Hi group, since I am not sure where to better report a bug, I am doing it here. I am also looking for advice if the pac4j issue tracker might be a better place to report.
We are using CAS Server 6.1.5 to federate the customer login to several of our services via OpenID Connect. It came to our attention that if a yet unauthenticated user opens several services at once in different windows/tabs of the same browser. Only the first authentication process attempted will succeed. Submission of a second still open login form will result in the display of the error message "Error: No message available". In the first submission of the credentials the POST to /cas/login will send a redirect (302) to /cas/oauth2.0/callbackAuthorize which in turn will redirect to /cas/oidc/authorize which will finally redirect to the service. In the second submission of the credentials the POST will also send a redirect to /cas/oauth2.0/callbackAuthorize, which will use and invalidate the issued service ticket and send a redirect to /cas/oauth2.0/callbackAuthorize again (NOT to /cas/oidc/authorize). On the second call of /cas/oauth2.0/callbackAuthorize the supplied ticket is already invalidated and gives rise to a org.apereo.cas.ticket.InvalidTicketException and in turn to the "Error: No message available" error presented to the user. I tried changing cas.authn.oauth.replicateSessions to true, which resulted in no change to the problem. Any input would be greatly appreciated! Thanks, Marcus -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c4f2cc5a-a4d1-4717-8acd-fbc340fc41db%40apereo.org.
