Debian,
Add this to your log4j2.xml
<AsyncLogger name="package.GroovyRegisteredAccessStrategy" level="debug"/>
replacing 'package' with the package of your class.
Add this as the first line of doPrincipalAttributesAllowServiceAccess method:
log.error("doPrincipalAttributesAllowServiceAccess: " +
attributes.get('udlAccountStatus'))
Log level does not have to be 'error', but this way it will definitely show in
the logs and 'should be' the only ERROR listed.
This way you will know when/if your method is called and the value of
udlAccountStatus.
Ray
On Mon, 2019-06-03 at 06:00 -0700, Debian HNT wrote:
Ray,
In my log4j2.xml I have this
<AsyncLogger
name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy"
level="debug"/>
<AsyncLogger
name="org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy"
level="debug"/>
When access is granted I have this in my logs
8430:2019-06-03 14:13:39,963 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Initiating attributes release phase for principal [student1.stu] accessing
service [https://castete.univ.com/cas/status/dashboard] defined by registered
service [^https://castete.univ.com/cas/status/dashboard(\z|/.*)]...>
8431:2019-06-03 14:13:39,972 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Locating principal attributes for [student1.stu]>
8432:2019-06-03 14:13:39,973 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Using principal attribute repository [DefaultPrincipalAttributesRepository()]
to retrieve attributes>
8433:2019-06-03 14:13:39,974 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Found principal attributes [{supannAliasLogin=[student1.stu],
udlAccountStatus=[Active]}] for [student1.stu]>
8434:2019-06-03 14:13:39,976 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Calling attribute policy [ReturnAllAttributeReleasePolicy] to process
attributes for [student1.stu]>
8435:2019-06-03 14:13:39,977 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Attribute policy [ReturnAllAttributeReleasePolicy] allows release of
[{supannAliasLogin=[student1.stu], udlAccountStatus=[Active]}] for
[student1.stu>
8436:2019-06-03 14:13:39,984 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Attempting to merge policy attributes and default attributes>
8437:2019-06-03 14:13:39,984 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Checking default attribute policy attributes>
8438:2019-06-03 14:13:39,985 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Located application context. Retrieving default attributes for release, if any>
8439:2019-06-03 14:13:39,988 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Default attributes for release are: [[]]>
8440:2019-06-03 14:13:39,993 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Default attributes found to be released are [{}]>
8441:2019-06-03 14:13:39,993 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Adding default attributes first to the released set of attributes>
8442:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Adding policy attributes to the released set of attributes>
8443:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Finalizing attributes release phase for principal [student1.stu] accessing
service [https://castete.univ.com/cas/status/dashboard] defined by registered
service [^https://castete.univ.com/cas/status/dashboard(\z|/.*)]...>
8444:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Final collection of attributes allowed are: [{supannAliasLogin=[student1.stu],
udlAccountStatus=[Active]}]>
8430:2019-06-03 14:13:39,963 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Initiating attributes release phase for principal [student1.stu] accessing
service [https://castete.univ.com/cas/status/dashboard] defined by registered
service [^https://castete.univ.com/cas/status/dashboard(\z|/.*)]...>
8431:2019-06-03 14:13:39,972 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Locating principal attributes for [student1.stu]>
8432:2019-06-03 14:13:39,973 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Using principal attribute repository [DefaultPrincipalAttributesRepository()]
to retrieve attributes>
8433:2019-06-03 14:13:39,974 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Found principal attributes [{supannAliasLogin=[student1.stu],
udlAccountStatus=[Active]}] for [student1.stu]>
8434:2019-06-03 14:13:39,976 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Calling attribute policy [ReturnAllAttributeReleasePolicy] to process
attributes for [student1.stu]>
8435:2019-06-03 14:13:39,977 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Attribute policy [ReturnAllAttributeReleasePolicy] allows release of
[{supannAliasLogin=[student1.stu], udlAccountStatus=[Active]}] for
[student1.stu]>
8436:2019-06-03 14:13:39,984 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Attempting to merge policy attributes and default attributes>
