Jérôme, I have not used memcached so I do not know its workings. A problem we had with ehcache (replicated cache) was that replication was too slow. The request for validation came in before the ticket was replicated to the other servers, so it was never found. We switched to hazelcast (not replicated) and all has been good.
It is possible to use cURL to help debug this. Increase the ST lifetime (say, a few minutes) so that you can perform some manual steps, https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#service-tickets-behavior 1. add a fake service to the registry for testing (you do not want the ST to be sent by the service) 2. access the service in your browser (or maybe from cURL), https://cashost.com/cas/login?service=https://possum.com/fake (browser returns 404) 3. copy ST from URL 4. check that the ST exists in all memcached stores 5. use cURL (maybe as POST) to submit ST for validation, https://cashost.com/cas/serviceValidate?service=https://possum.com/fake&ticket=ST<https://cashost.com/cas/serviceValidate?service=https://possum.com/fake&ticket=ST>-... You will want to turn logging up (debug or trace) for CAS, and memcached. Also check access logs. Ray On Wed, 2020-01-15 at 08:13 -0800, Jérôme Steve wrote: Hi Ray, Thanks for your reply (and sorry for my latency ...) So I'm stored Ticket in a memcahced ticket registery (All work fine). My log come from TWO different node (Exactly 2 container in a same stack behind a load balancer). I understand what you're saying about the round robin load blancer, but i don't think it's the problem. So my problem it's when i'm in multi node architecture (2 or 3 no matters) the cas/oauth2.0/callbackAuthorize url loop on itself and after looping N time (N corresponding to properties cas.ticket.st.numberOfUses=N) ST validation failed (That is normal is not my problem, it's the normal way). My problem is why this loop ? In the same environment, but in single node ( One container only in the same stack behind the same load balancer) i haven't this loop. the cas/oauth2.0/callbackAuthorize url redirect to /oidc/authorize?client_id= normaly. I'm trying to debug that but it's not easy. I hope i can make myself understood :) Thanks for your Help ! Jérôme. Le mardi 7 janvier 2020 17:50:00 UTC+1, rbon a écrit : Jérôme, How are tickets being stored? All CAS nodes need access to the tickets. In multi node architecture, request 1 goes to node 1, request 2 goes to node 2, etc (round robin load balancer). At the load balancer, log in is request 1, but ticket validation is request 2 (comes from client application). I assumed that the logs you presented were from a single log in attempt. Is that the case? Or did you set up multiple nodes between the logs from node 1 and node 2? Ray On Tue, 2020-01-07 at 08:02 -0800, Jérôme Steve wrote: Hi ray, Thanks for your reply. so you think the problem come from my OIDC client app ? or maybe from my load balancer and/or my proxy ? Becaus if i update cas servers configurtion to cas.ticket.st.numberOfUses=10 The ST is validate 10 times and after is FAILED (of course is the normal flow) But why he try to validate it many times !? And also with one node all work fine : 1. Url https : //********************** */cas/oauth2.0/ callbackAuthorize Validate the ST 2. And client is redirect to https : //********************** */cas/oauth2.0/autorize 3. User give autorize to his scope and , he is redirect to the client app. But in multi node i have a lopps on step 1. I don't no why. I will check my access log if i can't towmorro. Thanks, Jérôme. Le vendredi 3 janvier 2020 19:26:07 UTC+1, rbon a écrit : Jérôme, The failure on the node 2 is because the client application submitted the ST a second time (in your case 5s later). The ST was validated on node 1. I have not used OIDC. There may be some further communication that happens after the ST is validated (this happens with proxy tickets). Check access logs for all applications involved. Ray On Fri, 2020-01-03 at 02:37 -0800, Jérôme Steve wrote: Hello, Before all thanks for your works. We are using CAS overlay in Multi node architecture (Docker container) behind a load balancer and a proxy with a memcahced