This is about a bad webflow execution key, indicated by the execution parameter that is badly provided or parsed. Either you have someone trying to POST to the CAS login endpoint from the outside, or you have someone send you a bad request to a page/endpoint that causes the blowup. Coincidentally, a project I am working on today reported a similar issue and it turned out to be a saml request sent to the CAS logout endpoint (which was wrong to begin with it) You may also want to look at your access-log and see where the requests are coming from.
--Misagh > From: "Adam Causey" <apcau...@vcu.edu> > To: cas-user@apereo.org > Sent: Friday, January 5, 2018 6:40:42 PM > Subject: Re: [cas-user] Re: Webflow error in CAS 5.1.4 > Misagh, > The login page loads fine for users. Is there something on the page that I > should check? > Thanks! > On Fri, Jan 5, 2018, 11:45 AM Misagh Moayyed < mmoay...@unicon.net > wrote: >> You have a bad login page. >> Also you're to upgrade to the latest 5.1.x release line. Any patch release >> that >> goes out unofficially invalidates its predecessors. >> --Misagh >>> From: "Adam Causey" < apcau...@vcu.edu > >>> To: cas-user@apereo.org >>> Sent: Friday, January 5, 2018 8:16:21 AM >>> Subject: [cas-user] Re: Webflow error in CAS 5.1.4 >>> We have kept version 5.1.4 in production, however we still see the errors >>> in the >>> logs. We haven't received any user complaints, and there is no username >>> coming >>> back with the error message. Does anyone know how I might be able to trace >>> back >>> what page is creating the error? >>> On Thu, Jan 4, 2018 at 7:21 AM, Adam Causey < apcau...@vcu.edu > wrote: >>>> I recently rolled out CAS 5.1.4 to our production environment, however we >>>> started to see these errors in our logs. We performed a great deal of >>>> testing >>>> but never encountered this error. Any ideas of what could be causing this? >>>> 2018-01-04 07:18:13,905 [ajp-nio-8011-exec-1] ERROR >>>> org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet] >>>> - Servlet.service() for servlet [dispatcherServlet] in context with path >>>> [/cas] >>>> threw exception [Request processing failed; nested exception is >>>> org.springframework.webflow.execution.repository.BadlyFormattedFlowExecutionKeyException: >>>> Badly formatted flow execution key 'e2s1', the expected format is >>>> '<uuid>_<base64-encoded-flow-state>'] with root cause >>>> org.springframework.webflow.execution.repository.BadlyFormattedFlowExecutionKeyException: >>>> Badly formatted flow execution key 'e2s1', the expected format is >>>> '<uuid>_<base64-encoded-flow-state>' >>>> at >>>> org.apereo.spring.webflow.plugin.ClientFlowExecutionKey.parse(ClientFlowExecutionKey.java:102) >>>> ~[spring-webflow-client-repo-1.0.3.jar!/:1.0.3] >>>> at >>>> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.parseFlowExecutionKey(ClientFlowExecutionRepository.java:74) >>>> ~[spring-webflow-client-repo-1.0.3.jar!/:1.0.3] >>>> at >>>> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:164) >>>> ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] >>>> at sun.reflect.GeneratedMethodAccessor293.invoke(Unknown Source) ~[?:?] >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> ~[?:1.8.0_141] >>>> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_141] >>>> at >>>> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >>>> ~[spring-aop-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at com.sun.proxy.$Proxy158.resumeExecution(Unknown Source) ~[?:?] >>>> at >>>> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) >>>> ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] >>>> at >>>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) >>>> ~[spring-webmvc-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) >>>> ~[spring-webmvc-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) >>>> ~[spring-webmvc-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) >>>> ~[spring-webmvc-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) >>>> ~[javax.servlet-api-3.1.0.jar!/:3.1.0] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) >>>> ~[spring-webmvc-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) >>>> ~[javax.servlet-api-3.1.0.jar!/:3.1.0] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >>>> ~[tomcat-embed-websocket-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:28) >>>> ~[cas-server-core-web-5.1.4.jar!/:5.1.4] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) >>>> ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:238) >>>> ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) >>>> ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:90) >>>> ~[cas-server-core-logging-5.1.4.jar!/:5.1.4] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) >>>> ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >>>> ~[spring-web-4.3.11.RELEASE.jar!/:4.3.11.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) >>>> ~[inspektr-common-1.7.GA.jar!/: 1.7.GA ] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:677) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:486) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at org.apache.tomcat.util.net >>>> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1457) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at org.apache.tomcat.util.net >>>> .SocketProcessorBase.run(SocketProcessorBase.java:49) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) >>>> [?:1.8.0_141] >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) >>>> [?:1.8.0_141] >>>> at >>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >>>> ~[tomcat-embed-core-8.5.20.jar!/:8.5.20] >>>> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_141] >>>> Thanks! >>>> Adam >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google Groups >>> "CAS >>> Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email >>> to cas-user+unsubscr...@apereo.org . >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAN6MV5NW8Zf%2Bv%2BXysmSGkZpQX43SiWPO1hqotdkaf8zuEE3Fow%40mail.gmail.com >>> . >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS >> Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email >> to cas-user+unsubscr...@apereo.org . >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/37316170.11653158.1515170753136.JavaMail.zimbra%40unicon.net >> . > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups "CAS > Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email > to cas-user+unsubscr...@apereo.org . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAN6MV5OiCJDNsCdzn5PTuSgHnNX_azWzh_4iN1TdMPTkHbLNjA%40mail.gmail.com > . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/320188926.11848694.1515440355754.JavaMail.zimbra%40unicon.net.
