HiJerome,
It appears that the token server cannot be reached directly but has to go
via a proxy.
Is there a property in cas to specify the proxy url and port ? or this has
to be a network settings on the server ?
Thanks
Joe
On Tuesday, September 8, 2020 at 1:00:12 AM UTC-5 leleuj wrote:
> Hi,
>
> During the authentication process, CAS via pac4j tries to directly contact
> the identity provider to retrieve the access token.
> The "connection timeout" means that the identity provider is not directly
> reachable from the CAS server. Maybe a mismatch in the URL definition or a
> proxy setting on the CAS server.
> Thanks.
> Best regards,
> Jérôme
>
>
> Le mar. 8 sept. 2020 à 03:34, Joe Manavalan <joeman...@gmail.com> a
> écrit :
>
>> Hi Jerome,
>>
>> For testing I set up the server name as the url. And now I have the
>> redirect url coming correctly but its timing out when getting
>> authentication Object. since the error is from pac4j, I also posted a
>> message in pac4j group too..
>>
>> Following is the trace from log. Would it help trying a different version
>> of pac4j ?
>>
>>
>> 2020-09-07 18:47:30,765 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8
>>
>> reached end of additional filter chain; proceeding with original chain>
>> 2020-09-07 18:47:30,772 DEBUG
>> [org.springframework.web.servlet.DispatcherServlet] - <GET
>> "/codesESSO/login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8",
>>
>> parameters={masked}>
>> 2020-09-07 18:47:30,774 DEBUG
>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>>
>> - <Mapped to
>> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
>>
>> HttpServletRequest, HttpServletResponse)>
>> 2020-09-07 18:47:30,775 DEBUG
>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
>> response for client [a204264-CodesESSO_DevDomain], redirecting the login
>> flow [
>> https://mycompanydomain.com:8445/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>> ]>
>> 2020-09-07 18:47:30,786 DEBUG
>> [org.springframework.web.servlet.view.RedirectView] - <View [RedirectView],
>> model {}>
>> 2020-09-07 18:47:30,787 DEBUG
>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>>
>> - <SecurityContext is empty or contents are anonymous - context will not be
>> stored in HttpSession.>
>> 2020-09-07 18:47:30,787 DEBUG
>> [org.springframework.web.servlet.DispatcherServlet] - <Completed 302 FOUND>
>> 2020-09-07 18:47:30,787 DEBUG
>> [org.springframework.security.web.access.ExceptionTranslationFilter] -
>> <Chain processed normally>
>> 2020-09-07 18:47:30,788 DEBUG
>> [org.springframework.security.web.context.SecurityContextPersistenceFilter]
>> - <SecurityContextHolder now cleared, as request processing completed>
>> 2020-09-07 18:47:30,860 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 1 of 9 in additional filter chain; firing Filter:
>> 'ChannelProcessingFilter'>
>> 2020-09-07 18:47:30,860 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 2 of 9 in additional filter chain; firing Filter:
>> 'WebAsyncManagerIntegrationFilter'>
>> 2020-09-07 18:47:30,860 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 3 of 9 in additional filter chain; firing Filter:
>> 'SecurityContextPersistenceFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>>
>> - <No HttpSession currently exists>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>>
>> - <No SecurityContext was available from the HttpSession: null. A new one
>> will be created.>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 4 of 9 in additional filter chain; firing Filter:
>> 'RequestCacheAwareFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] -
>> <saved request doesn't match>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 5 of 9 in additional filter chain; firing Filter:
>> 'SecurityContextHolderAwareRequestFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 6 of 9 in additional filter chain; firing Filter:
>> 'AnonymousAuthenticationFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
>>
>> - <Populated SecurityContextHolder with anonymous token:
>> 'org.springframework.security.authentication.AnonymousAuthenticationToken@11ef9e01:
>>
>> Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
>> Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>
>> RemoteIpAddress: 10.98.183.5; SessionId: null; Granted Authorities:
>> ROLE_ANONYMOUS'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 7 of 9 in additional filter chain; firing Filter:
>> 'SessionManagementFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 8 of 9 in additional filter chain; firing Filter:
>> 'ExceptionTranslationFilter'>
>> 2020-09-07 18:47:30,861 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> at position 9 of 9 in additional filter chain; firing Filter:
>> 'FilterSecurityInterceptor'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/null/**']>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/null/**'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
>> matches found>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/css/**']>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/css/**'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/js/**']>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/js/**'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/images/**']>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/images/**'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/webjars/**']>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/webjars/**'>