8437:2019-06-03 14:13:39,984 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Checking default attribute policy attributes>
8438:2019-06-03 14:13:39,985 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Located application context. Retrieving default attributes for release, if any>
8439:2019-06-03 14:13:39,988 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Default attributes for release are: [[]]>
8440:2019-06-03 14:13:39,993 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Default attributes found to be released are [{}]>
8441:2019-06-03 14:13:39,993 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Adding default attributes first to the released set of attributes>
8442:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Adding policy attributes to the released set of attributes>
8443:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Finalizing attributes release phase for principal [student1.stu] accessing
service [https://castete.univ.com/cas/status/dashboard] defined by registered
service [^https://castete.univ.com/cas/status/dashboard(\z|/.*)]...>
8444:2019-06-03 14:13:39,994 DEBUG
[org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] -
<Final collection of attributes allowed are: [{supannAliasLogin=[student1.stu],
udlAccountStatus=[Active]}]>
But when I try to test my waiting/blocked acc access is denied. In my logs I
just have ldaptive DEBUG
2019-06-03 14:50:45,673 INFO [org.ldaptive.auth.Authenticator] -
<Authentication succeeded for dn: uid=82853,ou=accounts,dc=univ,dc=com>
2019-06-03 14:50:45,673 DEBUG [org.ldaptive.auth.Authenticator] - <authenticate
response=[org.ldaptive.auth.AuthenticationHandlerResponse@1390045036::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1074313305::config=[org.ldaptive.ConnectionConfig@1599162410::ldapUrl=ldap://ldap.univ.com,
connectTimeout=PT5S, responseTimeout=PT5S,
sslConfig=[org.ldaptive.ssl.SslConfig@1022689743::credentialConfig=null,
trustManagers=null,
hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@5afc0982,
hostnameVerifierConfig=null, enabledCipherSuites=null, enabledProtocols=null,
handshakeCompletedListeners=null], useSSL=true, useStartTLS=false,
connectionInitializer=[org.ldaptive.BindConnectionInitializer@202489594::bindDn=uid=reverseproxy,ou=ldapusers,dc=univ,dc=com,
bindSaslConfig=null, bindControls=null],
connectionStrategy=org.ldaptive.DefaultConnectionStrategy@59d4b74a],
providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@156261501::metadata=[ldapUrl=ldap://ldap.univ.com,
count=1],
environment={java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory,
com.sun.jndi.ldap.connect.timeout=5000, java.naming.ldap.version=3,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.protocol=ssl, com.sun.jndi.ldap.read.timeout=5000},
classLoader=null,
providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@1341079820::operationExceptionResultCodes=[PROTOCOL_ERROR,
SERVER_DOWN], properties={},
controlProcessor=org.ldaptive.provider.ControlProcessor@6a7e6832,
environment=null, tracePackets=null, removeDnUrls=true,
searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED,
PARTIAL_RESULTS], classLoader=null, sslSocketFactory=null,
hostnameVerifier=null]],
providerConnection=org.ldaptive.provider.jndi.JndiConnection@390a5cde],
result=true, resultCode=SUCCESS, message=null, controls=null] for
dn=uid=82853,ou=accounts,dc=univ,dc=com with
request=[org.ldaptive.auth.AuthenticationRequest@1020927553::user=[org.ldaptive.auth.User@86711528::identifier=student1.stu,
context=null], returnAttributes=[udlAccountStatus, supannAliasLogin],
controls=null]>
2019-06-03 14:50:45,675 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: student1.stu
WHAT: Supplied credentials: [UsernamePasswordCredential(username=student1.stu)]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Mon Jun 03 14:50:45 CEST 2019
CLIENT IP ADDRESS: 134.206.4.15
SERVER IP ADDRESS: 194.254.129.15
=============================================================
>
2019-06-03 14:50:45,677 WARN
[org.apereo.cas.services.RegisteredServiceAccessStrategyUtils] - <Cannot grant
access to service [https://castete.univ.com/cas/status/dashboard] because it is
not authorized for use by [student1.stu].>
2019-06-03 14:50:45,678 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: student1.stu
WHAT: [result=Service Access
Denied,service=https://castete.univ.com/cas/sta...,principal=SimplePrincipal(id=student1.stu,
attributes={udlAccountStatus=[Active],
supannAliasLogin=[student1.stu]}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Mon Jun 03 14:50:45 CEST 2019
CLIENT IP ADDRESS: 134.206.4.15
SERVER IP ADDRESS: 194.254.129.15
=============================================================
Dont know if I have configured logs correctly because I dont see whats
happening when access is denied...
thanks for your time...
