Hi, After fixing the demo, I've made a few tests, but I'm not able to generate this kind of error.
Can you share the flow of HTTP requests / responses? Thanks. Best regards, Jérôme 2016-09-23 10:37 GMT+02:00 Yauheni Sidarenka <[email protected]>: > Thank you, Jérôme, for responding so quickly. > > Yes, there is an error in my log file: > 2016-09-23 11:04:09,904 ERROR > [org.apereo.cas.support.pac4j.web.flow.ClientAction] > - <Cannot process client #FacebookClient# | name: FacebookClient |> > org.pac4j.core.exception.HttpAction: authentication already tried -> > forbidden > at org.pac4j.core.exception.HttpAction.unauthorized(HttpAction.java:89) > ~[pac4j-core-1.9.1.jar:?] > at > org.pac4j.core.client.IndirectClient.getRedirectAction(IndirectClient.java:74) > ~[pac4j-core-1.9.1.jar:?] > at > org.apereo.cas.support.pac4j.web.flow.ClientAction.prepareForLoginPage(ClientAction.java:161) > ~[cas-server-support-pac4j-5.0.0.RC2.jar:5.0.0.RC2] > at org.apereo.cas.support.pac4j.web.flow.ClientAction. > doExecute(ClientAction.java:128) ~[cas-server-support-pac4j-5. > 0.0.RC2.jar:5.0.0.RC2] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.execution.ActionExecutor. > execute(ActionExecutor.java:51) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.action.EvaluateAction. > doExecute(EvaluateAction.java:77) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.execution.ActionExecutor. > execute(ActionExecutor.java:51) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.State.enter(State.java:194) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.Flow.start(Flow.java:527) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.impl.FlowExecutionImpl. > start(FlowExecutionImpl.java:368) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.impl.FlowExecutionImpl. > start(FlowExecutionImpl.java:223) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_60] > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) ~[?:1.8.0_60] > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_60] > at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_60] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation. > invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.aop.support.DelegatingIntroductionIntercep > tor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.support.DelegatingIntroductionIntercep > tor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.aop.framework.JdkDynamicAopProxy. > invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at com.sun.proxy.$Proxy144.launchExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:263) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.web.servlet.DispatcherServlet. > doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.web.servlet.DispatcherServlet. > doService(DispatcherServlet.java:897) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.servlet.FrameworkServlet. > doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) > ~[servlet-api.jar:?] > at org.springframework.web.servlet.FrameworkServlet. > service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > ~[servlet-api.jar:?] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:291) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-websocket.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.web.filter.ApplicationContextHeaderFilter > .doFilterInternal(ApplicationContextHeaderFilter.java:55) > ~[spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.web.support.CurrentCredentialsAndAuthentic > ationClearingFilter.doFilter(CurrentCredentialsAndAuthenticationClearingFilter.java:28) > ~[cas-server-core-web-5.0.0.RC2.jar:5.0.0.RC2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.security.RequestParameterPolicyEnforcem > entFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) > ~[cas-server-security-filter-2.0.6.jar:2.0.6] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter( > ResponseHeadersEnforcementFilter.java:238) ~[cas-server-security-filter- > 2.0.6.jar:2.0.6] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter( > ClientInfoThreadLocalFilter.java:62) ~[inspektr-common-1.5.GA.jar:1.5.GA] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.actuate.trace.WebRequestTraceFilter. > doFilterInternal(WebRequestTraceFilter.java:105) > ~[spring-boot-actuator-1.4.0.RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter( > ThreadContextMDCServletFilter.java:90) ~[cas-server-core-logging-5.0. > 0.RC2.jar:5.0.0.RC2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.HttpPutFormContentFilter. > doFilterInternal(HttpPutFormContentFilter.java:87) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal( > HiddenHttpMethodFilter.java:77) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.actuate.autoconfigure.MetricsFilter. > doFilterInternal(MetricsFilter.java:107) ~[spring-boot-actuator-1.4.0. > RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.CharacterEncodingFilter. > doFilterInternal(CharacterEncodingFilter.java:197) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.web.support.ErrorPageFilter. > doFilter(ErrorPageFilter.java:119) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter. > access$000(ErrorPageFilter.java:61) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter$1. > doFilterInternal(ErrorPageFilter.java:94) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter. > doFilter(ErrorPageFilter.java:112) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) > ~[log4j-web-2.6.2.jar:2.6.2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) > ~[catalina.jar:8.0.30] > at org.apache.catalina.valves.AbstractAccessLogValve.invoke( > AbstractAccessLogValve.java:616) ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) > ~[catalina.jar:8.0.30] > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) > ~[catalina.jar:8.0.30] > at org.apache.coyote.http11.AbstractHttp11Processor.process( > AbstractHttp11Processor.java:1096) ~[tomcat-coyote.jar:8.0.30] > at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler. > process(AbstractProtocol.java:674) ~[tomcat-coyote.jar:8.0.30] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) > ~[tomcat-coyote.jar:8.0.30] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) > ~[tomcat-coyote.jar:8.0.30] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > [?:1.8.0_60] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > [?:1.8.0_60] > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > ~[tomcat-util.jar:8.0.30] > at java.lang.Thread.run(Thread.java:745) [?:1.8.0_60] > 2016-09-23 11:04:09,960 ERROR > [org.springframework.boot.web.support.ErrorPageFilter] > - <Cannot forward to error page for request [/login] as the response has > already been committed. As a result, the response may have the wrong status > code. If your application is running on WebSphere Application Server you > may be able to resolve this problem by setting > com.ibm.ws.webcontainer.invokeFlushAfterService > to false> > > > Also you may notice some extra parameters for /login URL in browser's > address bar in the picture 3.png. > > Regards, > Yauheni > > On Thursday, September 22, 2016 at 9:46:20 PM UTC+3, leleuj wrote: >> >> Hi, >> >> It seems strange: if you are not authenticated, both links should be >> available on the login page. >> >> Any error in your logs? >> >> Thanks. >> Best regards, >> Jérôme >> >> >> 2016-09-22 16:47 GMT+02:00 Yauheni Sidarenka <[email protected]>: >> >>> Hello all, >>> >>> I was testing CAS server 5.0.0RC2 when I faced an UI problem related to >>> Pac4j delegation to Facebook and Google. >>> I have configured CAS server properly and usually authentication via >>> Facebook or Gogle works fine. >>> >>> But there is one strange case: >>> 1) User goes to /cas/login -> The CAS login page appears with two links: >>> for FB and Google (see 1.png attached) >>> 2) User clicks on link to FB -> If user logs in for the first time, FB >>> app will ask user to grant permissions (see 2.png attached) >>> 3) User declines FB app request by clicking "Cancel" -> User's browser >>> is redirected to the CAS login page, but the page does not contain a link >>> to FB (see 3.png attached) >>> >>> All three steps above reproduce issue for Google OAuth provider too. >>> >>> Any suggestions how to avoid such cases? >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at https://groups.google.com/a/ap >>> ereo.org/group/cas-user/. >>> To view this discussion on the web visit https://groups.google.com/a/ap >>> ereo.org/d/msgid/cas-user/a9a1cd53-f6fd-4283-b423-6a796662d5 >>> 59%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9a1cd53-f6fd-4283-b423-6a796662d559%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/a/apereo.org/d/optout. >>> >> >> -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/86f7cf48-4fed-47ce-bb8a- > 577c873535f4%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/86f7cf48-4fed-47ce-bb8a-577c873535f4%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LxanEJBHAKSoWC5mhHJD98mq2%3DGyktFR-u6nPAsB%3DkdaA%40mail.gmail.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
