Thanks Ray for staying on this!! I finally figured this out. My Login page is loading some JS and CSS file. One of the JS does not exist, returning 404. That apparently caused the problem. Once I removed that non-existing JS, it works!
Yan On Thursday, February 7, 2019 at 7:31:02 PM UTC-5, rbon wrote: > > Yan, > > Use your browser development tools to see if there is an unexpected > redirect. If there is, that would be where the service param is lost. > The service is part of the url and not a form variable. > > Ray > > On Thu, 2019-02-07 at 16:04 -0800, Yan Zhou wrote: > > Thanks for reading through such long logs. I appreciate it! > > I am getting closer. With the one missing service parameter, it is because > when the login form submits, it is missing service parameter to begin > with. CAS code confirmed the behavior. > > the FORM POST did not have service parameter to begin with > > 127.0.0.1 - - [07/Feb/2019:18:47:09 -0500] "POST /cas5/login HTTP/1.1" 401 > 18021 <== this happens to my form when I submit login form after > entering incorrect credential > > 127.0.0.1 - - [07/Feb/2019:18:52:43 -0500] "POST /cas5/login?service= > https://test.com HTTP/1.1" 401 18184 <== this happens at the > simple overlay app > > Now the question is, how did I get here? I am using essentially the same > form, not sure why one appends service parameter but the other does not. > > <form method="post" id="fm1" *action="login" *class="login__form md-block > layout-align-center-center layout-column ng-valid ng-valid-required" > _lpchecked="1" > > > <md-input-container class="md-block layout-fill md-has-icon > md-input-has-value" layout-fill=""> > <label for="username">Username</label> > <input type="text" ng-model="vm.username" required="" name="username" > id="username" class="qd-text-input md-input ng-not-empty ng-dirty > ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" > tabindex="1" value="" aria-invalid="false" style="background-image: > url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAAAXNSR0IArs4c6QAAAUBJREFUOBGVVE2ORUAQLvIS4gwzEysHkHgnkMiEc4zEJXCMNwtWTmDh3UGcYoaFhZUFCzFVnu4wIaiE+vvq6+6qTgthGH6O4/jA7x1OiCAIPwj7CoLgSXDxSjEVzAt9k01CBKdWfsFf/2WNuEwc2YqigKZpK9glAlVVwTTNbQJZlnlCkiTAZnF/mePB2biRdhwHdF2HJEmgaRrwPA+qqoI4jle5/8XkXzrCFoHg+/5ICdpm13UTho7Q9/0WnsfwiL/ouHwHrJgQR8WEwVG+oXpMPaDAkdzvd7AsC8qyhCiKJjiRnCKwbRsMw9hcQ5zv9maSBeu6hjRNYRgGFuKaCNwjkjzPoSiK1d1gDDecQobOBwswzabD/D3Np7AHOIrvNpHmPI+Kc2RZBm3bcp8wuwSIot7QQ0PznoR6wYSK0Xb/AGVLcWwc7Ng3AAAAAElFTkSuQmCC"); > > background-repeat: no-repeat; background-attachment: scroll; > background-size: 16px 18px; background-position: 98% 50%; cursor: > auto;"><div class="md-errors-spacer"></div><md-icon class="icon-user > ng-isolate-scope material-icons" aria-hidden="true"></md-icon> > </md-input-container> > > <md-input-container class="md-block layout-fill md-has-icon > md-input-has-value" layout-fill=""> > <label for="password">Password</label> > <input type="password" ng-model="vm.password" required="" name="password" > id="password" class="qd-text-input md-input ng-not-empty ng-dirty > ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" > tabindex="2" value="" aria-invalid="false" style="background-image: > url("data:image/png;base64,iVBORw.........3AAAAAElFTkSuQmCC"); > background-repeat: no-repeat; background-attachment: scroll; > background-size: 16px 18px; background-position: 98% 50%; cursor: > auto;"><div class="md-errors-spacer"></div><md-icon class="icon-lock > ng-isolate-scope material-icons" aria-hidden="true"></md-icon> > <div class="hint">Password is case-sensitive</div> > </md-input-container> > > <button class="md-raised qd-button login__button md-button md-ink-ripple" > type="submit" ng-transclude="" tabindex="6" ng-disabled="!vm.username || > !vm.password" aria-label="Login"><span > class="ng-scope">Login</span></button> > > <input type="hidden" name="geolocation"><input type="hidden" > name="execution" > value="27f6679d-4caf-4671-bf76-..................................."> > <input type="hidden" name="_eventId" value="submit"> > </form> > > > > On Thursday, February 7, 2019 at 5:12:32 PM UTC-5, rbon wrote: > > Yan, > > In the preserved parameter log, checkForPswdResetToken exists between > initializeLoginForm and viewLoginForm. It is missing in yours. > > Ray > > On Thu, 2019-02-07 at 12:04 -0800, Yan Zhou wrote: > > Hi, > > thanks for the help, I have not used the customized webflow class Ray > provided, because I do not know how to yet. I was looking into this by > comparing debug level logging. > > What I did is to compare the two projects, one is a simple cas5.3.x > overlay and the other is mine (after removing any customization of login > flow). Still the simple overlay preserves service parameter, and mine does > not, even after I removed all customization done to the flow (apparently > there must be still some subtle changes to the flow, I just do not know > what it is). > > For some reason, my flowExecutionUrl lost service parameter. > > *This is mine that lost service parameter after incorrect user credential.