I am using Apereo Central Authentication Service 4.1.4 <http://www.apereo.org/cas> version.
I have configured two tomcat servers in the cluster. Both servers have CAS-oAuth2.0 support enabled. In order to test, I have a sample oAuth 2.0 client which is requesting the access through my server. I am using Hazelcast for the Service Registry. The server is responding correctly without server clustering. However, when two servers are running, the callbackAuthorize method is erring with error oauth20_callbackUrl is missing from the session and can not be retrieved. Please review the logs without and with clustering below. The CAS documentation does not ask for the session replication across the servers. So is there something that I am missing? I will really appreciate someone can help me immediately to resolve this. ###### Debug log with clustering on ########## [DEBUG] 2016-02-19 16:23:39,626 [http-nio-8080-exec-3] [] org.jasig.cas.support.oauth.web.BaseOAuthWrapperController debug - method : callbackAuthorize [DEBUG] 2016-02-19 16:23:39,626 [http-nio-8080-exec-3] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - ticket : null [DEBUG] 2016-02-19 16:23:39,626 [http-nio-8080-exec-3] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - oauth20_callbackUrl : null [ERROR] 2016-02-19 16:23:39,626 [http-nio-8080-exec-3] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController error - oauth20_callbackUrl is missing from the session and can not be retrieved. ###### Debug log with clustering OFF ########## [DEBUG] 2016-02-19 16:24:54,538 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.BaseOAuthWrapperController debug - method : callbackAuthorize [DEBUG] 2016-02-19 16:24:54,539 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - ticket : ST-8-ZCQEDMoSFN63RmZOXB5P-qual.cas.laureate.net [DEBUG] 2016-02-19 16:24:54,539 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - oauth20_callbackUrl : https://qual.cas.laureate.net/OAuth2TestApp/oauth2callback [DEBUG] 2016-02-19 16:24:54,540 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - oauth20_state : null [DEBUG] 2016-02-19 16:24:54,540 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - oauth20_callbackUrl : https://qual.cas.laureate.net/OAuth2TestApp/oauth2callback?code=ST-8-ZCQEDMoSFN63RmZOXB5P-qual.cas.laureate.net [DEBUG] 2016-02-19 16:24:54,540 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - bypassApprovalPrompt : false [DEBUG] 2016-02-19 16:24:54,541 [http-nio-8080-exec-6] [] org.jasig.cas.support.oauth.web.OAuth20CallbackAuthorizeController debug - serviceName : SampleOauthClient -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