>> 2020-09-07 18:47:30,864 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
>> to match using Ant [pattern='/**/favicon.ico']>
>> 2020-09-07 18:47:30,867 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/**/favicon.ico'>
>> 2020-09-07 18:47:30,868 DEBUG
>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
>> matches found>
>> 2020-09-07 18:47:30,868 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/resources/**'>
>> 2020-09-07 18:47:30,868 DEBUG
>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
>> <Checking match of request : '/login'; against '/static/**'>
>> 2020-09-07 18:47:30,869 DEBUG
>> [org.springframework.security.web.access.intercept.FilterSecurityInterceptor]
>>
>> - <Public object - authentication not attempted>
>> 2020-09-07 18:47:30,869 DEBUG
>> [org.springframework.security.web.FilterChainProxy] -
>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>>
>> reached end of additional filter chain; proceeding with original chain>
>> 2020-09-07 18:47:30,870 DEBUG
>> [org.springframework.web.servlet.DispatcherServlet] - <GET
>> "/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
>>
>> parameters={masked}>
>> 2020-09-07 18:47:30,872 DEBUG
>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping
>> request with URI '/codesESSO/login' to flow with id 'login'>
>> 2020-09-07 18:47:30,873 DEBUG
>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapped to
>> [FlowHandlerMapping.DefaultFlowHandler@5687bc9e]>
>> 2020-09-07 18:47:30,875 DEBUG
>> [org.springframework.webflow.executor.FlowExecutorImpl] - <Launching new
>> execution of flow 'login' with input map['client_name' ->
>> 'a204264-CodesESSO_DevDomain', 'code' ->
>> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
>> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
>> 2020-09-07 18:47:30,875 DEBUG
>> [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl]
>> - <Getting FlowDefinition with id 'login'>
>> 2020-09-07 18:47:30,875 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImplFactory] -
>> <Creating new execution of 'login'>
>> 2020-09-07 18:47:30,876 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Starting in
>> org.springframework.webflow.mvc.servlet.MvcExternalContext@68d39ed8 with
>> input map['client_name' -> 'a204264-CodesESSO_DevDomain', 'code' ->
>> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
>> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
>> 2020-09-07 18:47:30,876 DEBUG [org.springframework.webflow.engine.Flow] -
>> <Creating [FlowVariable@511bfc1c name = 'credential', valueFactory =
>> [BeanFactoryVariableValueFactory@42331ab3 type =
>> UsernamePasswordCredential]]>
>> 2020-09-07 18:47:30,878 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@4bf00528 expression = initialFlowSetupAction,
>> resultExpression = [null]]>
>> 2020-09-07 18:47:30,879 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70;
>> result = success>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@4bf00528 expression = initialFlowSetupAction,
>> resultExpression = [null]]; result = success>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@68329dba expression = verifyRequiredServiceAction,
>> resultExpression = [null]]>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing
>> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a; result
>> = success>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@68329dba expression =
>> verifyRequiredServiceAction, resultExpression = [null]]; result = success>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing
>> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3;
>>
>> result = null>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'delegatedAuthenticationAction' of flow 'login'>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@7780b35 expression = delegatedAuthenticationAction,
>> resultExpression = [null]]>
>> 2020-09-07 18:47:30,885 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f>
>> 2020-09-07 18:47:30,887 DEBUG
>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier
>> could not found as part of the request parameters. Looking at state for the
>> OAuth2/Oidc client>
>> 2020-09-07 18:47:30,888 DEBUG
>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
>> client identifier for this request as
>> [Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]]>
>> 2020-09-07 18:47:30,895 DEBUG
>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
>> client identifier as [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
>> 2020-09-07 18:47:30,898 DEBUG
>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Removing delegated
>> client identifier [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8] from registry>
>> 2020-09-07 18:47:30,904 DEBUG
>> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
>> [TransientSessionTicketImpl(super=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8,
>> service=null, properties={targetService=null, method=, service=null,
>> theme=, locale=})] from the registry.>
>> 2020-09-07 18:47:30,912 DEBUG
>> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Delegated
>> authentication client is [#GenericOAuth20Client# | name:
>> a204264-CodesESSO_DevDomain | callbackUrl:
