Jerome, did you find out what specifically CAS is storing in the http session for OIDC that needs to be replicated? I think I have seen the same issue in my deployment where OIDC wasn't working in an active/active CAS cluster but I haven't had a chance to track down the cause.
- Hal On Monday, February 3, 2020 at 12:18:57 PM UTC-5, Jérôme Steve wrote: > > Hi Ray, > > After some investigation, I found the problem. > > I Have to replicate the httpSession for Hight Avaibility (Multi node) when > my cas server act like an OpenID Connect Provider ... > > If you know how to do it,you are my guess :) (I have my own view on that > but i'm curious to have an other view). > > Thanks for your Help, > Jérôme. > > > > Le jeudi 16 janvier 2020 18:37:16 UTC+1, rbon a écrit : > > Jérôme, > > I have not used memcached so I do not know its workings. A problem we had > with ehcache (replicated cache) was that replication was too slow. The > request for validation came in before the ticket was replicated to the > other servers, so it was never found. We switched to hazelcast (not > replicated) and all has been good. > > It is possible to use cURL to help debug this. Increase the ST lifetime > (say, a few minutes) so that you can perform some manual steps, > https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#service-tickets-behavior > > 1. add a fake service to the registry for testing (you do not want the ST > to be sent by the service) > 2. access the service in your browser (or maybe from cURL), > https://cashost.com/cas/login?service=https://possum.com/fake (browser > returns 404) > 3. copy ST from URL > 4. check that the ST exists in all memcached stores > 5. use cURL (maybe as POST) to submit ST for validation, > https://cashost.com/cas/serviceValidate?service=https://possum.com/fake&ticket=ST > > <https://cashost.com/cas/serviceValidate?service=https://possum.com/fake&ticket=ST> > -... > > You will want to turn logging up (debug or trace) for CAS, and memcached. > Also check access logs. > > Ray > > > On Wed, 2020-01-15 at 08:13 -0800, Jérôme Steve wrote: > > Hi Ray, > > Thanks for your reply (and sorry for my latency ...) > > So I'm stored Ticket in a memcahced ticket registery (All work fine). > My log come from TWO different node (Exactly 2 container in a same stack > behind a load balancer). > > I understand what you're saying about the round robin load blancer, but i > don't think it's the problem. > > So my problem it's when i'm in multi node architecture (2 or 3 no matters) > the cas/oauth2.0/callbackAuthorize url loop on itself and after looping N > time (N corresponding to properties > > cas.ticket.st.numberOfUses=N) > > ST validation failed (That is normal is not my problem, it's the normal way). > > > > My problem is why this loop ? > > > In the same environment, but in single node ( One container only in the same > stack behind the same load balancer) i haven't this loop. the > > cas/oauth2.0/callbackAuthorize > > url redirect to > > /oidc/authorize?client_id= > > normaly. > > > > I'm trying to debug that but it's not easy. > > > > I hope i can make myself understood :) Thanks for your Help ! > > > > Jérôme. > > > > > > Le mardi 7 janvier 2020 17:50:00 UTC+1, rbon a écrit : > > Jérôme, > > How are tickets being stored? > > All CAS nodes need access to the tickets. In multi node architecture, > request 1 goes to node 1, request 2 goes to node 2, etc (round robin load > balancer). At the load balancer, log in is request 1, but ticket validation > is request 2 (comes from client application). > I assumed that the logs you presented were from a single log in attempt. > Is that the case? Or did you set up multiple nodes between the logs from > node 1 and node 2? > > Ray > > On Tue, 2020-01-07 at 08:02 -0800, Jérôme Steve wrote: > > Hi ray, > > Thanks for your reply. so you think the problem come from my OIDC client > app ? or maybe from my load balancer and/or my proxy ? > > Becaus if i update cas servers configurtion to > > cas.ticket.st.numberOfUses=10 > > > > The ST is validate 10 times and after is FAILED (of course is the normal > flow) But why he try to validate it many times !? > > > > And also with one node all work fine : > > > > 1. Url > > https > > : > > //********************** > > */cas/oauth2.0/ > > callbackAuthorize Validate the ST > > > 2. And client is redirect to > > https > > : > > //********************** > > */cas/oauth2.0/autorize > > > 3. User give autorize to his scope and , he is redirect to the client app. > > > > But in multi node i have a lopps on step 1. I don't no why. > > > I will check my access log if i can't towmorro. > > > > Thanks, > > > Jérôme. > > > > > Le vendredi 3 janvier 2020 19:26:07 UTC+1, rbon a écrit : > > Jérôme, > > The failure on the node 2 is because the client application submitted the > ST a second time (in your case 5s later). > The ST was validated on node 1. > > I have not used OIDC. There may be some further communication that happens > after the ST is validated (this happens with proxy tickets). Check access > logs for all applications involved. > > Ray > > > On Fri, 2020-01-03 at 02:37 -0800, Jérôme Steve wrote: > > > Hello, > > > > Before all thanks for your works. > > > We are using CAS overlay in Multi node architecture (Docker container) behind > a load balancer and a proxy with a memcahced service registery. > > > > All work fine but when we used it like an OIDC provider, i'm getting a > Validation Ticket Failed after called two time : > > > https://********/cas/oauth2.0/ > > callbackAuthorize?client_id=** > > *****&redirect_uri=https%3A% > > 2F%2F*****************% > > 2Fopenid_connect_login& > > response_type=code&client_ > > name=***********&ticket=ST-7- > > ePqBOIW6mBH0rhSBR2o5LAkD1oA- > > 246dcb0736d7 > > > This it's ONLY in multi node Architecture (2 or 3). When i have only one node > all work fine and the server cas don't try to validate the ST ticket than one > more time. > > > > For yours information if i up the value of cas.ticket.st.numberOfUses to x > the nodes validate the ST ticket x times (after call cas/callbackAuthorize x > times) and failed to validate it at he end. > > > > > Log from node 1 : > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 49 > > , > > 695 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > audit > > : > > unknown > > > WHAT > > : > > [ > > result > > = > > Service > > Access > > Granted > > , > > service > > = > > https > > : > > //***********************/ca.. > > .,principal=SimplePrincipal( > > id=124055, attributes={code=[124055], adresse=[********************* > > ****], idProfilSelectionne=[*******], telephone=[], etat=[ACTIF], > nom=[******], prenom=[******], email=[*********************** > > ]}),requiredAttributes={}] > > > ACTION > > : > > SERVICE_ACCESS_ENFORCEMENT_ > > TRIGGERED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 49 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 49 > > , > > 717 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > audit > > : > > unknown > > > WHAT > > : > > [ > > event > > = > > success > > , > > timestamp > > = > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 49 > > CET > > 2020 > > , > > source > > = > > DefaultCasDelegatingWebflowEve > > ntResolver > > ] > > > ACTION > > : > > AUTHENTICATION_EVENT_TRIGGERED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 49 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 49 > > , > > 738 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > audit > > : > > unknown > > > WHAT > > : > > [ > > result > > = > > Service > > Access > > Granted > > , > > service > > = > > https > > : > > //*************************... > > ,requiredAttributes={}] > > > ACTION > > : > > SERVICE_ACCESS_ENFORCEMENT_ > > TRIGGERED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 49 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 49 > > , > > 770 > > INFO > > [ > > org > > . > > apereo > > . > > cas > > . > > DefaultCentralAuthenticationSe > > rvice > > ] > > - > > < > > Granted > > service ticket > > [ > > ST > > - > > 7 > > - > > ePqBOIW6mBH0rhSBR2o5LAkD1oA > > - > > 246dcb0736d7 > > ] > > for > > service > > [ > > https > > : > > //**************************** > > ****/openid_connect_login] and principal [124055]> > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 49 > > , > > 771 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > 124055 > > > WHAT > > : > > ST > > - > > 7 > > - > > ePqBOIW6mBH0rhSBR2o5LAkD1oA > > - > > 246dcb0736d7 > > for > > https > > : > > //***********************/cas/ > > oauth2.0/callbackAuthorize? > > client_id=demoClientOIDC& > > redirect_uri=https%3A%2F% > > 2Fdeve... > > > ACTION > > : > > SERVICE_TICKET_CREATED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 49 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 52 > > , > > 859 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > audit > > : > > unknown > > > WHAT > > : > > [ > > result > > = > > Service > > Access > > Granted > > , > > service > > = > > https > > : > > //*************************... > > ,principal=SimplePrincipal(id= > > 124055, attributes={phone_number=[], address=[********************* > > ****], selected_profil=[*******], email=[*********************** > > ]}),requiredAttributes={}] > > > ACTION > > : > > SERVICE_ACCESS_ENFORCEMENT_ > > TRIGGERED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 52 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 52 > > , > > 869 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > 124055 > > > WHAT > > : > > ST > > - > > 7 > > - > > ePqBOIW6mBH0rhSBR2o5LAkD1oA > > - > > 246dcb0736d7 > > for > > https > > : > > //***********************/cas/ > > oauth2.0/callbackAuthorize? > > client_id=demoClientOIDC& > > redirect_uri=https%3A%2F% > > 2Fdeve... > > > ACTION > > : > > SERVICE_TICKET_VALIDATE_ > > SUCCESS > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 52 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************ > > > ============================== > > ============================== > > = > > > > > > > > > > > Log from node 2 : > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 57 > > , > > 220 > > WARN > > [ > > org > > . > > apereo > > . > > cas > > . > > DefaultCentralAuthenticationSe > > rvice > > ] > > - > > < > > Service > > ticket > > [ > > ST > > - > > 7 > > - > > ePqBOIW6mBH0rhSBR2o5LAkD1oA > > - > > 246dcb0736d7 > > ] > > does > > not > > exist > > .> > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 57 > > , > > 221 > > INFO > > [ > > org > > . > > apereo > > . > > inspektr > > . > > audit > > . > > support > > . > > Slf4jLoggingAuditTrailManager > > ] > > - > > < > > Audit > > trail record > > BEGIN > > > ============================== > > ============================== > > = > > > WHO > > : > > audit > > : > > unknown > > > WHAT > > : > > ST > > - > > 7 > > - > > ePqBOIW6mBH0rhSBR2o5LAkD1oA > > - > > 246dcb0736d7 > > for > > https > > : > > //************************/ > > cas/oauth2.0/ > > callbackAuthorize?client_id= > > demoClientOIDC&redirect_uri= > > https%3A%2F%2F***... > > > ACTION > > : > > SERVICE_TICKET_VALIDATE_FAILED > > > APPLICATION > > : > > CAS > > > WHEN > > : > > Fri > > Jan > > 03 > > 10 > > : > > 53 > > : > > 57 > > CET > > 2020 > > > CLIENT IP ADDRESS > > : > > ************ > > > SERVER IP ADDRESS > > : > > ************* > > > ============================== > > ============================== > > = > > > > > > > > 2020 > > - > > 01 > > - > > 03 > > 10 > > : > > 53 > > : > > 57 > > , > > 246 > > ERROR > > [ > > org > > . > > apache > > . > > catalina > > . > > core > > . > > ContainerBase > > .[ > > Tomcat > > ].[ > > localhost > > ].[/ > > cas > > ].[ > > dispatcherServlet > > ]] > > - > > < > > Servlet > > . > > service > > () > > for > > servlet > > [ > > dispatcherServlet > > ] > > in > > context > > with > > path > > [ > > /cas] threw exception [Request processing failed; nested exception is > RootCasException(super=org. > > apereo.cas.ticket. > > InvalidTicketException, code=INVALID_TICKET, args=[])] with root cause> > > > org.apereo.cas.ticket. > > InvalidTicketException: null > > > at org.apereo.cas. > > DefaultCentralAuthenticationSe > > rvice.validateServiceTicket( > > DefaultCentralAuthenticationSe > > rvice.java:255) ~[cas-server-core-6.1.2.jar!/: > > 6.1.2] > > > at org.apereo.cas. > > DefaultCentralAuthenticationSe > > rvice$$FastClassBySpringCGLIB$ > > $b02e48f2.invoke(<generated>) ~[cas-server-core-6.1.2.jar!