Hi Jerome,
For testing I set up the server name as the url. And now I have the
redirect url coming correctly but its timing out when getting
authentication Object. since the error is from pac4j, I also posted a
message in pac4j group too..
Following is the trace from log. Would it help trying a different version
of pac4j ?
2020-09-07 18:47:30,765 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8
reached end of additional filter chain; proceeding with original chain>
2020-09-07 18:47:30,772 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8",
parameters={masked}>
2020-09-07 18:47:30,774 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
HttpServletRequest, HttpServletResponse)>
2020-09-07 18:47:30,775 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
response for client [a204264-CodesESSO_DevDomain], redirecting the login
flow
[https://mycompanydomain.com:8445/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain]>
2020-09-07 18:47:30,786 DEBUG
[org.springframework.web.servlet.view.RedirectView] - <View [RedirectView],
model {}>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <SecurityContext is empty or contents are anonymous - context will not be
stored in HttpSession.>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Completed 302 FOUND>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.security.web.access.ExceptionTranslationFilter] -
<Chain processed normally>
2020-09-07 18:47:30,788 DEBUG
[org.springframework.security.web.context.SecurityContextPersistenceFilter]
- <SecurityContextHolder now cleared, as request processing completed>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 1 of 9 in additional filter chain; firing Filter:
'ChannelProcessingFilter'>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 2 of 9 in additional filter chain; firing Filter:
'WebAsyncManagerIntegrationFilter'>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 3 of 9 in additional filter chain; firing Filter:
'SecurityContextPersistenceFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <No HttpSession currently exists>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <No SecurityContext was available from the HttpSession: null. A new one
will be created.>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 4 of 9 in additional filter chain; firing Filter:
'RequestCacheAwareFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.savedrequest.HttpSessionRequestCache] -
<saved request doesn't match>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 5 of 9 in additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 6 of 9 in additional filter chain; firing Filter:
'AnonymousAuthenticationFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
- <Populated SecurityContextHolder with anonymous token:
'org.springframework.security.authentication.AnonymousAuthenticationToken@11ef9e01:
Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.98.183.5; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 7 of 9 in additional filter chain; firing Filter:
'SessionManagementFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 8 of 9 in additional filter chain; firing Filter:
'ExceptionTranslationFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 9 of 9 in additional filter chain; firing Filter:
'FilterSecurityInterceptor'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/null/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/null/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
matches found>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/css/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/css/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/js/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/js/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/images/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/images/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/webjars/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/webjars/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
to match using Ant [pattern='/**/favicon.ico']>
2020-09-07 18:47:30,867 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/**/favicon.ico'>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
matches found>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/resources/**'>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/static/**'>
2020-09-07 18:47:30,869 DEBUG
[org.springframework.security.web.access.intercept.FilterSecurityInterceptor]
- <Public object - authentication not attempted>
2020-09-07 18:47:30,869 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
reached end of additional filter chain; proceeding with original chain>
2020-09-07 18:47:30,870 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
parameters={masked}>
2020-09-07 18:47:30,872 DEBUG
[org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping
request with URI '/codesESSO/login' to flow with id 'login'>
2020-09-07 18:47:30,873 DEBUG
[org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapped to
[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.executor.FlowExecutorImpl] - <Launching new
execution of flow 'login' with input map['client_name' ->
'a204264-CodesESSO_DevDomain', 'code' ->
'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl]
- <Getting FlowDefinition with id 'login'>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImplFactory] -
<Creating new execution of 'login'>
2020-09-07 18:47:30,876 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Starting in
org.springframework.webflow.mvc.servlet.MvcExternalContext@68d39ed8 with
input map['client_name' -> 'a204264-CodesESSO_DevDomain', 'code' ->
'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
2020-09-07 18:47:30,876 DEBUG [org.springframework.webflow.engine.Flow] -
<Creating [FlowVariable@511bfc1c name = 'credential', valueFactory =
[BeanFactoryVariableValueFactory@42331ab3 type =
UsernamePasswordCredential]]>
2020-09-07 18:47:30,878 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@4bf00528 expression = initialFlowSetupAction,
resultExpression = [null]]>
2020-09-07 18:47:30,879 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished
executing org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70;
result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished
executing [EvaluateAction@4bf00528 expression = initialFlowSetupAction,