service registery. All work fine but when we used it like an OIDC provider, i'm getting a Validation Ticket Failed after called two time : https://********/cas/oauth2.0/ callbackAuthorize?client_id=** *****&redirect_uri=https%3A% 2F%2F*****************% 2Fopenid_connect_login& response_type=code&client_ name=***********&ticket=ST-7- ePqBOIW6mBH0rhSBR2o5LAkD1oA- 246dcb0736d7 This it's ONLY in multi node Architecture (2 or 3). When i have only one node all work fine and the server cas don't try to validate the ST ticket than one more time. For yours information if i up the value of cas.ticket.st.numberOfUses to x the nodes validate the ST ticket x times (after call cas/callbackAuthorize x times) and failed to validate it at he end. Log from node 1 : 2020 - 01 - 03 10 : 53 : 49 , 695 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : audit : unknown WHAT : [ result = Service Access Granted , service = https : //***********************/ca.. .,principal=SimplePrincipal( id=124055, attributes={code=[124055], adresse=[********************* ****], idProfilSelectionne=[*******], telephone=[], etat=[ACTIF], nom=[******], prenom=[******], email=[*********************** ]}),requiredAttributes={}] ACTION : SERVICE_ACCESS_ENFORCEMENT_ TRIGGERED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 49 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 49 , 717 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : audit : unknown WHAT : [ event = success , timestamp = Fri Jan 03 10 : 53 : 49 CET 2020 , source = DefaultCasDelegatingWebflowEve ntResolver ] ACTION : AUTHENTICATION_EVENT_TRIGGERED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 49 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 49 , 738 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : audit : unknown WHAT : [ result = Service Access Granted , service = https : //*************************... ,requiredAttributes={}] ACTION : SERVICE_ACCESS_ENFORCEMENT_ TRIGGERED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 49 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 49 , 770 INFO [ org . apereo . cas . DefaultCentralAuthenticationSe rvice ] - < Granted service ticket [ ST - 7 - ePqBOIW6mBH0rhSBR2o5LAkD1oA - 246dcb0736d7 ] for service [ https : //**************************** ****/openid_connect_login] and principal [124055]> 2020 - 01 - 03 10 : 53 : 49 , 771 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : 124055 WHAT : ST - 7 - ePqBOIW6mBH0rhSBR2o5LAkD1oA - 246dcb0736d7 for https : //***********************/cas/ oauth2.0/callbackAuthorize? client_id=demoClientOIDC& redirect_uri=https%3A%2F% 2Fdeve... ACTION : SERVICE_TICKET_CREATED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 49 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 52 , 859 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : audit : unknown WHAT : [ result = Service Access Granted , service = https : //*************************... ,principal=SimplePrincipal(id= 124055, attributes={phone_number=[], address=[********************* ****], selected_profil=[*******], email=[*********************** ]}),requiredAttributes={}] ACTION : SERVICE_ACCESS_ENFORCEMENT_ TRIGGERED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 52 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 52 , 869 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : 124055 WHAT : ST - 7 - ePqBOIW6mBH0rhSBR2o5LAkD1oA - 246dcb0736d7 for https : //***********************/cas/ oauth2.0/callbackAuthorize? client_id=demoClientOIDC& redirect_uri=https%3A%2F% 2Fdeve... ACTION : SERVICE_TICKET_VALIDATE_ SUCCESS APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 52 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************ ============================== ============================== = > Log from node 2 : 2020 - 01 - 03 10 : 53 : 57 , 220 WARN [ org . apereo . cas . DefaultCentralAuthenticationSe rvice ] - < Service ticket [ ST - 7 - ePqBOIW6mBH0rhSBR2o5LAkD1oA - 246dcb0736d7 ] does not exist .