/: > > 6.1.2] > > > at org.springframework.cglib. > > proxy.MethodProxy.invoke( > > MethodProxy.java:218) ~[spring-core-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation. > > invokeJoinpoint(CglibAopProxy. > > java:769) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework. > > ReflectiveMethodInvocation. > > proceed( > > ReflectiveMethodInvocation. > > java:163) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation.proceed( > > CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > aspectj. > > MethodInvocationProceedingJoin > > Point.proceed( > > MethodInvocationProceedingJoin > > Point.java:88) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apereo.inspektr.audit. > > AuditTrailManagementAspect. > > handleAuditTrail( > > AuditTrailManagementAspect. > > java:135) ~[inspektr-audit-1.8.6.GA.jar! > > /: > > 1.8.6.GA > > ] > > > at jdk.internal.reflect. > > GeneratedMethodAccessor162. > > invoke(Unknown Source) ~[?:?] > > > at jdk.internal.reflect. > > DelegatingMethodAccessorImpl. > > invoke( > > DelegatingMethodAccessorImpl. > > java:43) ~[?:?] > > > at java.lang.reflect.Method. > > invoke(Method.java:566) ~[?:?] > > > at org.springframework.aop. > > aspectj.AbstractAspectJAdvice. > > invokeAdviceMethodWithGivenArg > > s(AbstractAspectJAdvice.java: > > 644) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > aspectj.AbstractAspectJAdvice. > > invokeAdviceMethod( > > AbstractAspectJAdvice.java: > > 633) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > aspectj.AspectJAroundAdvice. > > invoke(AspectJAroundAdvice. > > java:70) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework. > > ReflectiveMethodInvocation. > > proceed( > > ReflectiveMethodInvocation. > > java:175) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation.proceed( > > CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework. > > transaction.interceptor. > > TransactionInterceptor$$ > > Lambda$1082.000000005CF3F5B0. > > proceedWithInvocation(Unknown Source) ~[?:?] > > > at org.springframework. > > transaction.interceptor. > > TransactionAspectSupport. > > invokeWithinTransaction( > > TransactionAspectSupport.java: > > 353) ~[spring-tx-5.2.0.RELEASE.jar! > > /:5.2.0.RELEASE] > > > at org.springframework. > > transaction.interceptor. > > TransactionInterceptor.invoke( > > TransactionInterceptor.java: > > 99) ~[spring-tx-5.2.0.RELEASE.jar! > > /:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework. > > ReflectiveMethodInvocation. > > proceed( > > ReflectiveMethodInvocation. > > java:186) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation.proceed( > > CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > interceptor. > > ExposeInvocationInterceptor. > > invoke( > > ExposeInvocationInterceptor. > > java:93) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework. > > ReflectiveMethodInvocation. > > proceed( > > ReflectiveMethodInvocation. > > java:186) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation.proceed( > > CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > DynamicAdvisedInterceptor. > > intercept(CglibAopProxy.java: > > 689) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apereo.cas. > > DefaultCentralAuthenticationSe > > rvice$$EnhancerBySpringCGLIB$$ > > 74df0efb. > > validateServiceTicket(< > > generated>) ~[cas-server-core-6.1.2.jar!/: > > 6.1.2] > > > at org.apereo.cas.support.oauth. > > profile. > > CasServerApiBasedTicketValidat > > or.validate( > > CasServerApiBasedTicketValidat > > or.java:26) ~[cas-server-support-oauth- > > core-api-6.1.2.jar!/:6.1.2] > > > at org.pac4j.cas.credentials. > > authenticator. > > CasAuthenticator.validate( > > CasAuthenticator.java:72) ~[pac4j-cas-4.0.0-RC1.jar!/:?] > > > at org.pac4j.cas.credentials. > > authenticator. > > CasAuthenticator.validate( > > CasAuthenticator.java:31) ~[pac4j-cas-4.0.0-RC1.jar!/:?] > > > at org.pac4j.core.client. > > BaseClient.lambda$ > > retrieveCredentials$0( > > BaseClient.java:65) ~[pac4j-core-4.0.0-RC1.jar!/:? > > ] > > > at org.pac4j.core.client. > > BaseClient$$Lambda$1368. > > 000000006CEA5EC0.accept( > > Unknown Source) ~[?:?] > > > at java.util.Optional.ifPresent( > > Optional.java:183) ~[?:?] > > > at org.pac4j.core.client. > > BaseClient. > > retrieveCredentials( > > BaseClient.java:62) ~[pac4j-core-4.0.0-RC1.jar!