[cas-user] Session timeout in 3.5.2.1

Tue, 25 Oct 2016 14:15:18 -0700 

Good afternoon,

I am not clear how session timeouts are handled in 3.5.2.1.  In 3.4.2.1, I
set the web session timeout in the web.xml file:

<session-config>

                <!-- Default to 5 minute session timeouts -->

                <session-timeout>15</session-timeout>

        </session-config>

However, I am not configuring the session appropriately in 3.5.2.1.  I see
this message in the logs for most users:

Terminate web session <session ID> in 2 seconds.

But, on occasion we have a situation where a user is successfully logged
in, but the session has expired and they receive a Successful login message
rather than the target URL.  If they happen to hit the back arrow or enter
the target URL again, they are presented with the desired web page.  When
this situation occurs, the following can be found in the logs:

2016-10-25 12:39:36,327 DEBUG
[org.jasig.cas.web.flow.TerminateWebSessionListener] - Terminate web
session F6D5FDEA46AA09CA982282659B71716E in 2 seconds

2016-10-25 12:39:36,328 DEBUG
[org.jasig.cas.web.flow.TerminateWebSessionListener] - Error getting
service from flow state.

java.lang.IllegalStateException: No active FlowSession to access; this
FlowExecution has ended

        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.getActiveSession(FlowExecutionImpl.java:191)

        at
org.springframework.webflow.engine.impl.RequestControlContextImpl.getFlowScope(RequestControlContextImpl.java:134)

        at
org.jasig.cas.web.support.WebUtils.getService_aroundBody8(WebUtils.java:87)

        at
org.jasig.cas.web.support.WebUtils.getService_aroundBody9$advice(WebUtils.java:57)

        at org.jasig.cas.web.support.WebUtils.getService(WebUtils.java:1)

        at
org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody0(TerminateWebSessionListener.java:62)

        at
org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted_aroundBody1$advice(TerminateWebSessionListener.java:57)

        at org.jasig.cas.web.flow.TerminateWebSessionListener.sessionStarted
(TerminateWebSessionListener.java:1)

       at
org.springframework.webflow.engine.impl.FlowExecutionListeners.fireSessionStarted(FlowExecutionListeners.java:126)

        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:367)

        at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:225)

        at
org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140)

        at
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)

        at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)

        at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)

        at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)

        at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)

        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)

        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at
com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)

        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)

        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)

        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)

        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:128)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:57)

        at
org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)

        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)

        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at
com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)

        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)

        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)

        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)

        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)

After which a normal ticket exchange is recorded for the user:

2016-10-25 12:39:49,568 DEBUG
[org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in
FlowScope: https://beistest.alaska.edu:443/ssomanager/c/SSB

2016-10-25 12:39:49,569 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to
retrieve ticket [
TGT-1-sifew2ENTApO9awep7SyggYOSKUNBTOuSwJivhWbBsf4fiptC2-cas-test.alaska.edu
]

2016-10-25 12:39:49,569 DEBUG
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [
TGT-1-sifew2ENTApO9awep7SyggYOSKUNBTOuSwJivhWbBsf4fiptC2-cas-test.alaska.edu]
found in registry.

What have I missed in the configuration?

Linda


Linda Toth
University of Alaska - Office of Information Technology (OIT) - Identity
and Access Management
910 Yukon Drive, Suite 103
Fairbanks, Alaska 99775
Tel: 907-450-8320
Fax: 907-450-8381
[email protected] | www.alaska.edu/oit/

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOi1v6O484j-%3D-4jP-sVb1jNoazBHijefK%3D6QZ6MTgM6uYtODA%40mail.gmail.com.

Reply via email to