> 2020 - 01 - 03 10 : 53 : 57 , 221 INFO [ org . apereo . inspektr . audit . support . Slf4jLoggingAuditTrailManager ] - < Audit trail record BEGIN ============================== ============================== = WHO : audit : unknown WHAT : ST - 7 - ePqBOIW6mBH0rhSBR2o5LAkD1oA - 246dcb0736d7 for https : //************************/ cas/oauth2.0/ callbackAuthorize?client_id= demoClientOIDC&redirect_uri= https%3A%2F%2F***... ACTION : SERVICE_TICKET_VALIDATE_FAILED APPLICATION : CAS WHEN : Fri Jan 03 10 : 53 : 57 CET 2020 CLIENT IP ADDRESS : ************ SERVER IP ADDRESS : ************* ============================== ============================== = > 2020 - 01 - 03 10 : 53 : 57 , 246 ERROR [ org . apache . catalina . core . ContainerBase .[ Tomcat ].[ localhost ].[/ cas ].[ dispatcherServlet ]] - < Servlet . service () for servlet [ dispatcherServlet ] in context with path [ /cas] threw exception [Request processing failed; nested exception is RootCasException(super=org. apereo.cas.ticket. InvalidTicketException, code=INVALID_TICKET, args=[])] with root cause> org.apereo.cas.ticket. InvalidTicketException: null at org.apereo.cas. DefaultCentralAuthenticationSe rvice.validateServiceTicket( DefaultCentralAuthenticationSe rvice.java:255) ~[cas-server-core-6.1.2.jar!/: 6.1.2] at org.apereo.cas. DefaultCentralAuthenticationSe rvice$$FastClassBySpringCGLIB$ $b02e48f2.invoke(<generated>) ~[cas-server-core-6.1.2.jar!/: 6.1.2] at org.springframework.cglib. proxy.MethodProxy.invoke( MethodProxy.java:218) ~[spring-core-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation. invokeJoinpoint(CglibAopProxy. java:769) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework. ReflectiveMethodInvocation. proceed( ReflectiveMethodInvocation. java:163) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation.proceed( CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. aspectj. MethodInvocationProceedingJoin Point.proceed( MethodInvocationProceedingJoin Point.java:88) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apereo.inspektr.audit. AuditTrailManagementAspect. handleAuditTrail( AuditTrailManagementAspect. java:135) ~[inspektr-audit-1.8.6.GA.jar! /: <http://1.8.6.GA> 1.8.6.GA ] at jdk.internal.reflect. GeneratedMethodAccessor162. invoke(Unknown Source) ~[?:?] at jdk.internal.reflect. DelegatingMethodAccessorImpl. invoke( DelegatingMethodAccessorImpl. java:43) ~[?:?] at java.lang.reflect.Method. invoke(Method.java:566) ~[?:?] at org.springframework.aop. aspectj.AbstractAspectJAdvice. invokeAdviceMethodWithGivenArg s(AbstractAspectJAdvice.java: 644) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. aspectj.AbstractAspectJAdvice. invokeAdviceMethod( AbstractAspectJAdvice.java: 633) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. aspectj.AspectJAroundAdvice. invoke(AspectJAroundAdvice. java:70) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework. ReflectiveMethodInvocation. proceed( ReflectiveMethodInvocation. java:175) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation.proceed( CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework. transaction.interceptor. TransactionInterceptor$$ Lambda$1082.000000005CF3F5B0. proceedWithInvocation(Unknown Source) ~[?:?] at org.springframework. transaction.interceptor. TransactionAspectSupport. invokeWithinTransaction( TransactionAspectSupport.java: 353) ~[spring-tx-5.2.0.RELEASE.jar! /:5.2.0.RELEASE] at org.springframework. transaction.interceptor. TransactionInterceptor.invoke( TransactionInterceptor.java: 99) ~[spring-tx-5.2.0.RELEASE.jar! /:5.2.0.RELEASE] at org.springframework.aop. framework. ReflectiveMethodInvocation. proceed( ReflectiveMethodInvocation. java:186) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation.proceed( CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. interceptor. ExposeInvocationInterceptor. invoke( ExposeInvocationInterceptor. java:93) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework. ReflectiveMethodInvocation. proceed( ReflectiveMethodInvocation. java:186) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation.proceed( CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ DynamicAdvisedInterceptor. intercept(CglibAopProxy.java: 689) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apereo.cas. DefaultCentralAuthenticationSe rvice$$EnhancerBySpringCGLIB$$ 74df0efb. validateServiceTicket(< generated>) ~[cas-server-core-6.1.2.jar!