Thank you for your responses. It only customized the login form adding some warnings about usage.
It doesnt have a proxy, or cache... At the beginning we had a load balancer (haproxy) serving a CAS cluster, but, mitigating this issue, I removed it for simplifying the installation and because it has an open issue that I thought it might be related (https://github.com/haproxy/haproxy/issues/583). Since then I have only one CAS working directly and the problem persists. After Richard's reply I extended my investigation to the LDAP server and found that the node I was using was very old and unmaintained 389-ds. Then I switched the config to a new one. Since that I have few hours without incidents. I hope it keeps like that. On Friday, October 9, 2020 at 8:33:35 AM UTC-3 [email protected] wrote: > > > There’s not a caching proxy in front of your application is there? If so > make sure caching is switched off, we’ve seen something similar and the > cache was the problem. > > > > Duncan > > > > *From:* 'Richard Frovarp' via CAS Community <[email protected]> > *Sent:* 08 October 2020 19:04 > *To:* [email protected] > *Subject:* Re: [cas-user] Wrong user authenticated > > > > Probably not? That sounds like code that is being hit somewhere that isn't > thread safe. The built in LDAP code to CAS should be just fine with that > respect. Assuming you're using a well supported LDAP server that wouldn't > have thread issues? I don't know how a HTTP proxy would impact this. I > guess the question is, do you have any custom code anywhere in the network > or login flow? > > > > On Thu, 2020-10-08 at 14:59 -0300, Danilo Mendes wrote: > > My server is hosted on a vmware4 server and I`ve followed a lead about > entropy and noted that /dev/random dont play well with VMs. > > > > Do any of you think it could be related? > > > -- > > Danilo Mendes > > > > > > On Tue, Oct 6, 2020 at 11:06 AM Danilo Mendes <[email protected]> wrote: > > Hello, > > > > I have a 6.1.7.1 installation authenticating gsuite apps against a LDAP > directory. It`s configured using standalone profile. > > > > Most of the time it works OK, but sometimes when two users tries to > authenticate at the same time it sends wrong responses and User A opens > User B account. > > > > Can you o help me debugging? Or to point a direction I can follow? > > > > Thank you. > > > > > > -- > - Website: *MailScanner has detected a possible fraud attempt from > "eur01.safelinks.protection.outlook.com" claiming to be* > https://apereo.github.io/cas > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapereo.github.io%2Fcas&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395833552&sdata=gv9iY1GuiNK2xD3Kw5MoalQfp7Jn4R2QyGA0Hzu3%2F7s%3D&reserved=0> > - Gitter Chatroom: *MailScanner has detected a possible fraud attempt > from "eur01.safelinks.protection.outlook.com" claiming to be* > https://gitter.im/apereo/cas > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgitter.im%2Fapereo%2Fcas&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395843509&sdata=IhZb3tCKi2nNjYhq8t7mvm4A1qgVmBEaHsFkiRcks2Q%3D&reserved=0> > - List Guidelines: *MailScanner has detected a possible fraud attempt > from "eur01.safelinks.protection.outlook.com" claiming to be* > https://goo.gl/1VRrw7 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2F1VRrw7&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395843509&sdata=ZYWViAnDEovOpZSNb7HpXoOKSZbE9HTGY9geOosDKks%3D&reserved=0> > - Contributions: *MailScanner has detected a possible fraud attempt from > "eur01.safelinks.protection.outlook.com" claiming to be* > https://goo.gl/mh7qDG > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2Fmh7qDG&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395853474&sdata=0Lhx3yQCAPcQX%2FywERDk3Anp%2FmFSo%2BAVNWUYelB7slo%3D&reserved=0> > > > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > To view this discussion on the web visit *MailScanner has detected a > possible fraud attempt from "eur01.safelinks.protection.outlook.com" > claiming to be* > https://groups.google.com/a/apereo.org/d/msgid/cas-user/c03472f2-56d5-4357-9af6-94f4f045728fn%40apereo.org > > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fa%2Fapereo.org%2Fd%2Fmsgid%2Fcas-user%2Fc03472f2-56d5-4357-9af6-94f4f045728fn%2540apereo.org%3Futm_medium%3Demail%26utm_source%3Dfooter&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395853474&sdata=gGL%2FnvjuCI3Yigr5AJ46WUZLq2o%2FqhShe3sBMiMExIk%3D&reserved=0> > . > > -- > - Website: *MailScanner has detected a possible fraud attempt from > "eur01.safelinks.protection.outlook.com" claiming to be* > https://apereo.github.io/cas > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapereo.github.io%2Fcas&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395853474&sdata=%2Fxh1VxJSveY43EaRqmYEFY6HeJGRqf3ksKPO3SzVhWQ%3D&reserved=0> > - Gitter Chatroom: *MailScanner has detected a possible fraud attempt > from "eur01.safelinks.protection.outlook.com" claiming to be* > https://gitter.im/apereo/cas > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgitter.im%2Fapereo%2Fcas&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395863429&sdata=rKPdXvkPIyUeh0MzxjATyVN0aIRbkOSp%2BO0lO4tfh2k%3D&reserved=0> > - List Guidelines: *MailScanner has detected a possible fraud attempt > from "eur01.safelinks.protection.outlook.com" claiming to be* > https://goo.gl/1VRrw7 > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2F1VRrw7&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395863429&sdata=VtK3jn%2B9advdjmkfUQCiwZjUQNpgX0hgtLaV7bpVyyk%3D&reserved=0> > - Contributions: *MailScanner has detected a possible fraud attempt from > "eur01.safelinks.protection.outlook.com" claiming to be* > https://goo.gl/mh7qDG > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2Fmh7qDG&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395863429&sdata=xIKZR%2F9fioPv0ubk1t7gsjeyqbSAyw01MPvn80%2B4rt8%3D&reserved=0> > > > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > To view this discussion on the web visit *MailScanner has detected a > possible fraud attempt from "eur01.safelinks.protection.outlook.com" > claiming to be* > https://groups.google.com/a/apereo.org/d/msgid/cas-user/92192eff7187568875d6f6e91a2d5072a6de937b.camel%40ndsu.edu > > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fa%2Fapereo.org%2Fd%2Fmsgid%2Fcas-user%2F92192eff7187568875d6f6e91a2d5072a6de937b.camel%2540ndsu.edu%3Futm_medium%3Demail%26utm_source%3Dfooter&data=02%7C01%7Cdbb%40st-andrews.ac.uk%7Ccc2aab8a764544c8cdf208d86bb47d16%7Cf85626cb0da849d3aa5864ef678ef01a%7C0%7C0%7C637377771395873383&sdata=cOKa224dsbfpCTXMKxCX3M%2FzFofIJzAuq2s%2F3cnzcvA%3D&reserved=0> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/45aee3b8-ca6e-4f0e-8843-b389068f3f54n%40apereo.org.
