Hi, You should turn on DEBUG logs on org.pac4j and com.github.scribejava. Thanks. Best regards, Jérôme
Le mer. 9 sept. 2020 à 06:42, Joe Manavalan <[email protected]> a écrit : > > Hi Jerome, > Are there any logs we can get to see the timed out request url? > btw I tried adding the proxy host and port as jvm arguments with the same > connection timed out error. > > Thanks > Joe > On Tuesday, September 8, 2020 at 7:49:32 PM UTC-5 Joe Manavalan wrote: > >> >> HiJerome, >> >> It appears that the token server cannot be reached directly but has to go >> via a proxy. >> Is there a property in cas to specify the proxy url and port ? or this >> has to be a network settings on the server ? >> >> Thanks >> Joe >> On Tuesday, September 8, 2020 at 1:00:12 AM UTC-5 leleuj wrote: >> >>> Hi, >>> >>> During the authentication process, CAS via pac4j tries to directly >>> contact the identity provider to retrieve the access token. >>> The "connection timeout" means that the identity provider is not >>> directly reachable from the CAS server. Maybe a mismatch in the URL >>> definition or a proxy setting on the CAS server. >>> Thanks. >>> Best regards, >>> Jérôme >>> >>> >>> Le mar. 8 sept. 2020 à 03:34, Joe Manavalan <[email protected]> a >>> écrit : >>> >>>> Hi Jerome, >>>> >>>> For testing I set up the server name as the url. And now I have the >>>> redirect url coming correctly but its timing out when getting >>>> authentication Object. since the error is from pac4j, I also posted a >>>> message in pac4j group too.. >>>> >>>> Following is the trace from log. Would it help trying a different >>>> version of pac4j ? >>>> >>>> >>>> 2020-09-07 18:47:30,765 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 >>>> reached end of additional filter chain; proceeding with original chain> >>>> 2020-09-07 18:47:30,772 DEBUG >>>> [org.springframework.web.servlet.DispatcherServlet] - <GET >>>> "/codesESSO/login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8", >>>> parameters={masked}> >>>> 2020-09-07 18:47:30,774 DEBUG >>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>> - <Mapped to >>>> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String, >>>> HttpServletRequest, HttpServletResponse)> >>>> 2020-09-07 18:47:30,775 DEBUG >>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a >>>> response for client [a204264-CodesESSO_DevDomain], redirecting the login >>>> flow [ >>>> https://mycompanydomain.com:8445/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> ]> >>>> 2020-09-07 18:47:30,786 DEBUG >>>> [org.springframework.web.servlet.view.RedirectView] - <View [RedirectView], >>>> model {}> >>>> 2020-09-07 18:47:30,787 DEBUG >>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>> - <SecurityContext is empty or contents are anonymous - context will not be >>>> stored in HttpSession.> >>>> 2020-09-07 18:47:30,787 DEBUG >>>> [org.springframework.web.servlet.DispatcherServlet] - <Completed 302 FOUND> >>>> 2020-09-07 18:47:30,787 DEBUG >>>> [org.springframework.security.web.access.ExceptionTranslationFilter] - >>>> <Chain processed normally> >>>> 2020-09-07 18:47:30,788 DEBUG >>>> [org.springframework.security.web.context.SecurityContextPersistenceFilter] >>>> - <SecurityContextHolder now cleared, as request processing completed> >>>> 2020-09-07 18:47:30,860 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 1 of 9 in additional filter chain; firing Filter: >>>> 'ChannelProcessingFilter'> >>>> 2020-09-07 18:47:30,860 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 2 of 9 in additional filter chain; firing Filter: >>>> 'WebAsyncManagerIntegrationFilter'> >>>> 2020-09-07 18:47:30,860 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 3 of 9 in additional filter chain; firing Filter: >>>> 'SecurityContextPersistenceFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>> - <No HttpSession currently exists> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>> - <No SecurityContext was available from the HttpSession: null. A new one >>>> will be created.> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 4 of 9 in additional filter chain; firing Filter: >>>> 'RequestCacheAwareFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - >>>> <saved request doesn't match> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 5 of 9 in additional filter chain; firing Filter: >>>> 'SecurityContextHolderAwareRequestFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 6 of 9 in additional filter chain; firing Filter: >>>> 'AnonymousAuthenticationFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] >>>> - <Populated SecurityContextHolder with anonymous token: >>>> 'org.springframework.security.authentication.AnonymousAuthenticationToken@11ef9e01: >>>> Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; >>>> Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.98.183.5; SessionId: null; Granted Authorities: >>>> ROLE_ANONYMOUS'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 7 of 9 in additional filter chain; firing Filter: >>>> 'SessionManagementFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 8 of 9 in additional filter chain; firing Filter: >>>> 'ExceptionTranslationFilter'> >>>> 2020-09-07 18:47:30,861 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> at position 9 of 9 in additional filter chain; firing Filter: >>>> 