Thanks Ray for the response.
I did create the jar and copied to the lib folder of the project. When the
war gets deployed, my custom jar is deployed instead of the one pulled in.
Since I am only specifying the versions of CAS and PAC4J, I was not sure
whether there is a possibility of a different version of
cas-server-support-pac4j-webflow-?.jar or scribejava-core-?.jar being
pulled in, in the future.
Thanks
joe
On Thursday, September 17, 2020 at 11:21:44 AM UTC-5 Ray Bon wrote:
> Joe,
>
> If you built those jars, you can install them to your company repo with
> gradle install.
> You then include them like all the others in the dependencies section.
> Make sure you add your company repo to the repos section of build.gradle.
> (It may have to be first in the list.)
>
>
> Ray
>
> On Wed, 2020-09-16 at 22:22 -0700, Joe Manavalan wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
>
> Hi Jerome,
> Where do we add custom jars in the project to be included in the build ? I
> am using cas overlay template 6.1, building war, and deploying in tomcat
> [not embedded tomcat]
> Also how do we restrict specific version of jars being pulled in by Gradle
> build ?
>
> After using custom JDKHttpClient with modified JDKHttpClientConfig using
> proxy, redirection issue [https to http ] was resolved with replace method
> in BaseDelegatedAuthenticationController
> [val url = httpUrl.replace("http", "https");]
>
> So I need to use 2 custom jars
> cas-server-support-pac4j-webflow-6.1.7.jar
> scribejava-core-6.9.0.jar
>
> Thanks
> Joe
>
>
> Thanks
> Joe
>
> On Tuesday, September 15, 2020 at 11:35:30 AM UTC-5 leleuj wrote:
>
> Hi,
>
> In fact, I meant that you should set the *Proxy* in a specific
> JDKHttpClientConfig and instantiate a specific JDKHttpClient with that.
> Instead of using it directly for the *HttpURLConnection*.
> This may not be possible though... I haven't tested it...
> Thanks.
> Best regards,
> Jérôme
>
>
> Le mar. 15 sept. 2020 à 18:28, Joe Manavalan <[email protected]> a
> écrit :
>
> Hi Jerome,
>
> For some reason
> com.github.scribejava.core.httpclient.jdk.JDKHttpClient.java is not using
> the proxy from jvm arguments even though the arguments are reaching the
> class.
>
> Finally when I explicitly use a proxy in the connection, everything
> works. Do you think this is the right approach ? Or am I missing any
> properties which is causing the client not to use proxy ?
>
> final Proxy proxy = new Proxy(Proxy.Type.HTTP, new
> InetSocketAddress("proxy", 80));
> final HttpURLConnection connection = (HttpURLConnection) new
> URL(completeUrl).openConnection(proxy);
>
> Thanks again for your tips.
> Joe
>
> On Thursday, September 10, 2020 at 1:06:01 AM UTC-5 leleuj wrote:
>
> Hi,
>
> pac4j relies on ScribeJava to handle the OAuth protocol communications.
> This library itself relies on an internal HTTP client for HTTP calls: by
> default, it's the JDKHttpClient.
> And you can set a Proxy at this level. But this must be done
> programmatically.
> You should put some breakpoint in the OAuth20Authenticator.
> Thanks.
> Best regards,
> Jérôme
>
>
> Le jeu. 10 sept. 2020 à 05:30, Joe Manavalan <[email protected]> a
> écrit :
>
> Unfortunately I did not get any additional logs from either of the
> packages.
>
> On Wednesday, September 9, 2020 at 5:45:55 AM UTC-5 leleuj wrote:
>
> Hi,
>
> You should turn on DEBUG logs on org.pac4j and com.github.scribejava.
> Thanks.
> Best regards,
> Jérôme
>
>
> Le mer. 9 sept. 2020 à 06:42, Joe Manavalan <[email protected]> a
> écrit :
>
>
> Hi Jerome,
> Are there any logs we can get to see the timed out request url?
> btw I tried adding the proxy host and port as jvm arguments with the same
> connection timed out error.
>
> Thanks
> Joe
> On Tuesday, September 8, 2020 at 7:49:32 PM UTC-5 Joe Manavalan wrote:
>
>
> HiJerome,
>
> It appears that the token server cannot be reached directly but has to go
> via a proxy.