resultExpression = [null]]; result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@68329dba expression = verifyRequiredServiceAction,
resultExpression = [null]]>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished
executing
org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a; result
= success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished
executing [EvaluateAction@68329dba expression =
verifyRequiredServiceAction, resultExpression = [null]]; result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished
executing
org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3;
result = null>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.engine.ActionState] - <Entering state
'delegatedAuthenticationAction' of flow 'login'>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@7780b35 expression = delegatedAuthenticationAction,
resultExpression = [null]]>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f>
2020-09-07 18:47:30,887 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier
could not found as part of the request parameters. Looking at state for the
OAuth2/Oidc client>
2020-09-07 18:47:30,888 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
client identifier for this request as
[Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]]>
2020-09-07 18:47:30,895 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
client identifier as [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
2020-09-07 18:47:30,898 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Removing delegated
client identifier [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8] from registry>
2020-09-07 18:47:30,904 DEBUG
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
[TransientSessionTicketImpl(super=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8,
service=null, properties={targetService=null, method=, service=null,
theme=, locale=})] from the registry.>
2020-09-07 18:47:30,912 DEBUG
[org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Delegated
authentication client is [#GenericOAuth20Client# | name:
a204264-CodesESSO_DevDomain | callbackUrl:
https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
ajaxRequestResolver:
org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
redirectionActionBuilder:
org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
credentialsExtractor:
org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
| authenticator:
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
profileCreator:
org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
secret: [protected] | tokenAsHeader: false | responseType: code | scope:
null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
hasBeenCancelledFactory:
org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
| profileDefinition:
org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
httpClientConfig: null | |] with service [null]>
2020-09-07 18:47:30,913 DEBUG
[org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Fetching
credentials from delegated client [#GenericOAuth20Client# | name:
a204264-CodesESSO_DevDomain | callbackUrl:
https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
ajaxRequestResolver:
org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
redirectionActionBuilder:
org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
credentialsExtractor:
org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
| authenticator:
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
profileCreator:
org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
secret: [protected] | tokenAsHeader: false | responseType: code | scope:
null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
hasBeenCancelledFactory:
org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
| profileDefinition:
org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
httpClientConfig: null | |]>
2020-09-07 18:47:30,941 DEBUG
[org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket
[TransientSessionTicketImpl(super=TST-dc0a2fe1-45b6-400e-84ff-8b3563ef0882,
service=null, properties={})].>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
<sessionState: TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 / stateParameter:
Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
<code: Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator] - <code:
Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
2020-09-07 18:47:43,647 WARN
[org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
<[registry.json] does not match the recommended pattern
[(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
it's recommended that you rename the file to match the requested pattern to
avoid issues with duplicate service loading. Future CAS versions may try to
strictly force the naming syntax, refusing to load the file.>
2020-09-07 18:47:43,651 DEBUG
[org.apereo.cas.services.AbstractServicesManager] - <Adding registered
service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
identifier [10000001]>
2020-09-07 18:47:43,651 INFO
[org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
from [JsonServiceRegistry].>
2020-09-07 18:47:54,568 DEBUG
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] -
<[c892txdctool1] trying to acquire [cas-ticket-registry-cleaner] lock.>
2020-09-07 18:47:54,590 DEBUG
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Cleaning
up expired ticket [TST-f8c798e3-dbd1-4a00-981a-f430b891b36a]>
2020-09-07 18:47:54,591 DEBUG
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
[TransientSessionTicketImpl(super=TST-f8c798e3-dbd1-4a00-981a-f430b891b36a,
service=null, properties={})] from the registry.>
2020-09-07 18:47:54,600 INFO
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1]
expired tickets removed.>
2020-09-07 18:47:54,601 DEBUG
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <Releasing
[cas-ticket-registry-cleaner] lock held by [c892txdctool1].>
2020-09-07 18:47:54,602 DEBUG
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished
ticket cleanup.>
2020-09-07 18:48:43,656 WARN
[org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
<[registry.json] does not match the recommended pattern
[(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
it's recommended that you rename the file to match the requested pattern to
avoid issues with duplicate service loading. Future CAS versions may try to