'FilterSecurityInterceptor'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/null/**']> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/null/**'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No >>>> matches found> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/css/**']> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/css/**'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/js/**']> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/js/**'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/images/**']> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/images/**'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/webjars/**']> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/webjars/**'> >>>> 2020-09-07 18:47:30,864 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying >>>> to match using Ant [pattern='/**/favicon.ico']> >>>> 2020-09-07 18:47:30,867 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/**/favicon.ico'> >>>> 2020-09-07 18:47:30,868 DEBUG >>>> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No >>>> matches found> >>>> 2020-09-07 18:47:30,868 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/resources/**'> >>>> 2020-09-07 18:47:30,868 DEBUG >>>> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - >>>> <Checking match of request : '/login'; against '/static/**'> >>>> 2020-09-07 18:47:30,869 DEBUG >>>> [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] >>>> - <Public object - authentication not attempted> >>>> 2020-09-07 18:47:30,869 DEBUG >>>> [org.springframework.security.web.FilterChainProxy] - >>>> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain >>>> reached end of additional filter chain; proceeding with original chain> >>>> 2020-09-07 18:47:30,870 DEBUG >>>> [org.springframework.web.servlet.DispatcherServlet] - <GET >>>> "/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain", >>>> parameters={masked}> >>>> 2020-09-07 18:47:30,872 DEBUG >>>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping >>>> request with URI '/codesESSO/login' to flow with id 'login'> >>>> 2020-09-07 18:47:30,873 DEBUG >>>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapped to >>>> [FlowHandlerMapping.DefaultFlowHandler@5687bc9e]> >>>> 2020-09-07 18:47:30,875 DEBUG >>>> [org.springframework.webflow.executor.FlowExecutorImpl] - <Launching new >>>> execution of flow 'login' with input map['client_name' -> >>>> 'a204264-CodesESSO_DevDomain', 'code' -> >>>> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' -> >>>> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']> >>>> 2020-09-07 18:47:30,875 DEBUG >>>> [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl] >>>> - <Getting FlowDefinition with id 'login'> >>>> 2020-09-07 18:47:30,875 DEBUG >>>> [org.springframework.webflow.engine.impl.FlowExecutionImplFactory] - >>>> <Creating new execution of 'login'> >>>> 2020-09-07 18:47:30,876 DEBUG >>>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Starting in >>>> org.springframework.webflow.mvc.servlet.MvcExternalContext@68d39ed8 >>>> with input map['client_name' -> 'a204264-CodesESSO_DevDomain', 'code' -> >>>> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' -> >>>> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']> >>>> 2020-09-07 18:47:30,876 DEBUG [org.springframework.webflow.engine.Flow] >>>> - <Creating [FlowVariable@511bfc1c name = 'credential', valueFactory = >>>> [BeanFactoryVariableValueFactory@42331ab3 type = >>>> UsernamePasswordCredential]]> >>>> 2020-09-07 18:47:30,878 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> [EvaluateAction@4bf00528 expression = initialFlowSetupAction, >>>> resultExpression = [null]]> >>>> 2020-09-07 18:47:30,879 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Finished >>>> executing org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70; >>>> result = success> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Finished >>>> executing [EvaluateAction@4bf00528 expression = >>>> initialFlowSetupAction, resultExpression = [null]]; result = success> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> [EvaluateAction@68329dba expression = verifyRequiredServiceAction, >>>> resultExpression = [null]]> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Finished >>>> executing >>>> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a; >>>> result = success> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Finished >>>> executing [EvaluateAction@68329dba expression = >>>> verifyRequiredServiceAction, resultExpression = [null]]; result = success> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3 >>>> > >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Finished >>>> executing >>>> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3; >>>> result = null> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.engine.ActionState] - <Entering state >>>> 'delegatedAuthenticationAction' of flow 'login'> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> [EvaluateAction@7780b35 expression = delegatedAuthenticationAction, >>>> resultExpression = [null]]> >>>> 2020-09-07 18:47:30,885 DEBUG >>>> [org.springframework.webflow.execution.ActionExecutor] - <Executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f> >>>> 2020-09-07 18:47:30,887 DEBUG >>>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier >>>> could not found as part of the request parameters. Looking at state for the >>>> OAuth2/Oidc client> >>>> 2020-09-07 18:47:30,888 