> Is there a property in cas to specify the proxy url and port ? or this has
> to be a network settings on the server ?
>
> Thanks
> Joe
> On Tuesday, September 8, 2020 at 1:00:12 AM UTC-5 leleuj wrote:
>
> Hi,
>
> During the authentication process, CAS via pac4j tries to directly contact
> the identity provider to retrieve the access token.
> The "connection timeout" means that the identity provider is not directly
> reachable from the CAS server. Maybe a mismatch in the URL definition or a
> proxy setting on the CAS server.
> Thanks.
> Best regards,
> Jérôme
>
>
> Le mar. 8 sept. 2020 à 03:34, Joe Manavalan <[email protected]> a
> écrit :
>
> Hi Jerome,
>
> For testing I set up the server name as the url. And now I have the
> redirect url coming correctly but its timing out when getting
> authentication Object. since the error is from pac4j, I also posted a
> message in pac4j group too..
>
> Following is the trace from log. Would it help trying a different version
> of pac4j ?
>
>
> 2020-09-07 18:47:30,765 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8
>
> reached end of additional filter chain; proceeding with original chain>
> 2020-09-07 18:47:30,772 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <GET
> "/codesESSO/login/a204264-CodesESSO_DevDomain?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8",
>
> parameters={masked}>
> 2020-09-07 18:47:30,774 DEBUG
> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>
> - <Mapped to
> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
>
> HttpServletRequest, HttpServletResponse)>
> 2020-09-07 18:47:30,775 DEBUG
> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
> response for client [a204264-CodesESSO_DevDomain], redirecting the login
> flow [
> https://mycompanydomain.com:8445/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
> ]>
> 2020-09-07 18:47:30,786 DEBUG
> [org.springframework.web.servlet.view.RedirectView] - <View [RedirectView],
> model {}>
> 2020-09-07 18:47:30,787 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>
> - <SecurityContext is empty or contents are anonymous - context will not be
> stored in HttpSession.>
> 2020-09-07 18:47:30,787 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <Completed 302 FOUND>
> 2020-09-07 18:47:30,787 DEBUG
> [org.springframework.security.web.access.ExceptionTranslationFilter] -
> <Chain processed normally>
> 2020-09-07 18:47:30,788 DEBUG
> [org.springframework.security.web.context.SecurityContextPersistenceFilter]
> - <SecurityContextHolder now cleared, as request processing completed>
> 2020-09-07 18:47:30,860 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 1 of 9 in additional filter chain; firing Filter:
> 'ChannelProcessingFilter'>
> 2020-09-07 18:47:30,860 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 2 of 9 in additional filter chain; firing Filter:
> 'WebAsyncManagerIntegrationFilter'>
> 2020-09-07 18:47:30,860 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 3 of 9 in additional filter chain; firing Filter:
> 'SecurityContextPersistenceFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>
> - <No HttpSession currently exists>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>
> - <No SecurityContext was available from the HttpSession: null. A new one
> will be created.>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 4 of 9 in additional filter chain; firing Filter:
> 'RequestCacheAwareFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] -
> <saved request doesn't match>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 5 of 9 in additional filter chain; firing Filter:
> 'SecurityContextHolderAwareRequestFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 6 of 9 in additional filter chain; firing Filter:
> 'AnonymousAuthenticationFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
>
> - <Populated SecurityContextHolder with anonymous token:
> 'org.springframework.security.authentication.AnonymousAuthenticationToken@11ef9e01:
>
> Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
> Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>
> RemoteIpAddress: 10.98.183.5; SessionId: null; Granted Authorities:
> ROLE_ANONYMOUS'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 7 of 9 in additional filter chain; firing Filter:
> 'SessionManagementFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 8 of 9 in additional filter chain; firing Filter:
> 'ExceptionTranslationFilter'>
> 2020-09-07 18:47:30,861 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> at position 9 of 9 in additional filter chain; firing Filter:
> 'FilterSecurityInterceptor'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/null/**']>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/null/**'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
> matches found>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/css/**']>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/css/**'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/js/**']>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/js/**'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/images/**']>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/images/**'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/webjars/**']>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/webjars/**'>
> 2020-09-07 18:47:30,864 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <Trying
> to match using Ant [pattern='/**/favicon.ico']>