>> https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
>> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
>> ajaxRequestResolver:
>> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
>> redirectionActionBuilder:
>> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
>> credentialsExtractor:
>> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
>> | authenticator:
>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
>> profileCreator:
>> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
>> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
>> secret: [protected] | tokenAsHeader: false | responseType: code | scope:
>> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
>> hasBeenCancelledFactory:
>> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
>>
>> | profileDefinition:
>> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
>> httpClientConfig: null | |] with service [null]>
>> 2020-09-07 18:47:30,913 DEBUG
>> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Fetching
>> credentials from delegated client [#GenericOAuth20Client# | name:
>> a204264-CodesESSO_DevDomain | callbackUrl:
>> https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
>> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
>> ajaxRequestResolver:
>> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
>> redirectionActionBuilder:
>> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
>> credentialsExtractor:
>> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
>> | authenticator:
>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
>> profileCreator:
>> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
>> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
>> secret: [protected] | tokenAsHeader: false | responseType: code | scope:
>> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
>> hasBeenCancelledFactory:
>> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
>>
>> | profileDefinition:
>> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
>> httpClientConfig: null | |]>
>> 2020-09-07 18:47:30,941 DEBUG
>> [org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket
>> [TransientSessionTicketImpl(super=TST-dc0a2fe1-45b6-400e-84ff-8b3563ef0882,
>> service=null, properties={})].>
>> 2020-09-07 18:47:30,947 DEBUG
>> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
>> <sessionState: TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 / stateParameter:
>> Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
>> 2020-09-07 18:47:30,947 DEBUG
>> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
>> <code: Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
>> 2020-09-07 18:47:30,947 DEBUG
>> [org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator] - <code:
>> Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
>> 2020-09-07 18:47:43,647 WARN
>> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
>> <[registry.json] does not match the recommended pattern
>> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
>> it's recommended that you rename the file to match the requested pattern to
>> avoid issues with duplicate service loading. Future CAS versions may try to
>> strictly force the naming syntax, refusing to load the file.>
>> 2020-09-07 18:47:43,651 DEBUG
>> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered
>> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
>> identifier [10000001]>
>> 2020-09-07 18:47:43,651 INFO
>> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
>> from [JsonServiceRegistry].>
>> 2020-09-07 18:47:54,568 DEBUG
>> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] -
>> <[c892txdctool1] trying to acquire [cas-ticket-registry-cleaner] lock.>
>> 2020-09-07 18:47:54,590 DEBUG
>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Cleaning
>> up expired ticket [TST-f8c798e3-dbd1-4a00-981a-f430b891b36a]>
>> 2020-09-07 18:47:54,591 DEBUG
>> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
>> [TransientSessionTicketImpl(super=TST-f8c798e3-dbd1-4a00-981a-f430b891b36a,
>> service=null, properties={})] from the registry.>
>> 2020-09-07 18:47:54,600 INFO
>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1]
>> expired tickets removed.>
>> 2020-09-07 18:47:54,601 DEBUG
>> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <Releasing
>> [cas-ticket-registry-cleaner] lock held by [c892txdctool1].>
>> 2020-09-07 18:47:54,602 DEBUG
>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished
>> ticket cleanup.>
>> 2020-09-07 18:48:43,656 WARN
>> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
>> <[registry.json] does not match the recommended pattern
>> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
>> it's recommended that you rename the file to match the requested pattern to
>> avoid issues with duplicate service loading. Future CAS versions may try to
>> strictly force the naming syntax, refusing to load the file.>
>> 2020-09-07 18:48:43,660 DEBUG
>> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered
>> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
>> identifier [10000001]>
>> 2020-09-07 18:48:43,661 INFO
>> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
>> from [JsonServiceRegistry].>
>> 2020-09-07 18:49:38,301 DEBUG
>> [org.pac4j.oauth.client.GenericOAuth20Client] - <Credentials validation
>> took: 127354 ms>