DEBUG >>>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated >>>> client identifier for this request as >>>> [Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]]> >>>> 2020-09-07 18:47:30,895 DEBUG >>>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated >>>> client identifier as [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]> >>>> 2020-09-07 18:47:30,898 DEBUG >>>> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Removing delegated >>>> client identifier [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8] from registry> >>>> 2020-09-07 18:47:30,904 DEBUG >>>> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket >>>> [TransientSessionTicketImpl(super=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8, >>>> service=null, properties={targetService=null, method=, service=null, >>>> theme=, locale=})] from the registry.> >>>> 2020-09-07 18:47:30,912 DEBUG >>>> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Delegated >>>> authentication client is [#GenericOAuth20Client# | name: >>>> a204264-CodesESSO_DevDomain | callbackUrl: >>>> https://mycompanydomain.com:8445/codesESSO/login | >>>> callbackUrlResolver: >>>> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b >>>> | ajaxRequestResolver: >>>> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 | >>>> redirectionActionBuilder: >>>> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 | >>>> credentialsExtractor: >>>> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6 >>>> | authenticator: >>>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 >>>> | profileCreator: >>>> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a | >>>> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX | >>>> secret: [protected] | tokenAsHeader: false | responseType: code | scope: >>>> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 | >>>> hasBeenCancelledFactory: >>>> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb >>>> | profileDefinition: >>>> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f >>>> | httpClientConfig: null | |] with service [null]> >>>> 2020-09-07 18:47:30,913 DEBUG >>>> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Fetching >>>> credentials from delegated client [#GenericOAuth20Client# | name: >>>> a204264-CodesESSO_DevDomain | callbackUrl: >>>> https://mycompanydomain.com:8445/codesESSO/login | >>>> callbackUrlResolver: >>>> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b >>>> | ajaxRequestResolver: >>>> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 | >>>> redirectionActionBuilder: >>>> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 | >>>> credentialsExtractor: >>>> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6 >>>> | authenticator: >>>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 >>>> | profileCreator: >>>> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a | >>>> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX | >>>> secret: [protected] | tokenAsHeader: false | responseType: code | scope: >>>> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 | >>>> hasBeenCancelledFactory: >>>> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb >>>> | profileDefinition: >>>> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f >>>> | httpClientConfig: null | |]> >>>> 2020-09-07 18:47:30,941 DEBUG >>>> [org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket >>>> [TransientSessionTicketImpl(super=TST-dc0a2fe1-45b6-400e-84ff-8b3563ef0882, >>>> service=null, properties={})].> >>>> 2020-09-07 18:47:30,947 DEBUG >>>> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] - >>>> <sessionState: TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 / stateParameter: >>>> Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]> >>>> 2020-09-07 18:47:30,947 DEBUG >>>> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] - >>>> <code: Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse> >>>> 2020-09-07 18:47:30,947 DEBUG >>>> [org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator] - <code: >>>> Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse> >>>> 2020-09-07 18:47:43,647 WARN >>>> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] - >>>> <[registry.json] does not match the recommended pattern >>>> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible, >>>> it's recommended that you rename the file to match the requested pattern to >>>> avoid issues with duplicate service loading. Future CAS versions may try to >>>> strictly force the naming syntax, refusing to load the file.> >>>> 2020-09-07 18:47:43,651 DEBUG >>>> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered >>>> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal >>>> identifier [10000001]> >>>> 2020-09-07 18:47:43,651 INFO >>>> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s) >>>> from [JsonServiceRegistry].> >>>> 2020-09-07 18:47:54,568 DEBUG >>>> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - >>>> <[c892txdctool1] trying to acquire [cas-ticket-registry-cleaner] lock.> >>>> 2020-09-07 18:47:54,590 DEBUG >>>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Cleaning >>>> up expired ticket [TST-f8c798e3-dbd1-4a00-981a-f430b891b36a]> >>>> 2020-09-07 18:47:54,591 DEBUG >>>> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket >>>> [TransientSessionTicketImpl(super=TST-f8c798e3-dbd1-4a00-981a-f430b891b36a, >>>> service=null, properties={})] from the registry.