strictly force the naming syntax, refusing to load the file.>
2020-09-07 18:48:43,660 DEBUG
[org.apereo.cas.services.AbstractServicesManager] - <Adding registered
service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
identifier [10000001]>
2020-09-07 18:48:43,661 INFO
[org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
from [JsonServiceRegistry].>
2020-09-07 18:49:38,301 DEBUG [org.pac4j.oauth.client.GenericOAuth20Client]
- <Credentials validation took: 127354 ms>
2020-09-07 18:49:38,302 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting
to handle [org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'] with root cause
[org.pac4j.core.exception.HttpCommunicationException: Error getting
token:Connection timed out (Connection timed out)]>
2020-09-07 18:49:38,302 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing
unhandled flow execution exception>
2020-09-07 18:49:38,302 DEBUG
[org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
received exception
[org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'] due to a type mismatch with handler
[[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
2020-09-07 18:49:38,302 DEBUG
[org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
received exception
[org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'] due to a type mismatch with handler
[[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
2020-09-07 18:49:38,303 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Failed to complete
request: org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'>
2020-09-07 18:49:38,304 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <SecurityContext is empty or contents are anonymous - context will not be
stored in HttpSession.>
2020-09-07 18:49:38,304 DEBUG
[org.springframework.security.web.context.SecurityContextPersistenceFilter]
- <SecurityContextHolder now cleared, as request processing completed>
2020-09-07 18:49:38,304 ERROR
[org.springframework.boot.web.servlet.support.ErrorPageFilter] -
<Forwarding to error page from request [/login] due to exception [Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]']>
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
state 'delegatedAuthenticationAction' of flow 'login' -- action execution
attributes were 'map[[empty]]'
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at org.springframework.webflow.engine.State.enter(State.java:194)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at org.springframework.webflow.engine.Flow.start(Flow.java:527)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:139)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
~[?:?]
at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at com.sun.proxy.$Proxy241.launchExecution(Unknown Source) ~[?:?]
at
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:264)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
~[servlet-api.jar:?]
at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
~[servlet-api.jar:?]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
~[tomcat-websocket.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:411)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:216)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:67)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108)
~[spring-boot-actuator-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99)
~[cas-server-core-logging-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
~[inspektr-common-1.8.6.GA.jar:1.8.6.GA]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
~[log4j-web-2.12.1.jar:2.12.1]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:185)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
~[catalina.jar:9.0.12]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
~[catalina.jar:9.0.12]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
~[catalina.jar:9.0.12]
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
~[catalina.jar:9.0.12]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
~[catalina.jar:9.0.12]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
~[tomcat-coyote.jar:9.0.12]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[?:?]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-util.jar:9.0.12]
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: org.pac4j.core.exception.HttpCommunicationException: Error
getting token:Connection timed out (Connection timed out)
at
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.retrieveAccessToken(OAuth20Authenticator.java:36)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:38)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.validate(OAuth20Authenticator.java:20)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:20)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.core.client.BaseClient.lambda$retrieveCredentials$0(BaseClient.java:70)
~[pac4j-core-4.0.3.jar:?]
at java.util.Optional.ifPresent(Optional.java:183) ~[?:?]
at org.pac4j.core.client.BaseClient.retrieveCredentials(BaseClient.java:67)
~[pac4j-core-4.0.3.jar:?]
at
org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:144)
~[pac4j-core-4.0.3.jar:?]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.getCredentialsFromDelegatedClient(DelegatedClientAuthenticationAction.java:254)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.populateContextWithClientCredential(DelegatedClientAuthenticationAction.java:240)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:213)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at jdk.internal.reflect.GeneratedMethodAccessor196.invoke(Unknown Source)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at com.sun.proxy.$Proxy228.execute(Unknown Source) ~[?:?]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
... 119 more
2020-09-07 18:49:38,308 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch
for GET
"/codesESSO/error?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
parameters={masked}>
2020-09-07 18:49:38,310 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest,
HttpServletResponse)>
2020-09-07 18:49:38,432 DEBUG
[org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
<Selected 'text/html' given [text/html, text/html;q=0.8]>
Thanks
On Friday, September 4, 2020 at 3:07:18 AM UTC-5 leleuj wrote:
> Hi,
>
> I would have expected the *val url = httpUrl.replace("http", "https");*
> solution to work.