>> 2020-09-07 18:49:38,302 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting
>> to handle [org.springframework.webflow.execution.ActionExecutionException:
>> Exception thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]'] with root cause
>> [org.pac4j.core.exception.HttpCommunicationException: Error getting
>> token:Connection timed out (Connection timed out)]>
>> 2020-09-07 18:49:38,302 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing
>> unhandled flow execution exception>
>> 2020-09-07 18:49:38,302 DEBUG
>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
>> received exception
>> [org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]'] due to a type mismatch with handler
>> [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
>> 2020-09-07 18:49:38,302 DEBUG
>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
>> received exception
>> [org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]'] due to a type mismatch with handler
>> [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
>> 2020-09-07 18:49:38,303 DEBUG
>> [org.springframework.web.servlet.DispatcherServlet] - <Failed to complete
>> request: org.springframework.webflow.execution.ActionExecutionException:
>> Exception thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]'>
>> 2020-09-07 18:49:38,304 DEBUG
>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>>
>> - <SecurityContext is empty or contents are anonymous - context will not be
>> stored in HttpSession.>
>> 2020-09-07 18:49:38,304 DEBUG
>> [org.springframework.security.web.context.SecurityContextPersistenceFilter]
>> - <SecurityContextHolder now cleared, as request processing completed>
>> 2020-09-07 18:49:38,304 ERROR
>> [org.springframework.boot.web.servlet.support.ErrorPageFilter] -
>> <Forwarding to error page from request [/login] due to exception [Exception
>> thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]']>
>> org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>> attributes were 'map[[empty]]'
>> at
>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at org.springframework.webflow.engine.State.enter(State.java:194)
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at org.springframework.webflow.engine.Flow.start(Flow.java:527)
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:139)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> ~[?:?]
>> at
>> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>
>> ~[?:?]
>> at
>> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> ~[?:?]
>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
>> at
>> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
>>
>> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
>>
>> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>
>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at com.sun.proxy.$Proxy241.launchExecution(Unknown Source) ~[?:?]
>> at
>> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:264)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
>>
>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
>>
>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
>>
>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
>>
>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
>> ~[servlet-api.jar:?]
>> at
>> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
>>
>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
>> ~[servlet-api.jar:?]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
>> ~[tomcat-websocket.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28)
>>
>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:411)
>>
>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:216)
>>
>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:67)
>>
>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
>>
>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
>>
>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
>> at
>> org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
>>
>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
>> at
>> org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
>>
>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
>>
>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108)
>>
>> ~[spring-boot-actuator-2.2.0.RELEASE.jar:2.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99)
>>
>> ~[cas-server-core-logging-6.1.7.jar:6.1.7]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>>
>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
>>
>> ~[inspektr-common-1.8.6.GA.jar:1.8.6.GA]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
>>
>> ~[log4j-web-2.12.1.jar:2.12.1]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:185)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>>
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>> ~[catalina.jar:9.0.12]
>> at
>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
>> ~[tomcat-coyote.jar:9.0.12]
>> at
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>>
>> ~[tomcat-coyote.jar:9.0.12]
>> at
>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770)
>>
>> ~[tomcat-coyote.jar:9.0.12]
>> at
>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
>>
>> ~[tomcat-coyote.jar:9.0.12]
>> at
>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>>
>> ~[tomcat-coyote.jar:9.0.12]
>> at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>>
>> ~[?:?]