* > > 2019-02-07 10:42:08,403 DEBUG > [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - > <Resolved single event [authenticationFailure] via > [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] > > for this context> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.InitialAuthenticationAction@1d082ed8; > result = authenticationFailure> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@1c04a306 expression = > authenticationViaFormAction, resultExpression = [null]]; result = > authenticationFailure> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@69b93ff2 on = authenticationFailure, to = > handleAuthenticationFailure]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'realSubmit'> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'handleAuthenticationFailure' of flow 'login'> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@5a7334d4 expression = authenticationExceptionHandler, > resultExpression = [null]]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6> > 2019-02-07 10:42:08,404 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located current event [authenticationFailure]> > 2019-02-07 10:42:08,404 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located error attribute [class > org.apereo.cas.authentication.AuthenticationException] with message [1 > errors, 0 successes] from the current event> > 2019-02-07 10:42:08,406 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Unable to translate handler errors of the authentication exception > [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 > successes]. Returning [UNKNOWN]> > 2019-02-07 10:42:08,409 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Final event id resolved from the error is [UNKNOWN]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6; > result = UNKNOWN> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@5a7334d4 expression = > authenticationExceptionHandler, resultExpression = [null]]; result = > UNKNOWN> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@4b9fecdf on = *, to = initializeLoginForm]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'handleAuthenticationFailure'> > > > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'initializeLoginForm' of flow 'login'> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@2b48526a expression = initializeLoginAction, > resultExpression = [null]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Putting action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394> > 2019-02-07 10:42:08,410 INFO > [org.apereo.cas.web.flow.login.InitializeLoginAction] - <Initialized Quest > login sequence, original request URL: http://localhost:8180/cas5/login> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394; > result = success> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@2b48526a expression = initializeLoginAction, > resultExpression = [null]]; result = success> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@75b36a3f on = success, to = viewLoginForm]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'initializeLoginForm'> > .............................. > > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.ViewState] - <Entering state > 'viewLoginForm' of flow 'login'> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key > 2551e999-88a9-4540-b31a..................................> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - <Rendering + > [ServletMvcView@30813248 view = > org.thymeleaf.spring4.view.ThymeleafView@6781c9ef]> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - < Flash scope = > map[[empty]]> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - < Messages = > [DefaultMessageContext@54943838 sourceMessages = map[[null] -> > list[[Message@46ab2bcf source = [null], severity = ERROR, text = 'Invalid > credentials.']]]]> > > 2019-02-07 10:42:08,418 DEBUG > [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC > [org.thymeleaf.spring4.view.ThymeleafView@6781c9ef] with model map > [{passwordManagementEnabled=true, viewScope=map[[empty]], > warnCookieValue=false, > org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: > > 1 errors > Error in object 'credential': codes []; arguments []; default message > [Invalid credentials.], staticAuthentication=false, > *flowExecutionUrl=/cas5/login?username=fd&password=f* > &geolocation=&execution=6334l1YjRDZ5X0Qzb21tZ3pKaXRWRmJxSlRB........, > service=AbstractWebApplicationService(id=https://test.com, originalUrl= > https://test.com, artifactId=null, principal=null, source=service, > loggedOutAlready=false, format=XML, > attributes={}), ticketGrantingTicketId=null, > googleAnalyticsTrackingId=null, trackGeoLocation=false, > flashScope=map[[empty]], > registeredService=AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, > description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, > includeOnlyAttributes=null), authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[]), > doChangePassword=false}]> > > ================================================ > > *the following is the one preserved service parameter after incorrect > credential.* > > 2019-02-07 09:27:55,199 DEBUG > [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - > <Resolved single event [authenticationFailure] via > [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] > > for this context> > 2019-02-07 09:27:55,199 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.InitialAuthenticationAction@723fc09a; > result = authenticationFailure> > 2019-02-07 09:27:55,199 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@1c4ec4ac expression = > authenticationViaFormAction, resultExpression = [null]]; result = > authenticationFailure> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@7919640a on = authenticationFailure, to = > handleAuthenticationFailure]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'realSubmit'> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'handleAuthenticationFailure' of flow 'login'> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@522dccba expression = authenticationExceptionHandler, > resultExpression = [null]]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4> > 2019-02-07 09:27:55,200 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located current event [authenticationFailure]> > 2019-02-07 09:27:55,200 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located error attribute [class > org.apereo.cas.authentication.AuthenticationException] with message [0 > errors, 0 successes] from the current event> > 