> 2020-09-07 18:47:30,867 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/**/favicon.ico'>
> 2020-09-07 18:47:30,868 DEBUG
> [org.springframework.security.web.util.matcher.OrRequestMatcher] - <No
> matches found>
> 2020-09-07 18:47:30,868 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/resources/**'>
> 2020-09-07 18:47:30,868 DEBUG
> [org.springframework.security.web.util.matcher.AntPathRequestMatcher] -
> <Checking match of request : '/login'; against '/static/**'>
> 2020-09-07 18:47:30,869 DEBUG
> [org.springframework.security.web.access.intercept.FilterSecurityInterceptor]
> - <Public object - authentication not attempted>
> 2020-09-07 18:47:30,869 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain
>
> reached end of additional filter chain; proceeding with original chain>
> 2020-09-07 18:47:30,870 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <GET
> "/codesESSO/login?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
>
> parameters={masked}>
> 2020-09-07 18:47:30,872 DEBUG
> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping
> request with URI '/codesESSO/login' to flow with id 'login'>
> 2020-09-07 18:47:30,873 DEBUG
> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapped to
> [FlowHandlerMapping.DefaultFlowHandler@5687bc9e]>
> 2020-09-07 18:47:30,875 DEBUG
> [org.springframework.webflow.executor.FlowExecutorImpl] - <Launching new
> execution of flow 'login' with input map['client_name' ->
> 'a204264-CodesESSO_DevDomain', 'code' ->
> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
> 2020-09-07 18:47:30,875 DEBUG
> [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl]
> - <Getting FlowDefinition with id 'login'>
> 2020-09-07 18:47:30,875 DEBUG
> [org.springframework.webflow.engine.impl.FlowExecutionImplFactory] -
> <Creating new execution of 'login'>
> 2020-09-07 18:47:30,876 DEBUG
> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Starting in
> org.springframework.webflow.mvc.servlet.MvcExternalContext@68d39ed8 with
> input map['client_name' -> 'a204264-CodesESSO_DevDomain', 'code' ->
> 'Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse', 'state' ->
> 'TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8']>
> 2020-09-07 18:47:30,876 DEBUG [org.springframework.webflow.engine.Flow] -
> <Creating [FlowVariable@511bfc1c name = 'credential', valueFactory =
> [BeanFactoryVariableValueFactory@42331ab3 type =
> UsernamePasswordCredential]]>
> 2020-09-07 18:47:30,878 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> [EvaluateAction@4bf00528 expression = initialFlowSetupAction,
> resultExpression = [null]]>
> 2020-09-07 18:47:30,879 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Finished
> executing org.apereo.cas.web.flow.login.InitialFlowSetupAction@7befab70;
> result = success>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Finished
> executing [EvaluateAction@4bf00528 expression = initialFlowSetupAction,
> resultExpression = [null]]; result = success>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> [EvaluateAction@68329dba expression = verifyRequiredServiceAction,
> resultExpression = [null]]>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Finished
> executing
> org.apereo.cas.web.flow.login.VerifyRequiredServiceAction@4f7a057a; result
> = success>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Finished
> executing [EvaluateAction@68329dba expression =
> verifyRequiredServiceAction, resultExpression = [null]]; result = success>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Finished
> executing
> org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer$$Lambda$892/0x0000000100f99840@51e913b3;
>
> result = null>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.engine.ActionState] - <Entering state
> 'delegatedAuthenticationAction' of flow 'login'>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> [EvaluateAction@7780b35 expression = delegatedAuthenticationAction,
> resultExpression = [null]]>
> 2020-09-07 18:47:30,885 DEBUG
> [org.springframework.webflow.execution.ActionExecutor] - <Executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f>
> 2020-09-07 18:47:30,887 DEBUG
> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier
> could not found as part of the request parameters. Looking at state for the
> OAuth2/Oidc client>
> 2020-09-07 18:47:30,888 DEBUG
> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
> client identifier for this request as
> [Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]]>
> 2020-09-07 18:47:30,895 DEBUG
> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated
> client identifier as [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
> 2020-09-07 18:47:30,898 DEBUG
> [org.apereo.cas.web.DelegatedClientWebflowManager] - <Removing delegated
> client identifier [TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8] from registry>
> 2020-09-07 18:47:30,904 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
> [TransientSessionTicketImpl(super=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8,
> service=null, properties={targetService=null, method=, service=null,
> theme=, locale=})] from the registry.>
> 2020-09-07 18:47:30,912 DEBUG
> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Delegated
> authentication client is [#GenericOAuth20Client# | name:
> a204264-CodesESSO_DevDomain | callbackUrl:
> https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
> ajaxRequestResolver:
> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
> redirectionActionBuilder:
> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
> credentialsExtractor:
> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
> | authenticator:
> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
> profileCreator:
> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
> secret: [protected] | tokenAsHeader: false | responseType: code | scope:
> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
> hasBeenCancelledFactory:
> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
>
> | profileDefinition:
> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
> httpClientConfig: null | |] with service [null]>
> 2020-09-07 18:47:30,913 DEBUG
> [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <Fetching
> credentials from delegated client [#GenericOAuth20Client# | name:
> a204264-CodesESSO_DevDomain | callbackUrl:
> https://mycompanydomain.com:8445/codesESSO/login | callbackUrlResolver:
> org.pac4j.core.http.callback.PathParameterCallbackUrlResolver@10eaf59b |
> ajaxRequestResolver:
> org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@283128c7 |
> redirectionActionBuilder:
> org.pac4j.oauth.redirect.OAuth20RedirectionActionBuilder@1a90d8b6 |
> credentialsExtractor:
> org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor@4e0ba4c6
> | authenticator:
> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator@4555b8e7 |
> profileCreator:
> org.pac4j.oauth.profile.creator.OAuth20ProfileCreator@6483d79a |
> configuration: #OAuth20Configuration# | key: dc-EzviE8N74pZ4EoQ8lZDLLX |
> secret: [protected] | tokenAsHeader: false | responseType: code | scope:
> null | api: org.pac4j.scribe.builder.api.GenericApi20@78caf6d4 |
> hasBeenCancelledFactory:
> org.pac4j.oauth.config.OAuthConfiguration$$Lambda$946/0x0000000100fe9c40@3674ffcb
>
> | profileDefinition:
> org.pac4j.oauth.profile.generic.GenericOAuth20ProfileDefinition@6b74509f |
> httpClientConfig: null | |]>
> 2020-09-07 18:47:30,941 DEBUG
> [org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket
> [TransientSessionTicketImpl(super=TST-dc0a2fe1-45b6-400e-84ff-8b3563ef0882,
> service=null, properties={})].>
> 2020-09-07 18:47:30,947 DEBUG
> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
> <sessionState: TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8 / stateParameter:
> Optional[TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8]>
> 2020-09-07 18:47:30,947 DEBUG
> [org.pac4j.oauth.credentials.extractor.OAuth20CredentialsExtractor] -
> <code: Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
> 2020-09-07 18:47:30,947 DEBUG
> [org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator] - <code:
> Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse>
> 2020-09-07 18:47:43,647 WARN
> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
> <[registry.json] does not match the recommended pattern
> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
> it's recommended that you rename the file to match the requested pattern to
> avoid issues with duplicate service loading. Future CAS versions may try to
> strictly force the naming syntax, refusing to load the file.>
> 2020-09-07 18:47:43,651 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered
> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
> identifier [10000001]>
> 2020-09-07 18:47:43,651 INFO
> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
> from [JsonServiceRegistry].>
> 2020-09-07 18:47:54,568 DEBUG
> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] -
> <[c892txdctool1] trying to acquire [cas-ticket-registry-cleaner] lock.>
> 2020-09-07 18:47:54,590 DEBUG
> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Cleaning
> up expired ticket [TST-f8c798e3-dbd1-4a00-981a-f430b891b36a]>
> 2020-09-07 18:47:54,591 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
> [TransientSessionTicketImpl(super=TST-f8c798e3-dbd1-4a00-981a-f430b891b36a,
> service=null, properties={})] from the registry.>
> 2020-09-07 18:47:54,600 INFO
> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1]
> expired tickets removed.>
> 2020-09-07 18:47:54,601 DEBUG
> [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <Releasing
> [cas-ticket-registry-cleaner] lock held by [c892txdctool1].>
> 2020-09-07 18:47:54,602 DEBUG
> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished
> ticket cleanup.>
> 2020-09-07 18:48:43,656 WARN
> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] -
> <[registry.json] does not match the recommended pattern
> [(\w+)-(\d+)\.json]. While CAS tries to be forgiving as much as possible,
> it's recommended that you rename the file to match the requested pattern to
> avoid issues with duplicate service loading. Future CAS versions may try to
> strictly force the naming syntax, refusing to load the file.>
> 2020-09-07 18:48:43,660 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - <Adding registered
> service [^(https|http|imaps)://.*] with name [HTTPS and IMAPS] and internal
> identifier [10000001]>
> 2020-09-07 18:48:43,661 INFO
> [org.apereo.cas.services.AbstractServicesManager] - <Loaded [1] service(s)
> from [JsonServiceRegistry].>
> 2020-09-07 18:49:38,301 DEBUG
> [org.pac4j.oauth.client.GenericOAuth20Client] - <Credentials validation
> took: 127354 ms>
> 2020-09-07 18:49:38,302 DEBUG
> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting
> to handle [org.springframework.webflow.execution.ActionExecutionException:
> Exception thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'] with root cause
> [org.pac4j.core.exception.HttpCommunicationException: Error getting
> token:Connection timed out (Connection timed out)]>
> 2020-09-07 18:49:38,302 DEBUG
> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing
> unhandled flow execution exception>
> 2020-09-07 18:49:38,302 DEBUG
> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
> received exception
> [org.springframework.webflow.execution.ActionExecutionException: Exception
> thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'] due to a type mismatch with handler
> [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
> 2020-09-07 18:49:38,302 DEBUG
> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
> received exception
> [org.springframework.webflow.execution.ActionExecutionException: Exception
> thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'] due to a type mismatch with handler
> [[FlowHandlerMapping.DefaultFlowHandler@5687bc9e]]>
> 2020-09-07 18:49:38,303 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <Failed to complete
> request: org.springframework.webflow.execution.ActionExecutionException:
> Exception thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'>
> 2020-09-07 18:49:38,304 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
>
> - <SecurityContext is empty or contents are anonymous - context will not be
> stored in HttpSession.>
> 2020-09-07 18:49:38,304 DEBUG
> [org.springframework.security.web.context.SecurityContextPersistenceFilter]
> - <SecurityContextHolder now cleared, as request processing completed>
> 2020-09-07 18:49:38,304 ERROR
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] -
> <Forwarding to error page from request [/login] due to exception [Exception
> thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]']>
> org.springframework.webflow.execution.ActionExecutionException: Exception
> thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@3d08fc1f in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at org.springframework.webflow.engine.State.enter(State.java:194)
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at org.springframework.webflow.engine.Flow.start(Flow.java:527)
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:139)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:?]
> at
> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> ~[?:?]
> at
> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> ~[?:?]
> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
>
> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
>
> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>
> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>
> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at com.sun.proxy.$Proxy241.launchExecution(Unknown Source) ~[?:?]
> at
> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:264)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
>
> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
>
> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
>
> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
>
> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
> ~[servlet-api.jar:?]
> at
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
>
> ~[spring-webmvc-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
> ~[servlet-api.jar:?]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
> ~[tomcat-websocket.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28)
>
> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:411)
>
> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:216)
>
> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:67)
>
> ~[cas-server-core-web-api-6.1.7.jar:6.1.7]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
>
> ~[spring-security-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
>
> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
> at
> org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
>
> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
> at
> org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
>
> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
>
> ~[spring-boot-2.2.0.RELEASE.jar:2.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108)
>
> ~[spring-boot-actuator-2.2.0.RELEASE.jar:2.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99)
>
> ~[cas-server-core-logging-6.1.7.jar:6.1.7]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
>
> ~[spring-web-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
>
> ~[inspektr-common-1.8.6.GA.jar:1.8.6.GA]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
>
> ~[log4j-web-2.12.1.jar:2.12.1]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:185)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>
> ~[catalina.jar:9.0.12]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
> ~[catalina.jar:9.0.12]
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
> ~[tomcat-coyote.jar:9.0.12]
> at
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>
> ~[tomcat-coyote.jar:9.0.12]
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770)
>
> ~[tomcat-coyote.jar:9.0.12]
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
>
> ~[tomcat-coyote.jar:9.0.12]
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>
> ~[tomcat-coyote.jar:9.0.12]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>
> ~[?:?]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>
> ~[?:?]