Debian,
Ray,
Thanks a lot for your response.
If it is neither 'blocked' nor 'waiting' access should be granted
Debian,
Debian,
To know what is happening in your code, add logging statements!!!
If you modify your code, you have to remember to un-modify it. Too easy to
forget a change and release to production.
I have not used groovy scripting in CAS. Can you write unit tests? This will
let you know that your logic is correct.
Logging and unit tests can both be permanent in your code base. Logging can be
adjusted at runtime (log4j2.xml) in case an unexpected behaviour shows up.
If you are going to test runtime behaviour (different redirects) you should
have need test users with appropriate attributes (at least 3 in your case). Or
modify one user at the attribute store.
Testing is important! Make sure you have all the parts you need.
As far as why the code is not working, is it possible that
getUnauthorizedRedirectUrl is called before
doPrincipalAttributesAllowServiceAccess? You can check this with logging (easy
way) or trace the method calls in CAS source (more challenging).
In getUnauthorizedRedirectUrl, there is no default case. What happens if it is
neither 'Blocked' nor 'Waiting'?
Ray
On Wed, 2019-05-29 at 01:37 -0700, Debian HNT wrote:
Hi Ray,
I'm trying to implement dynamic url redirect, here's my code :
import org.apereo.cas.services.*
import java.util.*
import java.net.URI
class GroovyRegisteredAccessStrategy extends
DefaultRegisteredServiceAccessStrategy {
final String accountStatus
@Override
boolean isServiceAccessAllowed() {
return true
}
@Override
boolean isServiceAccessAllowedForSso() {
return true
}
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attribu$
if(attributes.get('udlAccountStatus').contains('Active')) {
this.accountStatus == 'Active'
return true
} else if (attributes.get('udlAccountStatus').contains('Waiting')) {
this.accountStatus == 'Waiting'
return false
} else if (attributes.get('udlAccountStatus').contains('Blocked')) {
this.accountStatus == 'Blocked'
return false
} else {
return false
}
}
@Override
java.net.URI getUnauthorizedRedirectUrl() {
if (this.accountStatus == 'Blocked') {
return new URI('https://cas-univ.com/blocked.html')
} else if (this.accountStatus == 'Waiting') {
return new URI('https://cas-univ.com/waiting.html')
}
}
}
For Active account it works, but when I try waiting or blocked account, my
access is denied (CAS message, no erros logs). I don't have a blocked/waiting
account so I set my code like this to try :
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attribu$
if(attributes.get('udlAccountStatus').contains('Active')) {
this.accountStatus == 'Waiting'
return false
} else if (attributes.get('udlAccountStatus').contains('Waiting)) {
this.accountStatus == 'Waiting'
return false
} else if (attributes.get('udlAccountStatus').contains('Blocked')) {
this.accountStatus == 'Blocked'
return false
} else {
return false
}
}
@Override
java.net.URI getUnauthorizedRedirectUrl() {
if (this.accountStatus == 'Blocked') {
return new URI('https://cas-univ.com/blocked.html')
} else if (this.accountStatus == 'Waiting') {
return new URI('https://cas-univ.com/waiting.html')
}
}
}
any suggest? is my code correct?
Thanks in advance..
Hi Ray,
Thanks for your response and idea, I managed to make it work !
Best regards,
Debian,
'Principal' is what the logged in user is called. Think of it as a box
containing id, attributes, etc.
Ray
On Mon, 2019-05-27 at 04:31 -0700, Debian HNT wrote:
Hi Ray,
It is a message that CAS is displaying "Service access denied due to missing
privileges."
