Hi Baron,

> ... shared session mechanism ...
I agree with Travis, without shared session some function (e.g. OAuth, 
pac4j...) of CAS might not work properly.

To verified that shared session might or might not be a problem, *try 
minimize your cluster to only a single node*, if that worked, then it will 
likely be the problem of shared session.

> Debug log
The problem is definitely not in [/oauth2.0/callbackAuthorize], it is in 
the validation of CAS ticket. Other might have a better idea, I am not too 
familiar with CAS ticket and how that is validated.

> while we have medium to longer term plans to upgrade to 5.3, upgrading 
from 5.0 is not an option in the short term
Well if you have a development environment, then it might worth your time 
to check it out, if all the other methods failed that is.

Cheers!
- Andy

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/355c4281-e2cc-4af2-bd50-e22df4e76eb3%40apereo.org.

Reply via email to