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>>
>> ~[?:?]
>> at
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>
>> ~[tomcat-util.jar:9.0.12]
>> at java.lang.Thread.run(Thread.java:834) [?:?]
>> Caused by: org.pac4j.core.exception.HttpCommunicationException: Error
>> getting token:Connection timed out (Connection timed out)
>> at
>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.retrieveAccessToken(OAuth20Authenticator.java:36)
>>
>> ~[pac4j-oauth-4.0.3.jar:?]
>> at
>> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:38)
>>
>> ~[pac4j-oauth-4.0.3.jar:?]
>> at
>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.validate(OAuth20Authenticator.java:20)
>>
>> ~[pac4j-oauth-4.0.3.jar:?]
>> at
>> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:20)
>>
>> ~[pac4j-oauth-4.0.3.jar:?]
>> at
>> org.pac4j.core.client.BaseClient.lambda$retrieveCredentials$0(BaseClient.java:70)
>>
>> ~[pac4j-core-4.0.3.jar:?]
>> at java.util.Optional.ifPresent(Optional.java:183) ~[?:?]
>> at
>> org.pac4j.core.client.BaseClient.retrieveCredentials(BaseClient.java:67)
>> ~[pac4j-core-4.0.3.jar:?]
>> at
>> org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:144)
>> ~[pac4j-core-4.0.3.jar:?]
>> at
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.getCredentialsFromDelegatedClient(DelegatedClientAuthenticationAction.java:254)
>>
>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
>> at
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.populateContextWithClientCredential(DelegatedClientAuthenticationAction.java:240)
>>
>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
>> at
>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:213)
>>
>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
>> at
>> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> at jdk.internal.reflect.GeneratedMethodAccessor196.invoke(Unknown Source)
>> ~[?:?]
>> at
>> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> ~[?:?]
>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
>> at
>> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
>>
>> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
>>
>> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>>
>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>
>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
>> at com.sun.proxy.$Proxy228.execute(Unknown Source) ~[?:?]
>> at
>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
>>
>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
>> ... 119 more
>> 2020-09-07 18:49:38,308 DEBUG
>> [org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch
>> for GET
>> "/codesESSO/error?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
>>
>> parameters={masked}>
>> 2020-09-07 18:49:38,310 DEBUG
>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>>
>> - <Mapped to
>> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest,
>>
>> HttpServletResponse)>
>> 2020-09-07 18:49:38,432 DEBUG
>> [org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
>> <Selected 'text/html' given [text/html, text/html;q=0.8]>
>>
>>
>>
>> Thanks
>>
>> On Friday, September 4, 2020 at 3:07:18 AM UTC-5 leleuj wrote:
>>
>>> Hi,
>>>
>>> I would have expected the *val url = httpUrl.replace("http", "https");*
>>> solution to work.
>>>
>>> You may also try to set the "secure" flag in the Tomcat connector.
>>>
>>> Thanks.
>>> Best regards,
>>> Jérôme
>>>
>>>
>>> Le jeu. 3 sept. 2020 à 18:48, Joe Manavalan <joeman...@gmail.com> a
>>> écrit :
>>>
>>>> I was told there is BIG-IP which counts as reverse proxy in front of
>>>> tomcat. Are there any specific settings to resolve this ?
>>>> FYI : We have CAS war deployed in tomcat 8.5 [Not in embedded tomcat]
>>>>
>>>> Thanks
>>>> Joe
>>>>
>>>>
>>>> On Monday, August 31, 2020 at 6:01:46 PM UTC-5 Joe Manavalan wrote:
>>>>
>>>>> Thanks Jerome for the response.
