Joe,
If you built those jars, you can install them to your company repo with gradle
install.
You then include them like all the others in the dependencies section. Make
sure you add your company repo to the repos section of build.gradle. (It may
have to be first in the list.)
Ray
On Wed, 2020-09-16 at 22:22 -0700, Joe Manavalan wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hi Jerome,
Where do we add custom jars in the project to be included in the build ? I am
using cas overlay template 6.1, building war, and deploying in tomcat [not
embedded tomcat]
Also how do we restrict specific version of jars being pulled in by Gradle
build ?
After using custom JDKHttpClient with modified JDKHttpClientConfig using proxy,
redirection issue [https to http ] was resolved with replace method in
BaseDelegatedAuthenticationController
[val url = httpUrl.replace("http", "https");]
So I need to use 2 custom jars
cas-server-support-pac4j-webflow-6.1.7.jar
scribejava-core-6.9.0.jar
Thanks
Joe
Thanks
Joe
On Tuesday, September 15, 2020 at 11:35:30 AM UTC-5 leleuj wrote:
Hi,
In fact, I meant that you should set the Proxy in a specific
JDKHttpClientConfig and instantiate a specific JDKHttpClient with that. Instead
of using it directly for the HttpURLConnection.
This may not be possible though... I haven't tested it...
Thanks.
Best regards,
Jérôme
Le mar. 15 sept. 2020 à 18:28, Joe Manavalan <[email protected]> a écrit :
Hi Jerome,
For some reason com.github.scribejava.core.httpclient.jdk.JDKHttpClient.java is
not using the proxy from jvm arguments even though the arguments are reaching
the class.
Finally when I explicitly use a proxy in the connection, everything works. Do
you think this is the right approach ? Or am I missing any properties which is
causing the client not to use proxy ?
final Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("proxy",
80));
final HttpURLConnection connection = (HttpURLConnection) new
URL(completeUrl).openConnection(proxy);
Thanks again for your tips.
Joe
On Thursday, September 10, 2020 at 1:06:01 AM UTC-5 leleuj wrote:
Hi,
pac4j relies on ScribeJava to handle the OAuth protocol communications.
This library itself relies on an internal HTTP client for HTTP calls: by
default, it's the JDKHttpClient.
And you can set a Proxy at this level. But this must be done programmatically.
You should put some breakpoint in the OAuth20Authenticator.
Thanks.
Best regards,
Jérôme
Le jeu. 10 sept. 2020 à 05:30, Joe Manavalan <[email protected]> a écrit :
Unfortunately I did not get any additional logs from either of the packages.
On Wednesday, September 9, 2020 at 5:45:55 AM UTC-5 leleuj wrote:
Hi,
You should turn on DEBUG logs on org.pac4j and com.github.scribejava.
Thanks.
Best regards,
Jérôme
Le mer. 9 sept. 2020 à 06:42, Joe Manavalan <[email protected]> a écrit :
Hi Jerome,
Are there any logs we can get to see the timed out request url?
btw I tried adding the proxy host and port as jvm arguments with the same
connection timed out error.
Thanks
Joe
On Tuesday, September 8, 2020 at 7:49:32 PM UTC-5 Joe Manavalan wrote:
HiJerome,
It appears that the token server cannot be reached directly but has to go via a
proxy.
Is there a property in cas to specify the proxy url and port ? or this has to
be a network settings on the server ?
Thanks
Joe
On Tuesday, September 8, 2020 at 1:00:12 AM UTC-5 leleuj wrote:
Hi,
During the authentication process, CAS via pac4j tries to directly contact the
identity provider to retrieve the access token.
The "connection timeout" means that the identity provider is not directly
reachable from the CAS server. Maybe a mismatch in the URL definition or a
proxy setting on the CAS server.
Thanks.
Best regards,
Jérôme
Le mar. 8 sept. 2020 à 03:34, Joe Manavalan <[email protected]> a écrit :
Hi Jerome,
For testing I set up the server name as the url. And now I have the redirect
url coming correctly but its timing out when getting authentication Object.
since the error is from pac4j, I also posted a message in pac4j group too..