/:? > > ] > > > at org.pac4j.core.client. > > IndirectClient.getCredentials( > > IndirectClient.java:137) ~[pac4j-core-4.0.0-RC1.jar!/:? > > ] > > > at org.pac4j.core.engine. > > DefaultCallbackLogic.perform( > > DefaultCallbackLogic.java:94) ~[pac4j-core-4.0.0-RC1.jar!/:? > > ] > > > at org.apereo.cas.support.oauth. > > web.endpoints. > > OAuth20CallbackAuthorizeEndpoi > > ntController.handleRequest( > > OAuth20CallbackAuthorizeEndpoi > > ntController.java:48) ~[cas-server-support-oauth- > > core-api-6.1.2.jar!/:6.1.2] > > > at jdk.internal.reflect. > > NativeMethodAccessorImpl. > > invoke0(Native Method) ~[?:?] > > > at jdk.internal.reflect. > > NativeMethodAccessorImpl. > > invoke( > > NativeMethodAccessorImpl.java: > > 62) ~[?:?] > > > at jdk.internal.reflect. > > DelegatingMethodAccessorImpl. > > invoke( > > DelegatingMethodAccessorImpl. > > java:43) ~[?:?] > > > at java.lang.reflect.Method. > > invoke(Method.java:566) ~[?:?] > > > at org.springframework.util. > > ReflectionUtils.invokeMethod( > > ReflectionUtils.java:279) ~[spring-core-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.cloud. > > context.scope.GenericScope$ > > LockedScopedProxyFactoryBean. > > invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.0. > > RC1.jar!/:2.2.0.RC1] > > > at org.springframework.aop. > > framework. > > ReflectiveMethodInvocation. > > proceed( > > ReflectiveMethodInvocation. > > java:186) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > CglibMethodInvocation.proceed( > > CglibAopProxy.java:747) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.aop. > > framework.CglibAopProxy$ > > DynamicAdvisedInterceptor. > > intercept(CglibAopProxy.java: > > 689) ~[spring-aop-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apereo.cas.support.oauth. > > web.endpoints. > > OAuth20CallbackAuthorizeEndpoi > > ntController$$ > > EnhancerBySpringCGLIB$$ > > d78312e8.handleRequest(< > > generated>) ~[cas-server-support-oauth- > > core-api-6.1.2.jar!/:6.1.2] > > > at jdk.internal.reflect. > > NativeMethodAccessorImpl. > > invoke0(Native Method) ~[?:?] > > > at jdk.internal.reflect. > > NativeMethodAccessorImpl. > > invoke( > > NativeMethodAccessorImpl.java: > > 62) ~[?:?] > > > at jdk.internal.reflect. > > DelegatingMethodAccessorImpl. > > invoke( > > DelegatingMethodAccessorImpl. > > java:43) ~[?:?] > > > at java.lang.reflect.Method. > > invoke(Method.java:566) ~[?:?] > > > at org.springframework.web. > > method.support. > > InvocableHandlerMethod. > > doInvoke( > > InvocableHandlerMethod.java: > > 190) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > method.support. > > InvocableHandlerMethod. > > invokeForRequest( > > InvocableHandlerMethod.java: > > 138) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.mvc.method.annotation. > > ServletInvocableHandlerMethod. > > invokeAndHandle( > > ServletInvocableHandlerMethod. > > java:106) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.mvc.method.annotation. > > RequestMappingHandlerAdapter. > > invokeHandlerMethod( > > RequestMappingHandlerAdapter. > > java:888) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.mvc.method.annotation. > > RequestMappingHandlerAdapter. > > handleInternal( > > RequestMappingHandlerAdapter. > > java:793) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.mvc.method. > > AbstractHandlerMethodAdapter. > > handle( > > AbstractHandlerMethodAdapter. > > java:87) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.DispatcherServlet. > > doDispatch(DispatcherServlet. > > java:1040) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.DispatcherServlet. > > doService(DispatcherServlet. > > java:943) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.FrameworkServlet. > > processRequest( > > FrameworkServlet.java:1006) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > servlet.FrameworkServlet. > > doGet(FrameworkServlet.java: > > 898) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at javax.servlet.http. > > HttpServlet.service( > > HttpServlet.java:645) ~[javax.servlet-api-4.0.1.jar! > > /:4.0.1] > > > at org.springframework.web. > > servlet.FrameworkServlet. > > service(FrameworkServlet.java: > > 883) ~[spring-webmvc-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at javax.servlet.http. > > HttpServlet.service( > > HttpServlet.java:750) ~[javax.servlet-api-4.0.1.jar! > > /:4.0.1] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 231) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.cas.web.support. > > AuthenticationCredentialsThrea > > dLocalBinderClearingFilter. > > doFilter( > > AuthenticationCredentialsThrea > > dLocalBinderClearingFilter. > > java:28) ~[cas-server-core-web-api-6.1. > > 2.jar!