> >>>> 2020-09-07 18:47:54,600 INFO >>>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1] >>>> expired tickets removed.> >>>> 2020-09-07 18:47:54,601 DEBUG >>>> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <Releasing >>>> [cas-ticket-registry-cleaner] lock held by [c892txdctool1].> >>>> 2020-09-07 18:47:54,602 DEBUG >>>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished >>>> ticket cleanup.> >>>> 2020-09-07 18:48:43,656 WARN >>>> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] - >>>> <[registry.json] does not match the recommended pattern >>>> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible, >>>> it's recommended that you rename the file to match the requested pattern to >>>> avoid issues with duplicate service loading. Future CAS versions may try to >>>> strictly force the naming syntax, refusing to load the file.> >>>> 2020-09-07 18:48:43,660 DEBUG >>>> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered >>>> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal >>>> identifier [10000001]> >>>> 2020-09-07 18:48:43,661 INFO >>>> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s) >>>> from [JsonServiceRegistry].> >>>> 2020-09-07 18:49:38,301 DEBUG >>>> [org.pac4j.oauth.client.GenericOAuth20Client] - <Credentials validation >>>> took: 127354 ms> >>>> 2020-09-07 18:49:38,302 DEBUG >>>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting >>>> to handle [org.springframework.webflow.execution.ActionExecutionException: >>>> Exception thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]'] with root cause >>>> [org.pac4j.core.exception.HttpCommunicationException: Error getting >>>> token:Connection timed out (Connection timed out)]> >>>> 2020-09-07 18:49:38,302 DEBUG >>>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing >>>> unhandled flow execution exception> >>>> 2020-09-07 18:49:38,302 DEBUG >>>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the >>>> received exception >>>> [org.springframework.webflow.execution.ActionExecutionException: Exception >>>> thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]'] due to a type mismatch with >>>> handler [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]> >>>> 2020-09-07 18:49:38,302 DEBUG >>>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the >>>> received exception >>>> [org.springframework.webflow.execution.ActionExecutionException: Exception >>>> thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]'] due to a type mismatch with >>>> handler [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]> >>>> 2020-09-07 18:49:38,303 DEBUG >>>> [org.springframework.web.servlet.DispatcherServlet] - <Failed to complete >>>> request: org.springframework.webflow.execution.ActionExecutionException: >>>> Exception thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]'> >>>> 2020-09-07 18:49:38,304 DEBUG >>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>> - <SecurityContext is empty or contents are anonymous - context will not be >>>> stored in HttpSession.> >>>> 2020-09-07 18:49:38,304 DEBUG >>>> [org.springframework.security.web.context.SecurityContextPersistenceFilter] >>>> - <SecurityContextHolder now cleared, as request processing completed> >>>> 2020-09-07 18:49:38,304 ERROR >>>> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - >>>> <Forwarding to error page from request [/login] due to exception [Exception >>>> thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]']> >>>> org.springframework.webflow.execution.ActionExecutionException: >>>> Exception thrown executing >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f >>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>> execution attributes were 'map[[empty]]' >>>> at >>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at org.springframework.webflow.engine.State.enter(State.java:194) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at org.springframework.webflow.engine.Flow.start(Flow.java:527) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:139) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> ~[?:?] >>>> at >>>> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >>>> ~[?:?] >>>> at >>>> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> ~[?:?] >>>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] >>>> at >>>> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279) >>>> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) >>>> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1] >>>> at >>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) >>>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) >>>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at com.sun.proxy.$Proxy241.launchExecution(Unknown Source) ~[?:?] >>>> at >>>> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:264) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at >>>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040) >>>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943) >>>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) >>>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) >>>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) >>>> ~[servlet-api.jar:?] >>>> at >>>> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) >>>> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) >>>> ~[servlet-api.jar:?] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) >>>> ~[tomcat-websocket.