Following is the trace from log. Would it help trying a different version of
pac4j ?
2020-09-07 18:47:30,765 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8
reached end of additional filter chain; proceeding with original chain>
2020-09-07 18:47:30,772 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8",
parameters={masked}>
2020-09-07 18:47:30,774 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
HttpServletRequest, HttpServletResponse)>
2020-09-07 18:47:30,775 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
response for client [a204264-CodesESSO_DevDomain], redirecting the login flow
[https://mycompanydomain.com:8445/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain]>
2020-09-07 18:47:30,786 DEBUG
[org.springframework.web.servlet.view.RedirectView] - <View [RedirectView],
model {}>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <SecurityContext is empty or contents are anonymous - context will not be
stored in HttpSession.>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Completed 302 FOUND>
2020-09-07 18:47:30,787 DEBUG
[org.springframework.security.web.access.ExceptionTranslationFilter] - <Chain
processed normally>
2020-09-07 18:47:30,788 DEBUG
[org.springframework.security.web.context.SecurityContextPersistenceFilter] -
<SecurityContextHolder now cleared, as request processing completed>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 1 of 9 in additional filter chain; firing Filter:
'ChannelProcessingFilter'>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 2 of 9 in additional filter chain; firing Filter:
'WebAsyncManagerIntegrationFilter'>
2020-09-07 18:47:30,860 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 3 of 9 in additional filter chain; firing Filter:
'SecurityContextPersistenceFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <No HttpSession currently exists>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <No SecurityContext was available from the HttpSession: null. A new one will
be created.>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 4 of 9 in additional filter chain; firing Filter:
'RequestCacheAwareFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.savedrequest.HttpSessionRequestCache] -
<saved request doesn't match>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 5 of 9 in additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 6 of 9 in additional filter chain; firing Filter:
'AnonymousAuthenticationFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
- <Populated SecurityContextHolder with anonymous token:
'org.springframework.security.authentication.AnonymousAuthenticationToken@11ef9e01:
Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.98.183.5; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 7 of 9 in additional filter chain; firing Filter:
'SessionManagementFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 8 of 9 in additional filter chain; firing Filter:
'ExceptionTranslationFilter'>
2020-09-07 18:47:30,861 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
at position 9 of 9 in additional filter chain; firing Filter:
'FilterSecurityInterceptor'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/null/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/null/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <No matches
found>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/css/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/css/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/js/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/js/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/images/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/images/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/webjars/**']>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/webjars/**'>
2020-09-07 18:47:30,864 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying to
match using Ant [pattern='/**/favicon.ico']>
2020-09-07 18:47:30,867 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/**/favicon.ico'>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.OrRequestMatcher] - <No matches
found>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/resources/**'>
2020-09-07 18:47:30,868 DEBUG
[org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
<Checking match of request : '/login'; against '/static/**'>
2020-09-07 18:47:30,869 DEBUG
[org.springframework.security.web.access.intercept.FilterSecurityInterceptor] -
<Public object - authentication not attempted>
2020-09-07 18:47:30,869 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
reached end of additional filter chain; proceeding with original chain>
2020-09-07 18:47:30,870 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
parameters={masked}>
2020-09-07 18:47:30,872 DEBUG
[org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping request
with URI '/codesESSO/login' to flow with id 'login'>
2020-09-07 18:47:30,873 DEBUG
[org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapped to
[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.executor.FlowExecutorImpl] - <Launching new
execution of flow 'login' with input map['client_name' ->
'a204264-CodesESSO_DevDomain', 'code' ->
'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl] -
<Getting FlowDefinition with id 'login'>
2020-09-07 18:47:30,875 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImplFactory] - <Creating
new execution of 'login'>
2020-09-07 18:47:30,876 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Starting in
org.springframework.webflow.mvc.servlet.MvcExternalContext@68d39ed8 with input
map['client_name' -> 'a204264-CodesESSO_DevDomain', 'code' ->
