Thanks Jerome for the response.
I am checking with the network team about the reverse proxy..
request.getRequestURL() is coming in as "http "
Following is the log
2020-08-31 17:45:43,157 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s
reached end of additional filter chain; proceeding with original chain>
2020-08-31 17:45:43,164 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s",
parameters={masked}>
2020-08-31 17:45:43,167 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
HttpServletRequest, HttpServletResponse)>
2020-08-31 17:45:43,201 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response for
client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],>
I manually added a http to https replace here in
BaseDelegatedAuthenticationController for testing
val url = httpUrl.replace("http", "https");
2020-08-31 17:45:43,204 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
response for client [a204264-CodesESSO_Dev], redirecting the login flow
[https://
<domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]>
Ended up throwing an error [Which I believe is expected due to the
manipulation]
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <[email protected]> wrote:
> Hi,
>
> This redirection relies on: request.getRequestURL()
> Do you have some reverse proxy in front of your Tomcat?
> Thanks.
> Best regards,
> Jérôme
>
>
> Le jeu. 27 août 2020 à 17:20, Joe Manavalan <[email protected]> a
> écrit :
>
>> I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. The app
>> works fine in my local windows machine on an https port
>> When deployed in unix with the same setting [except the url has domain
>> name instead of server name] the app after authenticating with the external
>> oauth2 provider redirects the url to an http port as shown below
>> This is the redirect url configured and get successfully redirected after
>> authentication and authorization based on the browser trace
>> https://
>> <domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName>
>> It then gets redirected to the below http port instead of the expected
>> https port
>>
>> http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName>
>>
>> Is this some configuration in CAS or need to be investigated on the
>> network side ?
>> Any help appreciated
>>
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGTtRUTcv5_AwPDg4AgFmAwCEzd8vmQTJ2LA5ojQPyDUJkRKtw%40mail.gmail.com.