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28) >>>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:411) >>>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:216) >>>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:67) >>>> ~[cas-server-core-web-api-6.1.7.jar:6.1.7] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) >>>> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128) >>>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE] >>>> at >>>> org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66) >>>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE] >>>> at >>>> org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103) >>>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121) >>>> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108) >>>> ~[spring-boot-actuator-2.2.0.RELEASE.jar:2.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99) >>>> ~[cas-server-core-logging-6.1.7.jar:6.1.7] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >>>> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) >>>> ~[inspektr-common-1.8.6.GA.jar:1.8.6.GA] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) >>>> ~[log4j-web-2.12.1.jar:2.12.1] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:185) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) >>>> ~[catalina.jar:9.0.12] >>>> at >>>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) >>>> ~[tomcat-coyote.jar:9.0.12] >>>> at >>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) >>>> ~[tomcat-coyote.jar:9.0.12] >>>> at >>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) >>>> ~[tomcat-coyote.jar:9.0.12] >>>> at >>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) >>>> ~[tomcat-coyote.jar:9.0.12] >>>> at >>>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) >>>> ~[tomcat-coyote.jar:9.0.12] >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) >>>> ~[?:?] >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) >>>> ~[?:?] >>>> at >>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >>>> ~[tomcat-util.jar:9.0.12] >>>> at java.lang.Thread.run(Thread.java:834) [?:?] >>>> Caused by: org.pac4j.core.exception.HttpCommunicationException: Error >>>> getting token:Connection timed out (Connection timed out) >>>> at >>>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.retrieveAccessToken(OAuth20Authenticator.java:36) >>>> ~[pac4j-oauth-4.0.3.jar:?] >>>> at >>>> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:38) >>>> ~[pac4j-oauth-4.0.3.jar:?] >>>> at >>>> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.validate(OAuth20Authenticator.java:20) >>>> ~[pac4j-oauth-4.0.3.jar:?] >>>> at >>>> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:20) >>>> ~[pac4j-oauth-4.0.3.jar:?] >>>> at >>>> org.pac4j.core.client.BaseClient.lambda$retrieveCredentials$0(BaseClient.java:70) >>>> ~[pac4j-core-4.0.3.jar:?] >>>> at java.util.Optional.ifPresent(Optional.java:183) ~[?:?] >>>> at >>>> org.pac4j.core.client.BaseClient.retrieveCredentials(BaseClient.java:67) >>>> ~[pac4j-core-4.0.3.jar:?] >>>> at >>>> org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:144) >>>> ~[pac4j-core-4.0.3.jar:?] >>>> at >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.getCredentialsFromDelegatedClient(DelegatedClientAuthenticationAction.java:254) >>>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7] >>>> at >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.populateContextWithClientCredential(DelegatedClientAuthenticationAction.java:240) >>>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7] >>>> at >>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:213) >>>> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7] >>>> at >>>> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> at jdk.internal.reflect.GeneratedMethodAccessor196.invoke(Unknown >>>> Source) ~[?:?] >>>> at >>>> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> ~[?:?] >>>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] >>>> at >>>> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279) >>>> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) >>>> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1] >>>> at >>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) >>>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at >>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) >>>> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE] >>>> at com.sun.proxy.$Proxy228.execute(Unknown Source) ~[?:?] >>>> at >>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) >>>> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE] >>>> ... 119 more >>>> 2020-09-07 18:49:38,308 DEBUG >>>> [org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch >>>> for GET >>>> "/codesESSO/error?