'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
2020-09-07 18:47:30,876 DEBUG [org.springframework.webflow.engine.Flow] -
<Creating [FlowVariable@511bfc1c name = 'credential', valueFactory =
[BeanFactoryVariableValueFactory@42331ab3 type = UsernamePasswordCredential]]>
2020-09-07 18:47:30,878 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@4bf00528 expression = initialFlowSetupAction, resultExpression
= [null]]>
2020-09-07 18:47:30,879 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished executing
org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70; result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished executing
[EvaluateAction@4bf00528 expression = initialFlowSetupAction, resultExpression
= [null]]; result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@68329dba expression = verifyRequiredServiceAction,
resultExpression = [null]]>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished executing
org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a; result =
success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished executing
[EvaluateAction@68329dba expression = verifyRequiredServiceAction,
resultExpression = [null]]; result = success>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Finished executing
org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3;
result = null>
2020-09-07 18:47:30,885 DEBUG [org.springframework.webflow.engine.ActionState]
- <Entering state 'delegatedAuthenticationAction' of flow 'login'>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
[EvaluateAction@7780b35 expression = delegatedAuthenticationAction,
resultExpression = [null]]>
2020-09-07 18:47:30,885 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - <Executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f>
2020-09-07 18:47:30,887 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier could
not found as part of the request parameters. Looking at state for the
OAuth2/Oidc client>
2020-09-07 18:47:30,888 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client
identifier for this request as
[Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]]>
2020-09-07 18:47:30,895 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client
identifier as [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
2020-09-07 18:47:30,898 DEBUG
[org.apereo.cas.web.DelegatedClientWebflowManager] - <Removing delegated client
identifier [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8] from registry>
2020-09-07 18:47:30,904 DEBUG
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
[TransientSessionTicketImpl(super=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8,
service=null, properties={targetService=null, method=, service=null, theme=,
locale=})] from the registry.>
2020-09-07 18:47:30,912 DEBUG
[org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Delegated
authentication client is [#GenericOAuth20Client# | name:
a204264-CodesESSO_DevDomain | callbackUrl:
https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
ajaxRequestResolver:
org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
redirectionActionBuilder:
org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
credentialsExtractor:
org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6 |
authenticator:
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
profileCreator: org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a
| configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
secret: [protected] | tokenAsHeader: false | responseType: code | scope: null |
api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
hasBeenCancelledFactory:
org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
| profileDefinition:
org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
httpClientConfig: null | |] with service [null]>
2020-09-07 18:47:30,913 DEBUG
[org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Fetching
credentials from delegated client [#GenericOAuth20Client# | name:
a204264-CodesESSO_DevDomain | callbackUrl:
https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
ajaxRequestResolver:
org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
redirectionActionBuilder:
org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
credentialsExtractor:
org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6 |
authenticator:
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
profileCreator: org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a
| configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
secret: [protected] | tokenAsHeader: false | responseType: code | scope: null |
api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
hasBeenCancelledFactory:
org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
| profileDefinition:
org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
httpClientConfig: null | |]>
2020-09-07 18:47:30,941 DEBUG
[org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket
[TransientSessionTicketImpl(super=TST-dc0a2fe1-45b6-400e-84ff-8b3563ef0882,
service=null, properties={})].>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
<sessionState: TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 / stateParameter:
Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] - <code:
Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
2020-09-07 18:47:30,947 DEBUG
[org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator] - <code:
Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
2020-09-07 18:47:43,647 WARN
[org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
<[registry.json] does not match the recommended pattern [(\w+)-(\d+)\.json].
