Hi, I'm not surprised of this issue. pac4j relies on one session (distributed or not) to perform a login process.
When starting the login process in a tab, you put some data in the session. If meanwhile, in another tab, a login process is performed, the previous data have been erased and the first login process can't happen correctly in the first tab. Thanks. Best regards, Jérôme Le mar. 24 mars 2020 à 11:34, mlabib <marcusla...@gmail.com> a écrit : > Hi group, > > since I am not sure where to better report a bug, I am doing it here. I am > also looking for advice if the pac4j issue tracker might be a better place > to report. > > We are using CAS Server 6.1.5 to federate the customer login to several of > our services via OpenID Connect. > > It came to our attention that if a yet unauthenticated user opens several > services at once in different windows/tabs of the same browser. Only the > first authentication process attempted will succeed. Submission of a second > still open login form will result in the display of the error message > "Error: No message available". > > In the first submission of the credentials the POST to /cas/login will > send a redirect (302) to > /cas/oauth2.0/callbackAuthorize which in turn will redirect to > /cas/oidc/authorize which will finally redirect to the service. > > In the second submission of the credentials the POST will also send a > redirect to > /cas/oauth2.0/callbackAuthorize, which will use and invalidate the issued > service ticket and send a redirect to > /cas/oauth2.0/callbackAuthorize again (NOT to > /cas/oidc/authorize). On the second call of > /cas/oauth2.0/callbackAuthorize the supplied ticket is already invalidated > and gives rise to a org.apereo.cas.ticket.InvalidTicketException and in > turn to the > "Error: No message available" error presented to the user. > > I tried changing cas.authn.oauth.replicateSessions to true, which resulted > in no change to the problem. > > Any input would be greatly appreciated! > > Thanks, > Marcus > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/c4f2cc5a-a4d1-4717-8acd-fbc340fc41db%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c4f2cc5a-a4d1-4717-8acd-fbc340fc41db%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LzB898Q6HfV%2B9871j3Ud16L%3DO75NAVkrQgQzTvDOWXv8g%40mail.gmail.com.