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain", >>>> parameters={masked}> >>>> 2020-09-07 18:49:38,310 DEBUG >>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>> - <Mapped to >>>> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, >>>> HttpServletResponse)> >>>> 2020-09-07 18:49:38,432 DEBUG >>>> [org.springframework.web.servlet.view.ContentNegotiatingViewResolver] - >>>> <Selected 'text/html' given [text/html, text/html;q=0.8]> >>>> >>>> >>>> >>>> Thanks >>>> >>>> On Friday, September 4, 2020 at 3:07:18 AM UTC-5 leleuj wrote: >>>> >>>>> Hi, >>>>> >>>>> I would have expected the *val url = httpUrl.replace("http", >>>>> "https");* solution to work. >>>>> >>>>> You may also try to set the "secure" flag in the Tomcat connector. >>>>> >>>>> Thanks. >>>>> Best regards, >>>>> Jérôme >>>>> >>>>> >>>>> Le jeu. 3 sept. 2020 à 18:48, Joe Manavalan <[email protected]> a >>>>> écrit : >>>>> >>>>>> I was told there is BIG-IP which counts as reverse proxy in front of >>>>>> tomcat. Are there any specific settings to resolve this ? >>>>>> FYI : We have CAS war deployed in tomcat 8.5 [Not in embedded tomcat] >>>>>> >>>>>> Thanks >>>>>> Joe >>>>>> >>>>>> >>>>>> On Monday, August 31, 2020 at 6:01:46 PM UTC-5 Joe Manavalan wrote: >>>>>> >>>>>>> Thanks Jerome for the response. >>>>>>> >>>>>>> I am checking with the network team about the reverse proxy.. >>>>>>> request.getRequestURL() is coming in as "http " >>>>>>> >>>>>>> Following is the log >>>>>>> >>>>>>> >>>>>>> 2020-08-31 17:45:43,157 DEBUG >>>>>>> [org.springframework.security.web.FilterChainProxy] - >>>>>>> </login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s >>>>>>> reached end of additional filter chain; proceeding with original chain> >>>>>>> 2020-08-31 17:45:43,164 DEBUG >>>>>>> [org.springframework.web.servlet.DispatcherServlet] - <GET >>>>>>> "/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s", >>>>>>> parameters={masked}> >>>>>>> 2020-08-31 17:45:43,167 DEBUG >>>>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>>>>> - <Mapped to >>>>>>> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String, >>>>>>> HttpServletRequest, HttpServletResponse)> >>>>>>> 2020-08-31 17:45:43,201 DEBUG >>>>>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response >>>>>>> for >>>>>>> client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],> >>>>>>> >>>>>>> >>>>>>> I manually added a http to https replace here in >>>>>>> BaseDelegatedAuthenticationController for testing >>>>>>> val url = httpUrl.replace("http", "https"); >>>>>>> >>>>>>> >>>>>>> 2020-08-31 17:45:43,204 DEBUG >>>>>>> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a >>>>>>> response for client [a204264-CodesESSO_Dev], redirecting the login flow >>>>>>> [https:// >>>>>>> <domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]> >>>>>>> >>>>>>> Ended up throwing an error [Which I believe is expected due to the >>>>>>> manipulation] >>>>>>> org.springframework.webflow.execution.ActionExecutionException: >>>>>>> Exception thrown executing >>>>>>> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec >>>>>>> in state 'delegatedAuthenticationAction' of flow 'login' -- action >>>>>>> execution attributes were 'map[[empty]]' >>>>>>> at >>>>>>> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62) >>>>>>> at >>>>>>> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) >>>>>>> >>>>>>> On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> This redirection relies on: request.getRequestURL() >>>>>>>> Do you have some reverse proxy in front of your Tomcat? >>>>>>>> Thanks. >>>>>>>> Best regards, >>>>>>>> Jérôme >>>>>>>> >>>>>>>> >>>>>>>> Le jeu. 27 août 2020 à 17:20, Joe Manavalan <[email protected]> >>>>>>>> a écrit : >>>>>>>> >>>>>>>>> I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. >>>>>>>>> The app works fine in my local windows machine on an https port >>>>>>>>> When deployed in unix with the same setting [except the url has >>>>>>>>> domain name instead of server name] the app after authenticating with >>>>>>>>> the >>>>>>>>> external oauth2 provider redirects the url to an http port as shown >>>>>>>>> below >>>>>>>>> This is the redirect url configured and get successfully >>>>>>>>> redirected after authentication and authorization based on the >>>>>>>>> browser trace >>>>>>>>> https:// >>>>>>>>> <domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName> >>>>>>>>> It then gets redirected to the below http port instead of the >>>>>>>>> expected https port >>>>>>>>> >>>>>>>>> http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName> >>>>>>>>> >>>>>>>>> Is this some configuration in CAS or need to be investigated on >>>>>>>>> the network side ? >>>>>>>>> Any help appreciated >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> - Website: https://apereo.github.io/cas >>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>>>> --- >>>>>>>>> You received this message because you are subscribed to the Google >>>>>>>>> Groups "CAS Community" group. >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>> send an email to [email protected]. >>>>>>>>> To view this discussion on the web visit >>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org >>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer> >>>>>>>>> . >>>>>>>>> >>>>>>>> -- >>>>>>>> - Website: https://apereo.github.io/cas >>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>>> --- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "CAS Community" group. >>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to [email protected]. >>>>>>>> >>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com >>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> >>>>>>> -- >>>>>> - Website: https://apereo.github.io/cas >>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "CAS Community" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> >>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org >>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lypq%3DABn7%2BfJ%2B0awfMnYa3RsCRwKJsu%3D_P60E%3D9LUY%2B9A%40mail.gmail.com.