/:6.1.2] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.cas.web.support. > > filters. > > RequestParameterPolicyEnforcem > > entFilter.doFilter( > > RequestParameterPolicyEnforcem > > entFilter.java:411) ~[cas-server-core-web-api-6.1. > > 2.jar!/:6.1.2] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.cas.web.support. > > filters. > > ResponseHeadersEnforcementFilt > > er.doFilter( > > ResponseHeadersEnforcementFilt > > er.java:215) ~[cas-server-core-web-api-6.1. > > 2.jar!/:6.1.2] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.cas.web.support. > > filters. > > AddResponseHeadersFilter. > > doFilter( > > AddResponseHeadersFilter.java: > > 67) ~[cas-server-core-web-api-6.1. > > 2.jar!/:6.1.2] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:320) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.access.intercept. > > FilterSecurityInterceptor. > > invoke( > > FilterSecurityInterceptor. > > java:126) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.access.intercept. > > FilterSecurityInterceptor. > > doFilter( > > FilterSecurityInterceptor. > > java:90) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.access. > > ExceptionTranslationFilter. > > doFilter( > > ExceptionTranslationFilter. > > java:118) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.session. > > SessionManagementFilter. > > doFilter( > > SessionManagementFilter.java: > > 137) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.authentication. > > AnonymousAuthenticationFilter. > > doFilter( > > AnonymousAuthenticationFilter. > > java:111) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.servletapi. > > SecurityContextHolderAwareRequ > > estFilter.doFilter( > > SecurityContextHolderAwareRequ > > estFilter.java:158) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.savedrequest. > > RequestCacheAwareFilter. > > doFilter( > > RequestCacheAwareFilter.java: > > 63) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.context. > > SecurityContextPersistenceFilt > > er.doFilter( > > SecurityContextPersistenceFilt > > er.java:105) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.context.request.async. > > WebAsyncManagerIntegrationFilt > > er.doFilterInternal( > > WebAsyncManagerIntegrationFilt > > er.java:56) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.OncePerRequestFilter. > > doFilter(OncePerRequestFilter. > > java:119) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.access.channel. > > ChannelProcessingFilter. > > doFilter( > > ChannelProcessingFilter.java: > > 157) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy$ > > VirtualFilterChain.doFilter( > > FilterChainProxy.java:334) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy. > > doFilterInternal( > > FilterChainProxy.java:215) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.security. > > web.FilterChainProxy.doFilter( > > FilterChainProxy.java:178) ~[spring-security-web-5.2.0. > > RELEASE.jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.DelegatingFilterProxy. > > invokeDelegate( > > DelegatingFilterProxy.java: > > 358) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.DelegatingFilterProxy. > > doFilter( > > DelegatingFilterProxy.java: > > 271) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.springframework.web. > > filter.RequestContextFilter. > > doFilterInternal( > > RequestContextFilter.java:100) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.OncePerRequestFilter. > > doFilter(OncePerRequestFilter. > > java:119) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.springframework.web. > > filter.FormContentFilter. > > doFilterInternal( > > FormContentFilter.java:93) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.OncePerRequestFilter. > > doFilter(OncePerRequestFilter. > > java:119) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.springframework.boot. > > actuate.metrics.web.servlet. > > WebMvcMetricsFilter. > > doFilterInternal( > > WebMvcMetricsFilter.java:108) ~[spring-boot-actuator-2.2.0. > > RELEASE.jar!