Ray, To answer your question. Yes there are two tomcat servers running the application and load balancer switches between the servers. I will check with the Run team for clustering or setting load balancer to be sticky.
Travis, Yes the encryption keys are copied across the servers so they are same. Anyhow I will verify that once as well. Regards, Jay On Friday, May 18, 2018 at 9:44:44 PM UTC+5:30, Travis Schmidt wrote: > > Do you have the same webflow encryption keys set in each of the config > files on the different servers? If the property is not present the server > generates it's own on each server at start up, resulting in each server not > understanding the other. > > > > On Fri, May 18, 2018 at 8:39 AM Ray Bon <rb...@uvic.ca <javascript:>> > wrote: > >> Jay, >> >> Are there multiple CAS servers? Could this be a result of the load >> balancer switching between CAS servers for each request (load form, post >> form)? >> You may need to cluster your tomcats or set load balancer to be sticky. >> >> Ray >> >> On Thu, 2018-05-17 at 22:42 -0700, Jay wrote: >> >> Hi Ray, >> >> >> Yes, it does not allow the user to be validated and login successfully. >> It redirects back to login page only. >> >> Any suggestion to look into specifically. >> >> We see this issue when we hit the load balance url but not when we >> directly access the server url. >> >> Thanks, >> Jay >> >> On Thursday, May 17, 2018 at 11:46:17 AM UTC-5, rbon wrote: >> >> Jay, >> >> I seem to recall a message like this was produced because of a 'feature' >> to clear out the flow if it sat for too long. It would show up periodically >> and had no bearing on how long the user took to log in. >> Does it cause a problem? >> >> Ray >> >> On Thu, 2018-05-17 at 01:16 -0700, Jay wrote: >> >> Hello everyone, >> >> We have CAS application running in Tomcat in two different instances and >> load balanced by a F5 url. >> Any application is configured with the F5 url for login authentication >> and authorization. >> >> We have customized the url to *https://<cas.server>/las/v3/login* >> (Naming the war file as *las#v3.war* sets the context path here) >> >> When I use individual server instance login/logout works absolutely fine. >> (i.e. *<cas.server.instance1>:<port>/las/v3/login* ) >> >> We see below error after we give the user credential and clink on login >> button. >> >> 2018-05-17 01:49:36,786 DEBUG >> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <*Error getting >> flow information for URL* >> [/las/v3/login?service=http%3A%2F%2Flocalhost%3A3001%2Flogin%3Fdestination%3D%252Fconfiguration%252Faccounts%252F34864%252FproductLines%252FPrismPostPD%252Ftemplates%252F311]> >> >> [m >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepositoryException: >> Error decoding flow execution >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:99) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) >> >> ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_31] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_31] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_31] >> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at com.sun.proxy.$Proxy165.resumeExecution(Unknown Source) ~[?:?] >> at >> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) >> >> ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) >> ~[servlet-api.jar:?] >> at >> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) >> ~[servlet-api.jar:?] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> ~[tomcat-websocket.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:30) >> >> ~[cas-server-core-web-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:237) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) >> >> ~[spring-boot-actuator-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91) >> >> ~[cas-server-core-logging-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) >> >> ~[spring-boot-actuator-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) >> >> ~[inspektr-common-1.8.1.GA.jar:1.8.1.GA] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) >> >> ~[log4j-web-2.10.0.jar:2.10.0] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) >> ~[catalina.jar:8.0.29] >> at >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:277) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> >> ~[?:1.8.0_31] >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> >> ~[?:1.8.0_31] >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> >> ~[tomcat-util.jar:8.0.29] >> at java.lang.Thread.run(Thread.java:745) [?:1.8.0_31] >> Caused by: java.io.IOException: Decryption error >> at >> org.apereo.spring.webflow.plugin.EncryptedTranscoder.decode(EncryptedTranscoder.java:107) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:94) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> ... 90 more >> Caused by: java.lang.IllegalArgumentException: Null input buffer >> at javax.crypto.Cipher.doFinal(Cipher.java:2117) ~[?:1.8.0_25] >> at >> org.apereo.cas.util.cipher.BaseBinaryCipherExecutor.decode(BaseBinaryCipherExecutor.java:83) >> >> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apereo.cas.util.cipher.BaseBinaryCipherExecutor.decode(BaseBinaryCipherExecutor.java:30) >> >> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_31] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_31] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_31] >> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at com.sun.proxy.$Proxy161.decode(Unknown Source) ~[?:?] >> at >> org.apereo.cas.web.flow.executor.WebflowCipherBean.decrypt(WebflowCipherBean.java:36) >> >> ~[cas-server-core-webflow-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apereo.spring.webflow.plugin.EncryptedTranscoder.decode(EncryptedTranscoder.java:105) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:94) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> ... 90 more >> >> >> Any help in this regards would be much appreciated. >> >> Thanks, >> Jay >> >> -- >> Ray Bon >> Programmer analyst >> Development Services, University Systems2507218831 | CLE 019 | rb...@uvic.ca >> >> >> -- >> Ray Bon >> Programmer analyst >> Development Services, University Systems >> >> 2507218831 | CLE 019 | rb...@uvic.ca <javascript:> >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526657965.1817.99.camel%40uvic.ca >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526657965.1817.99.camel%40uvic.ca?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2444709a-060e-4d1f-ace9-cfccd80e7c94%40apereo.org.