>>>>>
>>>>> I am checking with the network team about the reverse proxy..
>>>>> request.getRequestURL() is coming in as "http "
>>>>>
>>>>> Following is the log
>>>>>
>>>>>
>>>>> 2020-08-31 17:45:43,157 DEBUG
>>>>> [org.springframework.security.web.FilterChainProxy] -
>>>>> </login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s
>>>>>
>>>>> reached end of additional filter chain; proceeding with original chain>
>>>>> 2020-08-31 17:45:43,164 DEBUG
>>>>> [org.springframework.web.servlet.DispatcherServlet] - <GET
>>>>> "/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s",
>>>>>
>>>>> parameters={masked}>
>>>>> 2020-08-31 17:45:43,167 DEBUG
>>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>>>>>
>>>>> - <Mapped to
>>>>> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
>>>>>
>>>>> HttpServletRequest, HttpServletResponse)>
>>>>> 2020-08-31 17:45:43,201 DEBUG
>>>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response
>>>>> for
>>>>> client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],>
>>>>>
>>>>>
>>>>> I manually added a http to https replace here in
>>>>> BaseDelegatedAuthenticationController for testing
>>>>> val url = httpUrl.replace("http", "https");
>>>>>
>>>>>
>>>>> 2020-08-31 17:45:43,204 DEBUG
>>>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
>>>>> response for client [a204264-CodesESSO_Dev], redirecting the login flow
>>>>> [https://<domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]>
>>>>>
>>>>> Ended up throwing an error [Which I believe is expected due to the
>>>>> manipulation]
>>>>> org.springframework.webflow.execution.ActionExecutionException:
>>>>> Exception thrown executing
>>>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec in
>>>>> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
>>>>> attributes were 'map[[empty]]'
>>>>> at
>>>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
>>>>> at
>>>>> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
>>>>>
>>>>> On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <lel...@gmail.com> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> This redirection relies on: request.getRequestURL()
>>>>>> Do you have some reverse proxy in front of your Tomcat?
>>>>>> Thanks.
>>>>>> Best regards,
>>>>>> Jérôme
>>>>>>
>>>>>>
>>>>>> Le jeu. 27 août 2020 à 17:20, Joe Manavalan <joeman...@gmail.com> a
>>>>>> écrit :
>>>>>>
>>>>>>> I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. The
>>>>>>> app works fine in my local windows machine on an https port
>>>>>>> When deployed in unix with the same setting [except the url has
>>>>>>> domain name instead of server name] the app after authenticating with
>>>>>>> the
>>>>>>> external oauth2 provider redirects the url to an http port as shown
>>>>>>> below
>>>>>>> This is the redirect url configured and get successfully redirected
>>>>>>> after authentication and authorization based on the browser trace
>>>>>>>
>>>>>>> https://<domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName>
>>>>>>> It then gets redirected to the below http port instead of the
>>>>>>> expected https port
>>>>>>>
>>>>>>> http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName>
>>>>>>>
>>>>>>> Is this some configuration in CAS or need to be investigated on the
>>>>>>> network side ?
>>>>>>> Any help appreciated
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>> ---
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "CAS Community" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to cas-user+u...@apereo.org.
>>>>>>> To view this discussion on the web visit
>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org
>>>>>>>
>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>> .
>>>>>>>
>>>>>> --
>>>>>> - Website: https://apereo.github.io/cas
>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>> ---
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "CAS Community" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to cas-user+u...@apereo.org.
>>>>>>
>>>>> To view this discussion on the web visit
>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com
>>>>>>
>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>>>>> .
>>>>>>
>>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to cas-user+u...@apereo.org.
>>>>
>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org
>>>>
>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0cbb5acf-1a82-459d-a294-6c6c02f21be0n%40apereo.org.