Here's the logs
2019-05-27 13:02:15,646 WARN
[org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] -
<Unauthorized service access for principal; CAS will be redirecting to
[https://castete.univ.com/aide/blocked.html]>
2019-05-27 13:02:53,173 WARN
[org.apereo.cas.services.RegisteredServiceAccessStrategyUtils] - <Cannot grant
access to service [https://castete.univ.com/cas/status/dashboard] because it is
not authorized for use by [student.stu].>
2019-05-27 13:02:53,174 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: [result=Service Access
Denied,service=https://castete.univ.com/cas/sta...,principal=SimplePrincipal(id=student.stu,
attributes={udlAccountStatus=[Active],
supannAliasLogin=[student.stu]}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Mon May 27 13:02:53 CEST 2019
I feel like the code doesnt work because my student.stu has his
udlAccountStatus to Active so I should access to the service?
Can you explain me the "String principal"? not sure if I understand correctly...
thanks for your time,
Debian,
When you say 'access is denied', is that a message that CAS is displaying or is
that your service (admusers.properties sounds like your service)?
Check CAS logs to see what is happening (you may need to add logging to you
custom code).
Ray
On Fri, 2019-05-24 at 00:01 -0700, Debian HNT wrote:
Hello Ray,
Thanks for your answer, the conf seems to be ok, I can access to the log in
page of the service but when I try to connect with my ID, the access is denied.
Before using groovy script I was able to access the service... I've checked my
admusers.properties and my account is set to ROLE_ADMIN
The boolean isServiceAccessAllowed is "return true"
class GroovyRegisteredAccessStrategy extends
DefaultRegisteredServiceAccessStrategy {
@Override
boolean isServiceAccessAllowed() {
return true
}
Thanks in advance
Debian,
Skip the for loop. If you know the attribute key, check it directly (sorry
about the use of map in my previous example):
if ('Active' == attributes.get('udlAccountStatus'))
Also, from a programming perspective, entrySet returns a Set<Map.Entry<String,
Object>>.
Ray
On Thu, 2019-05-23 at 06:59 -0700, Debian HNT wrote:
Ray,
Excuse me for the inconvenience but I still have errors...
I've tried your syntax
import org.apereo.cas.services.*
import java.util.*
class GroovyRegisteredAccessStrategy extends
DefaultRegisteredServiceAccessStrategy {
@Override
boolean isServiceAccessAllowed() {
return true
}
@Override
boolean isServiceAccessAllowedForSso() {
return true
}
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attributes) {
for (Map.Entry<String, Object> entry : attributes.entrySet()){
if ('Active' == map.get('udlAccountStatus')) {return true}
else
{return false}
}
}
}
I have this error
2019-05-23 15:46:04,201 WARN
[org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
- <No such property: map for class: GroovyRegisteredAccessStrategy>
groovy.lang.MissingPropertyException: No such property: map for class:
GroovyRegisteredAccessStrategy
I've tried this
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attributes) {
for (Map.Entry<String, Object> entry : attributes.entrySet()){
if ('Active' == entry.getKey('udlAccountStatus')) {return true}
else
{return false}
}
}
}
but I have this error
2019-05-23 15:38:52,086 WARN
[org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
- <No signature of method: java.util.LinkedHashMap$Entry.getKey() is
applicable for argument types: (java.lang.String) values: [udlAccountStatus]
Possible solutions: getKey(), getAt(java.lang.String), notify(), grep(),
every(), every(groovy.lang.Closure)>
When I try to use the Possible solutions with getKey()
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attributes) {
for (Map.Entry<String, Object> entry : attributes.entrySet()){
if ('Active' == getKey('udlAccountStatus')) {return true}
else
{return false}
}
}
}
I have this error
2019-05-23 15:45:03,124 WARN
[org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
- <No signature of method: GroovyRegisteredAccessStrategy.getKey() is
applicable for argument types: (java.lang.String) values: [udlAccountStatus]
Possible solutions: getAt(java.lang.String), notify(), getOrder(), grep(),
every(), every(groovy.lang.Closure)>
any suggestions?
Thanks in advance...
Debian,
I should have looked closer at your method logic.
>From the method name I suspect that method checks an attribute to determine
>service access. This is what you originally proposed 'attribute = Active'.
You will need to know what attributes you have. You can add logging to the
method or increase logging in general:
<!-- DEBUG Found principal attributes [...] for [username]
Attribute policy [???] allows release of [...] for [username]
Final collection of attributes allowed are: [...] -->
<AsyncLogger
name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy"
level="debug"/>
I also have this in my logging config:
<!-- DEBUG Skipping access strategy policy - when no attributes rules
are defined
These required attributes [...] are examined against [...]
before service can proceed - when attrubutes are defined -->
<AsyncLogger
name="org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy"
level="warn"/>
Because CAS can perform the access / deny part of your requirements. Service
configuration can set an attribute and a value that a user must have to allow
access.