/: 6.1.2] at org.apereo.cas.support.oauth. profile. CasServerApiBasedTicketValidat or.validate( CasServerApiBasedTicketValidat or.java:26) ~[cas-server-support-oauth- core-api-6.1.2.jar!/:6.1.2] at org.pac4j.cas.credentials. authenticator. CasAuthenticator.validate( CasAuthenticator.java:72) ~[pac4j-cas-4.0.0-RC1.jar!/:?] at org.pac4j.cas.credentials. authenticator. CasAuthenticator.validate( CasAuthenticator.java:31) ~[pac4j-cas-4.0.0-RC1.jar!/:?] at org.pac4j.core.client. BaseClient.lambda$ retrieveCredentials$0( BaseClient.java:65) ~[pac4j-core-4.0.0-RC1.jar!/:? ] at org.pac4j.core.client. BaseClient$$Lambda$1368. 000000006CEA5EC0.accept( Unknown Source) ~[?:?] at java.util.Optional.ifPresent( Optional.java:183) ~[?:?] at org.pac4j.core.client. BaseClient. retrieveCredentials( BaseClient.java:62) ~[pac4j-core-4.0.0-RC1.jar!/:? ] at org.pac4j.core.client. IndirectClient.getCredentials( IndirectClient.java:137) ~[pac4j-core-4.0.0-RC1.jar!/:? ] at org.pac4j.core.engine. DefaultCallbackLogic.perform( DefaultCallbackLogic.java:94) ~[pac4j-core-4.0.0-RC1.jar!/:? ] at org.apereo.cas.support.oauth. web.endpoints. OAuth20CallbackAuthorizeEndpoi ntController.handleRequest( OAuth20CallbackAuthorizeEndpoi ntController.java:48) ~[cas-server-support-oauth- core-api-6.1.2.jar!/:6.1.2] at jdk.internal.reflect. NativeMethodAccessorImpl. invoke0(Native Method) ~[?:?] at jdk.internal.reflect. NativeMethodAccessorImpl. invoke( NativeMethodAccessorImpl.java: 62) ~[?:?] at jdk.internal.reflect. DelegatingMethodAccessorImpl. invoke( DelegatingMethodAccessorImpl. java:43) ~[?:?] at java.lang.reflect.Method. invoke(Method.java:566) ~[?:?] at org.springframework.util. ReflectionUtils.invokeMethod( ReflectionUtils.java:279) ~[spring-core-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.cloud. context.scope.GenericScope$ LockedScopedProxyFactoryBean. invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.0. RC1.jar!/:2.2.0.RC1] at org.springframework.aop. framework. ReflectiveMethodInvocation. proceed( ReflectiveMethodInvocation. java:186) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ CglibMethodInvocation.proceed( CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.aop. framework.CglibAopProxy$ DynamicAdvisedInterceptor. intercept(CglibAopProxy.java: 689) ~[spring-aop-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apereo.cas.support.oauth. web.endpoints. OAuth20CallbackAuthorizeEndpoi ntController$$ EnhancerBySpringCGLIB$$ d78312e8.handleRequest(< generated>) ~[cas-server-support-oauth- core-api-6.1.2.jar!/:6.1.2] at jdk.internal.reflect. NativeMethodAccessorImpl. invoke0(Native Method) ~[?:?] at jdk.internal.reflect. NativeMethodAccessorImpl. invoke( NativeMethodAccessorImpl.java: 62) ~[?:?] at jdk.internal.reflect. DelegatingMethodAccessorImpl. invoke( DelegatingMethodAccessorImpl. java:43) ~[?:?] at java.lang.reflect.Method. invoke(Method.java:566) ~[?:?] at org.springframework.web. method.support. InvocableHandlerMethod. doInvoke( InvocableHandlerMethod.java: 190) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. method.support. InvocableHandlerMethod. invokeForRequest( InvocableHandlerMethod.java: 138) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.mvc.method.annotation. ServletInvocableHandlerMethod. invokeAndHandle( ServletInvocableHandlerMethod. java:106) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.mvc.method.annotation. RequestMappingHandlerAdapter. invokeHandlerMethod( RequestMappingHandlerAdapter. java:888) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.mvc.method.annotation. RequestMappingHandlerAdapter. handleInternal( RequestMappingHandlerAdapter. java:793) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.mvc.method. AbstractHandlerMethodAdapter. handle( AbstractHandlerMethodAdapter. java:87) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.DispatcherServlet. doDispatch(DispatcherServlet. java:1040) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.DispatcherServlet. doService(DispatcherServlet. java:943) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.FrameworkServlet. processRequest( FrameworkServlet.java:1006) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. servlet.FrameworkServlet. doGet(FrameworkServlet.java: 898) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at javax.servlet.http. HttpServlet.service( HttpServlet.java:645) ~[javax.servlet-api-4.0.1.jar! /:4.0.1] at org.springframework.web. servlet.FrameworkServlet. service(FrameworkServlet.java: 883) ~[spring-webmvc-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at javax.servlet.http. HttpServlet.service( HttpServlet.java:750) ~[javax.servlet-api-4.0.1.jar! /:4.0.1] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 231) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.cas.web.support. AuthenticationCredentialsThrea dLocalBinderClearingFilter. doFilter( AuthenticationCredentialsThrea dLocalBinderClearingFilter. java:28) ~[cas-server-core-web-api-6.1. 2.jar!/:6.1.2] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.cas.web.support. filters. RequestParameterPolicyEnforcem entFilter.doFilter( RequestParameterPolicyEnforcem entFilter.java:411) ~[cas-server-core-web-api-6.1. 2.jar!/:6.1.2] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.cas.web.support. filters. ResponseHeadersEnforcementFilt er.doFilter( ResponseHeadersEnforcementFilt er.java:215) ~[cas-server-core-web-api-6.1. 2.jar!/:6.1.2] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.cas.web.support. filters. AddResponseHeadersFilter. doFilter( AddResponseHeadersFilter.java: 67) ~[cas-server-core-web-api-6.1. 2.jar!/:6.1.2] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:320) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.access.intercept. FilterSecurityInterceptor. invoke( FilterSecurityInterceptor. java:126) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.access.intercept. FilterSecurityInterceptor. doFilter( FilterSecurityInterceptor. java:90) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.access. ExceptionTranslationFilter. doFilter( ExceptionTranslationFilter. java:118) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.session. SessionManagementFilter. doFilter( SessionManagementFilter.java: 137) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.authentication. AnonymousAuthenticationFilter. doFilter( AnonymousAuthenticationFilter. java:111) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.servletapi. SecurityContextHolderAwareRequ estFilter.doFilter( SecurityContextHolderAwareRequ estFilter.java:158) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.savedrequest. RequestCacheAwareFilter. doFilter( RequestCacheAwareFilter.java: 63) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.context. SecurityContextPersistenceFilt er.doFilter( SecurityContextPersistenceFilt er.java:105) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.context.request.async. WebAsyncManagerIntegrationFilt er.doFilterInternal( WebAsyncManagerIntegrationFilt er.java:56) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.web. filter.OncePerRequestFilter. doFilter(OncePerRequestFilter. java:119) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.access.channel. ChannelProcessingFilter. doFilter( ChannelProcessingFilter.java: 157) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy$ VirtualFilterChain.doFilter( FilterChainProxy.java:334) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy. doFilterInternal( FilterChainProxy.java:215) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.security. web.FilterChainProxy.doFilter( FilterChainProxy.java:178) ~[spring-security-web-5.2.0. RELEASE.jar!/:5.2.0.RELEASE] at org.springframework.web. filter.DelegatingFilterProxy. invokeDelegate( DelegatingFilterProxy.java: 358) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. filter.DelegatingFilterProxy. doFilter( DelegatingFilterProxy.java: 271) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.springframework.web. filter.RequestContextFilter. doFilterInternal( RequestContextFilter.java:100) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. filter.OncePerRequestFilter. doFilter(OncePerRequestFilter. java:119) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.springframework.web. filter.FormContentFilter. doFilterInternal( FormContentFilter.java:93) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. filter.OncePerRequestFilter. doFilter(OncePerRequestFilter. java:119) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.springframework.boot. actuate.metrics.web.servlet. WebMvcMetricsFilter. doFilterInternal( WebMvcMetricsFilter.java:108) ~[spring-boot-actuator-2.2.0. RELEASE.jar!