While CAS tries to be forgiving as much as possible, it's recommended that you
rename the file to match the requested pattern to avoid issues with duplicate
service loading. Future CAS versions may try to strictly force the naming
syntax, refusing to load the file.>
2020-09-07 18:47:43,651 DEBUG [org.apereo.cas.services.AbstractServicesManager]
- <Adding registered service [^(https|http|imaps)://.*] with name [HTTPS and
IMAPS] and internal identifier [10000001]>
2020-09-07 18:47:43,651 INFO [org.apereo.cas.services.AbstractServicesManager]
- <Loaded [1] service(s) from [JsonServiceRegistry].>
2020-09-07 18:47:54,568 DEBUG
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <[c892txdctool1]
trying to acquire [cas-ticket-registry-cleaner] lock.>
2020-09-07 18:47:54,590 DEBUG
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Cleaning up
expired ticket [TST-f8c798e3-dbd1-4a00-981a-f430b891b36a]>
2020-09-07 18:47:54,591 DEBUG
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
[TransientSessionTicketImpl(super=TST-f8c798e3-dbd1-4a00-981a-f430b891b36a,
service=null, properties={})] from the registry.>
2020-09-07 18:47:54,600 INFO
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1] expired
tickets removed.>
2020-09-07 18:47:54,601 DEBUG
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <Releasing
[cas-ticket-registry-cleaner] lock held by [c892txdctool1].>
2020-09-07 18:47:54,602 DEBUG
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished
ticket cleanup.>
2020-09-07 18:48:43,656 WARN
[org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
<[registry.json] does not match the recommended pattern [(\w+)-(\d+)\.json].
While CAS tries to be forgiving as much as possible, it's recommended that you
rename the file to match the requested pattern to avoid issues with duplicate
service loading. Future CAS versions may try to strictly force the naming
syntax, refusing to load the file.>
2020-09-07 18:48:43,660 DEBUG [org.apereo.cas.services.AbstractServicesManager]
- <Adding registered service [^(https|http|imaps)://.*] with name [HTTPS and
IMAPS] and internal identifier [10000001]>
2020-09-07 18:48:43,661 INFO [org.apereo.cas.services.AbstractServicesManager]
- <Loaded [1] service(s) from [JsonServiceRegistry].>
2020-09-07 18:49:38,301 DEBUG [org.pac4j.oauth.client.GenericOAuth20Client] -
<Credentials validation took: 127354 ms>
2020-09-07 18:49:38,302 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting to
handle [org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'] with root cause
[org.pac4j.core.exception.HttpCommunicationException: Error getting
token:Connection timed out (Connection timed out)]>
2020-09-07 18:49:38,302 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing
unhandled flow execution exception>
2020-09-07 18:49:38,302 DEBUG
[org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the received
exception [org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'] due to a type mismatch with handler
[[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
2020-09-07 18:49:38,302 DEBUG
[org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the received
exception [org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'] due to a type mismatch with handler
[[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
2020-09-07 18:49:38,303 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Failed to complete
request: org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'>
2020-09-07 18:49:38,304 DEBUG
[org.springframework.security.web.context.HttpSessionSecurityContextRepository]
- <SecurityContext is empty or contents are anonymous - context will not be
stored in HttpSession.>
2020-09-07 18:49:38,304 DEBUG
[org.springframework.security.web.context.SecurityContextPersistenceFilter] -
<SecurityContextHolder now cleared, as request processing completed>
2020-09-07 18:49:38,304 ERROR
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to
error page from request [/login] due to exception [Exception thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]']>
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at org.springframework.webflow.engine.State.enter(State.java:194)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at org.springframework.webflow.engine.Flow.start(Flow.java:527)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:139)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at com.sun.proxy.$Proxy241.launchExecution(Unknown Source) ~[?:?]
at
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:264)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
~[servlet-api.jar:?]
at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
~[servlet-api.jar:?]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
~[tomcat-websocket.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:411)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:216)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:67)
~[cas-server-core-web-api-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108)
~[spring-boot-actuator-2.2.0.RELEASE.jar:2.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99)
~[cas-server-core-logging-6.1.7.jar:6.1.7]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
~[inspektr-common-1.8.6.GA.jar:1.8.6.GA<http://1.8.6.GA>]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
~[log4j-web-2.12.1.jar:2.12.1]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:185)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
~[catalina.jar:9.0.12]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
~[catalina.jar:9.0.12]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
~[catalina.jar:9.0.12]
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
~[catalina.jar:9.0.12]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
~[catalina.jar:9.0.12]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
~[catalina.jar:9.0.12]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
~[tomcat-coyote.jar:9.0.12]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
~[tomcat-coyote.jar:9.0.12]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[?:?]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-util.jar:9.0.12]
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: org.pac4j.core.exception.HttpCommunicationException: Error getting
token:Connection timed out (Connection timed out)
at
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.retrieveAccessToken(OAuth20Authenticator.java:36)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:38)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.validate(OAuth20Authenticator.java:20)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:20)
~[pac4j-oauth-4.0.3.jar:?]