>
> You may also try to set the "secure" flag in the Tomcat connector.
>
> Thanks.
> Best regards,
> Jérôme
>
>
> Le jeu. 3 sept. 2020 à 18:48, Joe Manavalan <[email protected]> a
> écrit :
>
>> I was told there is BIG-IP which counts as reverse proxy in front of
>> tomcat. Are there any specific settings to resolve this ?
>> FYI : We have CAS war deployed in tomcat 8.5 [Not in embedded tomcat]
>>
>> Thanks
>> Joe
>>
>>
>> On Monday, August 31, 2020 at 6:01:46 PM UTC-5 Joe Manavalan wrote:
>>
>>> Thanks Jerome for the response.
>>>
>>> I am checking with the network team about the reverse proxy..
>>> request.getRequestURL() is coming in as "http "
>>>
>>> Following is the log
>>>
>>>
>>> 2020-08-31 17:45:43,157 DEBUG
>>> [org.springframework.security.web.FilterChainProxy] -
>>> </login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s
>>>
>>> reached end of additional filter chain; proceeding with original chain>
>>> 2020-08-31 17:45:43,164 DEBUG
>>> [org.springframework.web.servlet.DispatcherServlet] - <GET
>>> "/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s",
>>>
>>> parameters={masked}>
>>> 2020-08-31 17:45:43,167 DEBUG
>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>>>
>>> - <Mapped to
>>> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
>>>
>>> HttpServletRequest, HttpServletResponse)>
>>> 2020-08-31 17:45:43,201 DEBUG
>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response for
>>> client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],>
>>>
>>>
>>> I manually added a http to https replace here in
>>> BaseDelegatedAuthenticationController for testing
>>> val url = httpUrl.replace("http", "https");
>>>
>>>
>>> 2020-08-31 17:45:43,204 DEBUG
>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
>>> response for client [a204264-CodesESSO_Dev], redirecting the login flow
>>> [https://<domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]>
>>>
>>> Ended up throwing an error [Which I believe is expected due to the
>>> manipulation]
>>> org.springframework.webflow.execution.ActionExecutionException:
>>> Exception thrown executing
>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec in
>>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>>> attributes were 'map[[empty]]'
>>> at
>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
>>> at
>>> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
>>>
>>> On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <[email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> This redirection relies on: request.getRequestURL()
>>>> Do you have some reverse proxy in front of your Tomcat?
>>>> Thanks.
>>>> Best regards,
>>>> Jérôme
>>>>
>>>>
>>>> Le jeu. 27 août 2020 à 17:20, Joe Manavalan <[email protected]> a
>>>> écrit :
>>>>
>>>>> I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. The
>>>>> app works fine in my local windows machine on an https port
>>>>> When deployed in unix with the same setting [except the url has domain
>>>>> name instead of server name] the app after authenticating with the
>>>>> external
>>>>> oauth2 provider redirects the url to an http port as shown below
>>>>> This is the redirect url configured and get successfully redirected
>>>>> after authentication and authorization based on the browser trace
>>>>>
>>>>> https://<domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName>
>>>>> It then gets redirected to the below http port instead of the expected
>>>>> https port
>>>>>
>>>>> http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName>
>>>>>
>>>>> Is this some configuration in CAS or need to be investigated on the
>>>>> network side ?
>>>>> Any help appreciated
>>>>>
>>>>>
>>>>> --
>>>>> - Website: https://apereo.github.io/cas
>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>> ---
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "CAS Community" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to [email protected].
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org
>>>>>
>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected].
>>>>
>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com
>>>>
>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>>
> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/99f94db8-cb5e-4170-8276-406ef95f4127n%40apereo.org.
