correction for question no 3 3) Secondly, Is there a way where the other party *does doesn't* have to provide us the IdP metadata and we can authenticate their SAMLRequest?
On Fri, Sep 20, 2019 at 5:43 PM vivek shakya <[email protected]> wrote: > Hi Misagh, > > Thank you for the information. > However I have some concern, when you said SP metadata is independent of > Idp metadata. > 1) So if we provide the other party with the SP(self generated with X509 > cert), what configuration should we have at our end? > 2) I see that for pac4j to work we need to have IdP metadata,The CAS > create the key/value pair of the Idp metadata and the SP metadata it > generated. Right? > 3) Secondly, Is there a way where the other party does have to provide us > the IdP metadata and we can authenticate their SAMLRequest? I think it is a > SP to SP delegate authentication. If it so, the other party want to > register our cas as SP, What changes we need to made in our side? In such > case will it be resolve with "cas-server-support-saml-sp-integrations" > package implementation? > > When I tried to authenticate the Okta Application without using the IdP > metadata and just with the SP metadata and keystore.jks file (generated > previously using Idp metadata), it throw the error as "*Caused by: > org.pac4j.core.exception.TechnicalException: No client found for name: > SAML2OKTA*" > > It only works when the IDP metadata path is provided. > > Please forgive me if it's a too much a question. But I couldn't find a > work around here. > > P.S Logs > > 2019-09-20 16:39:02,428 DEBUG > [org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction] > - <clientName: [SAML2OKTA]> > 2019-09-20 16:39:02,441 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the > received exception due to a type mismatch> > org.springframework.webflow.execution.ActionExecutionException: Exception > thrown executing > org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction@3c869ec7 > in state 'clientAction' of flow 'login' -- action execution attributes were > 'map[[empty]]' > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at org.springframework.webflow.engine.State.enter(State.java:194) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at org.springframework.webflow.engine.Flow.start(Flow.java:527) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_151] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_151] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:1.8.0_151] > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at com.sun.proxy.$Proxy173.launchExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:263) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-embed-websocket-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:28) > ~[cas-server-core-web-5.1.9.jar!/:5.1.9] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) > ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:238) > ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) > ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:90) > ~[cas-server-core-logging-5.1.9.jar!/:5.1.9] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) > ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) > ~[inspektr-common-1.7.GA.jar!/:1.7.GA] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:677) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > [?:1.8.0_151] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > [?:1.8.0_151] > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at java.lang.Thread.run(Thread.java:748) [?:1.8.0_151] > Caused by: org.pac4j.core.exception.TechnicalException: No client found > for name: SAML2OKTA > at org.pac4j.core.client.Clients.findClient(Clients.java:159) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.pac4j.core.client.Clients$$FastClassBySpringCGLIB$$d150b244.invoke(<generated>) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) > ~[spring-core-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.pac4j.core.client.Clients$$EnhancerBySpringCGLIB$$d8d7ff4.findClient(<generated>) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:134) > ~[classes!/:5.1.9] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_151] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_151] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:1.8.0_151] > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at com.sun.proxy.$Proxy187.execute(Unknown Source) ~[?:?] > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > ... 91 more > 2019-09-20 16:39:02,441 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the > received exception due to a type mismatch> > org.springframework.webflow.execution.ActionExecutionException: Exception > thrown executing > org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction@3c869ec7 > in state 'clientAction' of flow 'login' -- action execution attributes were > 'map[[empty]]' > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at org.springframework.webflow.engine.State.enter(State.java:194) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at org.springframework.webflow.engine.Flow.start(Flow.java:527) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_151] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_151] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:1.8.0_151] > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at com.sun.proxy.$Proxy173.launchExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:263) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) > ~[spring-webmvc-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-embed-websocket-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:28) > ~[cas-server-core-web-5.1.9.jar!/:5.1.9] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) > ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:238) > ~[cas-server-security-filter-2.0.6.jar!/:2.0.6] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) > ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:90) > ~[cas-server-core-logging-5.1.9.jar!/:5.1.9] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) > ~[spring-boot-actuator-1.5.3.RELEASE.jar!/:1.5.3.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) > ~[spring-web-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) > ~[inspektr-common-1.7.GA.jar!/:1.7.GA] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:677) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > [?:1.8.0_151] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > [?:1.8.0_151] > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > ~[tomcat-embed-core-8.5.29.jar!/:8.5.29] > at java.lang.Thread.run(Thread.java:748) [?:1.8.0_151] > *Caused by: org.pac4j.core.exception.TechnicalException: No client found > for name: SAML2OKTA* > at org.pac4j.core.client.Clients.findClient(Clients.java:159) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.pac4j.core.client.Clients$$FastClassBySpringCGLIB$$d150b244.invoke(<generated>) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) > ~[spring-core-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.pac4j.core.client.Clients$$EnhancerBySpringCGLIB$$d8d7ff4.findClient(<generated>) > ~[pac4j-core-2.0.0.jar!/:?] > at > org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:134) > ~[classes!/:5.1.9] > at > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_151] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_151] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:1.8.0_151] > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151] > at > org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > ~[spring-aop-4.3.16.RELEASE.jar!/:4.3.16.RELEASE] > at com.sun.proxy.$Proxy187.execute(Unknown Source) ~[?:?] > at > org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) > ~[spring-webflow-2.4.4.RELEASE.jar!/:2.4.4.RELEASE] > ... 91 more > > > Thanks, > > > > > On Fri, Sep 20, 2019 at 1:00 AM Misagh Moayyed <[email protected]> > wrote: > >> >>> So my question is: >>> 1) can we generate the SP metadata from CAS itself without using any Idp >>> metadata? >>> >> >> Yes. Modify it by hand, or create your own. CAS does not "need" the IdP >> metadata to generate the SP metadata. >> >> >>> 2) do you think we need to change our current pac4j implementation? >>> >> >> No. >> >> >>> 3) In such cases, does the SAML Request/Response need to be customized? >>> >> >> No. >> >> >>> 4) How should the authentication flow work in this case? >>> >> >> Same as before. >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/67270286-7964-4526-b363-c62e5b30acc0%40apereo.org >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/67270286-7964-4526-b363-c62e5b30acc0%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAxUnYfgM5F3FJRKFYgrDpzKDZX%3D%2BkZQp7fUwn9Dr1oepCPwng%40mail.gmail.com.
