Hi, After fixing the demo, I've made a few tests, but I'm not able to generate this kind of error.
Can you share the flow of HTTP requests / responses? Thanks. Best regards, Jérôme 2016-09-23 10:37 GMT+02:00 Yauheni Sidarenka <yauheni_sidare...@pubget.com>: > Thank you, Jérôme, for responding so quickly. > > Yes, there is an error in my log file: > 2016-09-23 11:04:09,904 ERROR > [org.apereo.cas.support.pac4j.web.flow.ClientAction] > - <Cannot process client #FacebookClient# | name: FacebookClient |> > org.pac4j.core.exception.HttpAction: authentication already tried -> > forbidden > at org.pac4j.core.exception.HttpAction.unauthorized(HttpAction.java:89) > ~[pac4j-core-1.9.1.jar:?] > at > org.pac4j.core.client.IndirectClient.getRedirectAction(IndirectClient.java:74) > ~[pac4j-core-1.9.1.jar:?] > at > org.apereo.cas.support.pac4j.web.flow.ClientAction.prepareForLoginPage(ClientAction.java:161) > ~[cas-server-support-pac4j-5.0.0.RC2.jar:5.0.0.RC2] > at org.apereo.cas.support.pac4j.web.flow.ClientAction. > doExecute(ClientAction.java:128) ~[cas-server-support-pac4j-5. > 0.0.RC2.jar:5.0.0.RC2] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.execution.ActionExecutor. > execute(ActionExecutor.java:51) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.action.EvaluateAction. > doExecute(EvaluateAction.java:77) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.execution.ActionExecutor. > execute(ActionExecutor.java:51) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.State.enter(State.java:194) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.Flow.start(Flow.java:527) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.impl.FlowExecutionImpl. > start(FlowExecutionImpl.java:368) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at org.springframework.webflow.engine.impl.FlowExecutionImpl. > start(FlowExecutionImpl.java:223) ~[spring-webflow-2.4.4. > RELEASE.jar:2.4.4.RELEASE] > at > org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_60] > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) ~[?:1.8.0_60] > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_60] > at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_60] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation. > invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.aop.support.DelegatingIntroductionIntercep > tor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.support.DelegatingIntroductionIntercep > tor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.aop.framework.JdkDynamicAopProxy. > invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at com.sun.proxy.$Proxy144.launchExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:263) > ~[spring-webflow-2.4.4.RELEASE.jar:2.4.4.RELEASE] > at org.springframework.web.servlet.DispatcherServlet. > doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.web.servlet.DispatcherServlet. > doService(DispatcherServlet.java:897) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.servlet.FrameworkServlet. > doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) > ~[servlet-api.jar:?] > at org.springframework.web.servlet.FrameworkServlet. > service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > ~[servlet-api.jar:?] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:291) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-websocket.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.web.filter.ApplicationContextHeaderFilter > .doFilterInternal(ApplicationContextHeaderFilter.java:55) > ~[spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.web.support.CurrentCredentialsAndAuthentic > ationClearingFilter.doFilter(CurrentCredentialsAndAuthenticationClearingFilter.java:28) > ~[cas-server-core-web-5.0.0.RC2.jar:5.0.0.RC2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.security.RequestParameterPolicyEnforcem > entFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) > ~[cas-server-security-filter-2.0.6.jar:2.0.6] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter( > ResponseHeadersEnforcementFilter.java:238) ~[cas-server-security-filter- > 2.0.6.jar:2.0.6] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter( > ClientInfoThreadLocalFilter.java:62) ~[inspektr-common-1.5.GA.jar:1.5.GA] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.actuate.trace.WebRequestTraceFilter. > doFilterInternal(WebRequestTraceFilter.java:105) > ~[spring-boot-actuator-1.4.0.RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter( > ThreadContextMDCServletFilter.java:90) ~[cas-server-core-logging-5.0. > 0.RC2.jar:5.0.0.RC2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.HttpPutFormContentFilter. > doFilterInternal(HttpPutFormContentFilter.java:87) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal( > HiddenHttpMethodFilter.java:77) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.actuate.autoconfigure.MetricsFilter. > doFilterInternal(MetricsFilter.java:107) ~[spring-boot-actuator-1.4.0. > RELEASE.jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.web.filter.CharacterEncodingFilter. > doFilterInternal(CharacterEncodingFilter.java:197) > ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at org.springframework.boot.web.support.ErrorPageFilter. > doFilter(ErrorPageFilter.java:119) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter. > access$000(ErrorPageFilter.java:61) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter$1. > doFilterInternal(ErrorPageFilter.java:94) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.springframework.web.filter.OncePerRequestFilter. > doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE. > jar:4.3.2.RELEASE] > at org.springframework.boot.web.support.ErrorPageFilter. > doFilter(ErrorPageFilter.java:112) ~[spring-boot-1.4.0.RELEASE. > jar:1.4.0.RELEASE] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) > ~[log4j-web-2.6.2.jar:2.6.2] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:239) ~[catalina.jar:8.0.30] > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:206) ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) > ~[catalina.jar:8.0.30] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) > ~[catalina.jar:8.0.30] > at org.apache.catalina.valves.AbstractAccessLogValve.invoke( > AbstractAccessLogValve.java:616) ~[catalina.jar:8.0.30] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) > ~[catalina.jar:8.0.30] > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) > ~[catalina.jar:8.0.30] > at org.apache.coyote.http11.AbstractHttp11Processor.process( > AbstractHttp11Processor.java:1096) ~[tomcat-coyote.jar:8.0.30] > at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler. > process(AbstractProtocol.java:674) ~[tomcat-coyote.jar:8.0.30] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) > ~[tomcat-coyote.jar:8.0.30] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) > ~[tomcat-coyote.jar:8.0.30] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > [?:1.8.0_60] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > [?:1.8.0_60] > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > ~[tomcat-util.jar:8.0.30] > at java.lang.Thread.run(Thread.java:745) [?:1.8.0_60] > 2016-09-23 11:04:09,960 ERROR > [org.springframework.boot.web.support.ErrorPageFilter] > - <Cannot forward to error page for request [/login] as the response has > already been committed. As a result, the response may have the wrong status > code. If your application is running on WebSphere Application Server you > may be able to resolve this problem by setting > com.ibm.ws.webcontainer.invokeFlushAfterService > to false> > > > Also you may notice some extra parameters for /login URL in browser's > address bar in the picture 3.png. > > Regards, > Yauheni > > On Thursday, September 22, 2016 at 9:46:20 PM UTC+3, leleuj wrote: >> >> Hi, >> >> It seems strange: if you are not authenticated, both links should be >> available on the login page. >> >> Any error in your logs? >> >> Thanks. >> Best regards, >> Jérôme >> >> >> 2016-09-22 16:47 GMT+02:00 Yauheni Sidarenka <yauheni_...@pubget.com>: >> >>> Hello all, >>> >>> I was testing CAS server 5.0.0RC2 when I faced an UI problem related to >>> Pac4j delegation to Facebook and Google. >>> I have configured CAS server properly and usually authentication via >>> Facebook or Gogle works fine. >>> >>> But there is one strange case: >>> 1) User goes to /cas/login -> The CAS login page appears with two links: >>> for FB and Google (see 1.png attached) >>> 2) User clicks on link to FB -> If user logs in for the first time, FB >>> app will ask user to grant permissions (see 2.png attached) >>> 3) User declines FB app request by clicking "Cancel" -> User's browser >>> is redirected to the CAS login page, but the page does not contain a link >>> to FB (see 3.png attached) >>> >>> All three steps above reproduce issue for Google OAuth provider too. >>> >>> Any suggestions how to avoid such cases? >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to cas-user+u...@apereo.org. >>> To post to this group, send email to cas-...@apereo.org. >>> Visit this group at https://groups.google.com/a/ap >>> ereo.org/group/cas-user/. >>> To view this discussion on the web visit https://groups.google.com/a/ap >>> ereo.org/d/msgid/cas-user/a9a1cd53-f6fd-4283-b423-6a796662d5 >>> 59%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9a1cd53-f6fd-4283-b423-6a796662d559%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/a/apereo.org/d/optout. >>> >> >> -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To post to this group, send email to cas-user@apereo.org. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/86f7cf48-4fed-47ce-bb8a- > 577c873535f4%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/86f7cf48-4fed-47ce-bb8a-577c873535f4%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To post to this group, send email to cas-user@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LxanEJBHAKSoWC5mhHJD98mq2%3DGyktFR-u6nPAsB%3DkdaA%40mail.gmail.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