Since you are trying to modify the redirect URL (you have a third option), you
might have to modify the web flow.
In general, for your method you will have a check like this
if ('Active' == map.get('attribute')) {return true}
Ray
On Wed, 2019-05-22 at 00:49 -0700, Debian HNT wrote:
Ray,
Thanks for your answer!
I've changed the variable to attributes but it doesnt repair the issue.
I dont understand how to set principal to my attribute : account and how to
configure the map to active/blocked/waiting?
I'm not sure if I cleary understand the function...
Thank u in advance...
Debian,
In doPrincipal..., you are using a variable called 'map' but the variable is
'attributes'.
Ray
On Tue, 2019-05-21 at 02:22 -0700, Debian HNT wrote:
Hello guys,
I'm still trying to configure a groovy script for access strategy but I have
some errors
Here's my access-strategy.groovy
import org.apereo.cas.services.*
import java.util.*
class GroovyRegisteredAccessStrategy extends
DefaultRegisteredServiceAccessStrategy {
@Override
boolean isServiceAccessAllowed() {
return true
}
@Override
boolean isServiceAccessAllowedForSso() {
return true
}
@Override
boolean doPrincipalAttributesAllowServiceAccess(String principal,
Map<String, Object> attributes) {
for (Map.Entry<String, Object> entry : map.entrySet()){
if (entry.getKey().equals(principal)){
return true
}
}
return false
}
}
@Override
java.net.URI getUnauthorizedRedirectUrl(){
return "https://blocked-acc.html";
}
}
org.springframework.webflow.
execution.
ActionExecutionException: Exception thrown executing
org.apereo.cas.web.flow.login.
InitialFlowSetupAction@
2357e4bc in state 'null' of flow 'login' -- action execution attributes were
'map[[empty]]'
Caused by: java.lang.NullPointerException
at org.apereo.cas.services.
GroovyRegisteredServiceAccessS
trategy.
isServiceAccessAllowed(
GroovyRegisteredServiceAccessS
trategy.java:49)
at org.apereo.cas.web.flow.login.
InitialFlowSetupAction.
configureWebflowContextForServ
ice(InitialFlowSetupAction.
java:62)
at org.apereo.cas.web.flow.login.
InitialFlowSetupAction.
doExecute(
InitialFlowSetupAction.java:
51)
at org.springframework.webflow.
action.AbstractAction.execute(
AbstractAction.java:188)
at sun.reflect.
GeneratedMethodAccessor447.
invoke(Unknown Source)
at sun.reflect.
DelegatingMethodAccessorImpl.
invoke(
DelegatingMethodAccessorImpl.
java:43)
at java.lang.reflect.Method.
invoke(Method.java:498)
at org.springframework.util.
ReflectionUtils.invokeMethod(
ReflectionUtils.java:216)
at org.springframework.cloud.
context.scope.GenericScope$
LockedScopedProxyFactoryBean.
invoke(GenericScope.java:470)
at org.springframework.aop.
framework.
ReflectiveMethodInvocation.
proceed(
ReflectiveMethodInvocation.
java:179)
at org.springframework.aop.
framework.JdkDynamicAopProxy.
invoke(JdkDynamicAopProxy.
java:213)
at com.sun.proxy.$Proxy376.
execute(Unknown Source)
at org.springframework.webflow.
execution.ActionExecutor.
execute(ActionExecutor.java:
51)
... 100 more
I'd like to set some attributes required and redirection url.
For example if the account attribute = Active, i'll be able to join the service
but
if the account attribute = blocked, i'll be redirect to
https://blocked-acc.html<https://blocked.acc.html>
or
if the account attribute = waiting, i'll be redirect to
https://waiting-acc/html<https://waiting.acc/html>
I'm new to groovy and I dont understand the issue, May I have some help pls?
Regards,
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3681eb4d4632f2f0619a4bff319b404e27c3dbfb.camel%40uvic.ca.
