Hi Jérôme,
I am not 100% sure, if it maybe a edge bug with CAS server itself.
Basically its an issue when serialising the session, there is no problem
when executing code only when trying to serialise the session and that made
the problem hard to track. Basically I had two beans that were session
scoped and proxy class targeted and the serialisation did not like one of
those session scope.
The first session is about user information that is required to enable
talking between our Enterprise Service Bus (ESB) and our systems. We
configure this once and store it the session. This bean is still stored in
the session.
The second session bean use to do a lot more that it does not and has been
reconfigured. Now it only configures the User Information and no longer
need to be stored in the session. The second session bean also stores a
reference to the first session bean and I think that is where the problem
lies.
This beans a located in services module that is used across multiple
projects without a problem.
I think there maybe a problem with CAS regarding authentication handlers. I
initially tried to add additional authentication handler that ran after the
main ClientAuthenticationHandler it did not fire. I will do some testing
today now that CAS is functioning and get back to if there is a problem
I have set cas.authn.policy.all.enabled=true as well
Regards,
Colin
On Tuesday, 25 September 2018 18:05:09 UTC+10, leleuj wrote:
>
> Hi,
>
> Was it a bug on your customization or something from the CAS server itself?
> Thanks.
> Best regards,
> Jérôme
>
>
> On Tue, Sep 25, 2018 at 4:37 AM Colin Wilkinson <wilc...@gmail.com
> <javascript:>> wrote:
>
>> Hi,
>>
>> I have worked out what the issue was. It one of the scope session beans
>> being loaded after the initial request that was causing the issue.
>>
>> Regards,
>>
>> On Monday, 24 September 2018 15:59:52 UTC+10, Colin Wilkinson wrote:
>>>
>>> Hi,
>>>
>>> We at working are looking at implementing delegated authentication for
>>> facebook, google, twitter, etc but there seems to be a weird issue with it.
>>> A little bit of background we have extended the delegated authentication as
>>> we need to map the email associated with facebook for instance back to a
>>> staff or student account. If the email has no association then we navigate
>>> to a registration screen which the user input a user name and password
>>> otherwise it logs the staff or student in. If staff or student follow the
>>> flow as designed then all works fine and there is no issue. If the staff or
>>> student registers using the username and password provided I trigger the
>>> form authentication.
>>>
>>> The issue arises if the user does not navigate as expected, if when they
>>> get the registration screen they realised they have clicked the wrong
>>> client and decided to go back to the main login screen and choose the right
>>> client I am receiving
>>>
>>> org.springframework.web.util.NestedServletException: Handler dispatch
>>> failed; nested exception is java.lang.OutOfMemoryError: Java heap space
>>>
>>>
>>> I am certain its not the modifications I have made as its failing before
>>> the call to redirect to the client has happened the problem in the
>>> "DelegatedClientNavigationController" class with the following line, place
>>> debug statement proceeding the call and debug statement after the call.
>>>
>>>
>>> this.delegatedSessionCookieManager.store(webContext);
>>>
>>> The main dev cas server is running 16gb of ram as initially it was only
>>> running 8gb of ram.
>>>
>>> The possible steps to replicate the issue are as followings
>>>
>>> 1. Navigate to CAS
>>> 2. Click Facebook (Authentication must fail)
>>> 3. Redirected back to login screen (Upon redirecting back PAC4J
>>> clients list goes missing)
>>> 4. Navigate back to CAS so that clients are there
>>> 5. Click Facebook should get a heap space error.
>>>
>>> I have tried this with both 5.3.3 and 5.3.4-SNAPSHOT with no success.
>>>
>>> The dump statement where as follows
>>>
>>> LOGGER.debug("PRIOR TO CALLING DELEGTED SESSION COOKIE MANAGER STORE");
>>> this.delegatedSessionCookieManager.store(webContext);
>>> LOGGER.debug("AFTER TO CALLING DELEGTED SESSION COOKIE MANAGER STORE");
>>>
>>>
>>> Attached are is the success results and the heap space error results.
>>>
>>> I apologise if this does not make sense.
>>>
>>> Regards,
>>> Colin
>>>
>>>
>>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/cbf7bd25-bc0d-44b8-92dd-40b8e7d653c3%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/cbf7bd25-bc0d-44b8-92dd-40b8e7d653c3%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7e833856-21df-4d52-adb2-a84c1a043fcc%40apereo.org.