2019-02-07 09:27:55,202 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Unable to translate handler errors of the authentication exception > [org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 > successes]. Returning [UNKNOWN]> > 2019-02-07 09:27:55,205 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Final event id resolved from the error is [UNKNOWN]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4; > > result = UNKNOWN> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@522dccba expression = > authenticationExceptionHandler, resultExpression = [null]]; result = > UNKNOWN> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@51381f10 on = *, to = initializeLoginForm]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'handleAuthenticationFailure'> > > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'initializeLoginForm' of flow 'login'> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@2d85dcb3 expression = initializeLoginAction, > resultExpression = [null]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Putting action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7; > result = success> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@2d85dcb3 expression = initializeLoginAction, > resultExpression = [null]]; result = success> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@3965ba70 on = success, to = checkForPswdResetToken]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'initializeLoginForm'> > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.DecisionState] - <Entering state > 'checkForPswdResetToken' of flow 'login'> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@6fccb97d on = *, to = viewLoginForm]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'checkForPswdResetToken'> > > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.ViewState] - <Entering state > 'viewLoginForm' of flow 'login'> > 2019-02-07 09:27:55,212 DEBUG > [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key > 5a4a05e9-4f13-41e8-859a-........................................> > 2019-02-07 09:27:55,212 WARN > [org.apereo.cas.services.web.RegisteredServiceThemeResolver] - <Custom > theme [hcp] for service [AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, includeOnlyAttributes=null), > authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[])] cannot > be located. Falling back to default theme...> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - <Rendering + > [ServletMvcView@2fa3b937 view = > org.thymeleaf.spring4.view.ThymeleafView@16f0e998]> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - < Flash scope = > map[[empty]]> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - < Messages = > [DefaultMessageContext@133c6c9b sourceMessages = map[[null] -> > list[[Message@728eb6f7 source = [null], severity = ERROR, text = 'Invalid > credentials.']]]]> > > 2019-02-07 09:27:55,216 DEBUG > [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC > [org.thymeleaf.spring4.view.ThymeleafView@16f0e998] with model map > [{passwordManagementEnabled=true, viewScope=map[[empty]], > warnCookieValue=false, > org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: > > 1 errors > Error in object 'credential': codes []; arguments []; default message > [Invalid credentials.], staticAuthentication=false, > *flowExecutionUrl=/cas5/login?service=https%3A%2F%2Ftest.com* > &username=d&password=dd&geolocation=&execution=3594802e-...................VR, > > service=AbstractWebApplicationService(id=https://test.com, originalUrl= > https://test.com, artifactId=null, principal=null, source=service, > loggedOutAlready=false, format=XML, > attributes={}), ticketGrantingTicketId=null, > googleAnalyticsTrackingId=null, trackGeoLocation=false, > flashScope=map[[empty]], > registeredService=AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, > description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, includeOnlyAttributes=null), > authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[]), > doChangePassword=false}]> > > > > > On Wednesday, February 6, 2019 at 6:12:52 PM UTC-5, Colin Wilkinson wrote: > > Hi Yan, > > As Ray correct pointed out the XML webflow defined is a basic starting > point, if search through the you find alot of class extending > Cas*Webflow*Configurer > this include the DefaultLoginWebflowConfigurer. > > During our upgrade from I noticed the same issue that at times the service > parameter was going missing, but the page worked fine as long as I did NOT > do a refresh. From my investigation the service parameter is stored upon > entry into CAS and as long as the page is not force refresh from the user > without the service parameter then CAS should work fine. > > During my investigation I found the following redirect, > <end-state id="redirectView" view="externalRedirect:#{requestScope.url}"/> > > They redirect without the query parameters. There is also a > redirectToLogin as well. > <end-state id="redirectToLogin" view="externalRedirect:#{'login'}"/> > > Given that you have started invalid credentials then its more than likely > going down the "<transition on="authenticationFailure" > to="handleAuthenticationFailure"/>" code and not even hitting your code. > > > Regards, > Colin > > On Thursday, 7 February 2019 05:00:05 UTC+11, Yan Zhou wrote: > > Hi there, > > I extended CAS 5.3.4. The app. redirects to CAS login page with service > parameter. > > When I type incorrect credential, I saw the invalid credential message, > but I lost service parameter, the screen refreshes to have only the CAS url. > > What could be missing in my code? > > Thx! > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] <javascript:> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/05559277-316b-4a83-8f26-ff117891a4d9%40apereo.org.