/:2.2.0.RELEASE] > > > at org.springframework.web. > > filter.OncePerRequestFilter. > > doFilter(OncePerRequestFilter. > > java:119) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.cas.logging.web. > > ThreadContextMDCServletFilter. > > doFilter( > > ThreadContextMDCServletFilter. > > java:99) ~[cas-server-core-logging-6.1. > > 2.jar!/:6.1.2] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.springframework.web. > > filter. > > CharacterEncodingFilter. > > doFilterInternal( > > CharacterEncodingFilter.java: > > 201) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.springframework.web. > > filter.OncePerRequestFilter. > > doFilter(OncePerRequestFilter. > > java:119) ~[spring-web-5.2.0.RELEASE. > > jar!/:5.2.0.RELEASE] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apereo.inspektr.common. > > web. > > ClientInfoThreadLocalFilter. > > doFilter( > > ClientInfoThreadLocalFilter. > > java:66) ~[ > > inspektr-common-1.8.6.GA > > . > > jar!/: > > 1.8.6.GA > > ] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > internalDoFilter( > > ApplicationFilterChain.java: > > 193) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > ApplicationFilterChain. > > doFilter( > > ApplicationFilterChain.java: > > 166) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > StandardWrapperValve.invoke( > > StandardWrapperValve.java:202) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > StandardContextValve.invoke( > > StandardContextValve.java:96) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina. > > authenticator. > > AuthenticatorBase.invoke( > > AuthenticatorBase.java:526) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > StandardHostValve.invoke( > > StandardHostValve.java:139) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.valves. > > ErrorReportValve.invoke( > > ErrorReportValve.java:92) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.core. > > StandardEngineValve.invoke( > > StandardEngineValve.java:74) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.valves. > > AbstractAccessLogValve.invoke( > > AbstractAccessLogValve.java: > > 678) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.valves. > > RemoteIpValve.invoke( > > RemoteIpValve.java:747) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.catalina.connector. > > CoyoteAdapter.service( > > CoyoteAdapter.java:343) ~[tomcat-catalina-9.0.27.jar!/ > > :9.0.27] > > > at org.apache.coyote.http11. > > Http11Processor.service( > > Http11Processor.java:408) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at org.apache.coyote. > > AbstractProcessorLight. > > process( > > AbstractProcessorLight.java: > > 66) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at org.apache.coyote. > > AbstractProtocol$ > > ConnectionHandler.process( > > AbstractProtocol.java:861) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at > > org.apache.tomcat.util.net > > . > > NioEndpoint$SocketProcessor. > > doRun(NioEndpoint.java:1579) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at > > org.apache.tomcat.util.net > > . > > SocketProcessorBase.run( > > SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at java.util.concurrent. > > ThreadPoolExecutor.runWorker( > > ThreadPoolExecutor.java:1128) ~[?:?] > > > at java.util.concurrent. > > ThreadPoolExecutor$Worker.run( > > ThreadPoolExecutor.java:628) ~[?:?] > > > at org.apache.tomcat.util. > > threads.TaskThread$ > > WrappingRunnable.run( > > TaskThread.java:61) ~[tomcat-embed-core-9.0.27. > > jar!/:9.0.27] > > > at java.lang.Thread.run(Thread. > > java:831) [?:?] > > > 2020-01-03 10:53:57.504 INFO net.spy.memcached. > > MemcachedConnection: Setting retryQueueSize to -1 > > > 2020-01-03 10:53:57.505 INFO net.spy.memcached. > > MemcachedConnection: Added {QA sa=************************/ > > ************: > > 11211 > > , > > #Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0} > to connect queue > > > > > > ... -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/86fd16c2-dc5b-422d-8c78-461a1bdf9743%40apereo.org.