/:2.2.0.RELEASE] at org.springframework.web. filter.OncePerRequestFilter. doFilter(OncePerRequestFilter. java:119) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.cas.logging.web. ThreadContextMDCServletFilter. doFilter( ThreadContextMDCServletFilter. java:99) ~[cas-server-core-logging-6.1. 2.jar!/:6.1.2] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.springframework.web. filter. CharacterEncodingFilter. doFilterInternal( CharacterEncodingFilter.java: 201) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.springframework.web. filter.OncePerRequestFilter. doFilter(OncePerRequestFilter. java:119) ~[spring-web-5.2.0.RELEASE. jar!/:5.2.0.RELEASE] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apereo.inspektr.common. web. ClientInfoThreadLocalFilter. doFilter( ClientInfoThreadLocalFilter. java:66) ~[ <http://inspektr-common-1.8.6.GA> inspektr-common-1.8.6.GA . jar!/: <http://1.8.6.GA> 1.8.6.GA ] at org.apache.catalina.core. ApplicationFilterChain. internalDoFilter( ApplicationFilterChain.java: 193) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. ApplicationFilterChain. doFilter( ApplicationFilterChain.java: 166) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. StandardWrapperValve.invoke( StandardWrapperValve.java:202) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. StandardContextValve.invoke( StandardContextValve.java:96) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina. authenticator. AuthenticatorBase.invoke( AuthenticatorBase.java:526) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. StandardHostValve.invoke( StandardHostValve.java:139) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.valves. ErrorReportValve.invoke( ErrorReportValve.java:92) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.core. StandardEngineValve.invoke( StandardEngineValve.java:74) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.valves. AbstractAccessLogValve.invoke( AbstractAccessLogValve.java: 678) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.valves. RemoteIpValve.invoke( RemoteIpValve.java:747) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.catalina.connector. CoyoteAdapter.service( CoyoteAdapter.java:343) ~[tomcat-catalina-9.0.27.jar!/ :9.0.27] at org.apache.coyote.http11. Http11Processor.service( Http11Processor.java:408) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at org.apache.coyote. AbstractProcessorLight. process( AbstractProcessorLight.java: 66) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at org.apache.coyote. AbstractProtocol$ ConnectionHandler.process( AbstractProtocol.java:861) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at <http://org.apache.tomcat.util.net> org.apache.tomcat.util.net . NioEndpoint$SocketProcessor. doRun(NioEndpoint.java:1579) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at <http://org.apache.tomcat.util.net> org.apache.tomcat.util.net . SocketProcessorBase.run( SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at java.util.concurrent. ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1128) ~[?:?] at java.util.concurrent. ThreadPoolExecutor$Worker.run( ThreadPoolExecutor.java:628) ~[?:?] at org.apache.tomcat.util. threads.TaskThread$ WrappingRunnable.run( TaskThread.java:61) ~[tomcat-embed-core-9.0.27. jar!/:9.0.27] at java.lang.Thread.run(Thread. java:831) [?:?] 2020-01-03 10:53:57.504 INFO net.spy.memcached. MemcachedConnection: Setting retryQueueSize to -1 2020-01-03 10:53:57.505 INFO net.spy.memcached. MemcachedConnection: Added {QA sa=************************/ ************: 11211 , #Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0} to connect queue Sorry for my English and thanks in advance for your help. Jérôme. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca<javascript:> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c354c5307b0eae615a4d1861c98c2cc4299bed61.camel%40uvic.ca.