at
org.pac4j.core.client.BaseClient.lambda$retrieveCredentials$0(BaseClient.java:70)
~[pac4j-core-4.0.3.jar:?]
at java.util.Optional.ifPresent(Optional.java:183) ~[?:?]
at org.pac4j.core.client.BaseClient.retrieveCredentials(BaseClient.java:67)
~[pac4j-core-4.0.3.jar:?]
at org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:144)
~[pac4j-core-4.0.3.jar:?]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.getCredentialsFromDelegatedClient(DelegatedClientAuthenticationAction.java:254)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.populateContextWithClientCredential(DelegatedClientAuthenticationAction.java:240)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:213)
~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at jdk.internal.reflect.GeneratedMethodAccessor196.invoke(Unknown Source) ~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
at com.sun.proxy.$Proxy228.execute(Unknown Source) ~[?:?]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
... 119 more
2020-09-07 18:49:38,308 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch for
GET
"/codesESSO/error?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
parameters={masked}>
2020-09-07 18:49:38,310 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest,
HttpServletResponse)>
2020-09-07 18:49:38,432 DEBUG
[org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
<Selected 'text/html' given [text/html, text/html;q=0.8]>
Thanks
On Friday, September 4, 2020 at 3:07:18 AM UTC-5 leleuj wrote:
Hi,
I would have expected the val url = httpUrl.replace("http", "https"); solution
to work.
You may also try to set the "secure" flag in the Tomcat connector.
Thanks.
Best regards,
Jérôme
Le jeu. 3 sept. 2020 à 18:48, Joe Manavalan <[email protected]> a écrit :
I was told there is BIG-IP which counts as reverse proxy in front of tomcat.
Are there any specific settings to resolve this ?
FYI : We have CAS war deployed in tomcat 8.5 [Not in embedded tomcat]
Thanks
Joe
On Monday, August 31, 2020 at 6:01:46 PM UTC-5 Joe Manavalan wrote:
Thanks Jerome for the response.
I am checking with the network team about the reverse proxy..
request.getRequestURL() is coming in as "http "
Following is the log
2020-08-31 17:45:43,157 DEBUG
[org.springframework.security.web.FilterChainProxy] -
</login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s
reached end of additional filter chain; proceeding with original chain>
2020-08-31 17:45:43,164 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <GET
"/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s",
parameters={masked}>
2020-08-31 17:45:43,167 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
HttpServletRequest, HttpServletResponse)>
2020-08-31 17:45:43,201 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response for
client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],>
I manually added a http to https replace here in
BaseDelegatedAuthenticationController for testing
val url = httpUrl.replace("http", "https");
2020-08-31 17:45:43,204 DEBUG
[org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
response for client [a204264-CodesESSO_Dev], redirecting the login flow
[https://<domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]>
Ended up throwing an error [Which I believe is expected due to the
manipulation]
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing
org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec in state
'delegatedAuthenticationAction' of flow 'login' -- action execution attributes
were 'map[[empty]]'
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <[email protected]> wrote:
Hi,
This redirection relies on: request.getRequestURL()
Do you have some reverse proxy in front of your Tomcat?
Thanks.
Best regards,
Jérôme
Le jeu. 27 août 2020 à 17:20, Joe Manavalan <[email protected]> a écrit :
I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. The app works
fine in my local windows machine on an https port
When deployed in unix with the same setting [except the url has domain name
instead of server name] the app after authenticating with the external oauth2
provider redirects the url to an http port as shown below
This is the redirect url configured and get successfully redirected after
authentication and authorization based on the browser trace
https://<domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName>
It then gets redirected to the below http port instead of the expected https
port
http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName>
Is this some configuration in CAS or need to be investigated on the network
side ?
Any help appreciated
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org?utm_medium=email&utm_source=footer>.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/17bcdb278e443c0f422767cd559e73ad4607e0b7.camel%40uvic.ca.
