apereo.org.