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>
> ~[tomcat-util.jar:9.0.12]
> at java.lang.Thread.run(Thread.java:834) [?:?]
> Caused by: org.pac4j.core.exception.HttpCommunicationException: Error
> getting token:Connection timed out (Connection timed out)
> at
> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.retrieveAccessToken(OAuth20Authenticator.java:36)
>
> ~[pac4j-oauth-4.0.3.jar:?]
> at
> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:38)
>
> ~[pac4j-oauth-4.0.3.jar:?]
> at
> org.pac4j.oauth.credentials.authenticator.OAuth20Authenticator.validate(OAuth20Authenticator.java:20)
>
> ~[pac4j-oauth-4.0.3.jar:?]
> at
> org.pac4j.oauth.credentials.authenticator.OAuthAuthenticator.validate(OAuthAuthenticator.java:20)
>
> ~[pac4j-oauth-4.0.3.jar:?]
> at
> org.pac4j.core.client.BaseClient.lambda$retrieveCredentials$0(BaseClient.java:70)
>
> ~[pac4j-core-4.0.3.jar:?]
> at java.util.Optional.ifPresent(Optional.java:183) ~[?:?]
> at
> org.pac4j.core.client.BaseClient.retrieveCredentials(BaseClient.java:67)
> ~[pac4j-core-4.0.3.jar:?]
> at
> org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:144)
> ~[pac4j-core-4.0.3.jar:?]
> at
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.getCredentialsFromDelegatedClient(DelegatedClientAuthenticationAction.java:254)
>
> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
> at
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.populateContextWithClientCredential(DelegatedClientAuthenticationAction.java:240)
>
> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
> at
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction.doExecute(DelegatedClientAuthenticationAction.java:213)
>
> ~[cas-server-support-pac4j-webflow-6.1.7.jar:6.1.7]
> at
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at jdk.internal.reflect.GeneratedMethodAccessor196.invoke(Unknown Source)
> ~[?:?]
> at
> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> ~[?:?]
> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:279)
>
> ~[spring-core-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
>
> ~[spring-cloud-context-2.2.0.RC1.jar:2.2.0.RC1]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
>
> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>
> ~[spring-aop-5.2.0.RELEASE.jar:5.2.0.RELEASE]
> at com.sun.proxy.$Proxy228.execute(Unknown Source) ~[?:?]
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
>
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> ... 119 more
> 2020-09-07 18:49:38,308 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch
> for GET
> "/codesESSO/error?code=Fvyu6ywosaL8ym8wbzsdjBWy23mu__38eEgzxxse&state=TST-4-RfkeExouV9CAQXsjUlhRAXgZ84QdVGF8&client_name=a204264-CodesESSO_DevDomain",
>
> parameters={masked}>
> 2020-09-07 18:49:38,310 DEBUG
> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>
> - <Mapped to
> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest,
>
> HttpServletResponse)>
> 2020-09-07 18:49:38,432 DEBUG
> [org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
> <Selected 'text/html' given [text/html, text/html;q=0.8]>
>
>
>
> Thanks
>
> On Friday, September 4, 2020 at 3:07:18 AM UTC-5 leleuj wrote:
>
> Hi,
>
> I would have expected the *val url = httpUrl.replace("http", "https");*
> solution to work.
>
> You may also try to set the "secure" flag in the Tomcat connector.
>
> Thanks.
> Best regards,
> Jérôme
>
>
> Le jeu. 3 sept. 2020 à 18:48, Joe Manavalan <[email protected]> a
> écrit :
>
> I was told there is BIG-IP which counts as reverse proxy in front of
> tomcat. Are there any specific settings to resolve this ?
> FYI : We have CAS war deployed in tomcat 8.5 [Not in embedded tomcat]
>
> Thanks
> Joe
>
>
> On Monday, August 31, 2020 at 6:01:46 PM UTC-5 Joe Manavalan wrote:
>
> Thanks Jerome for the response.
>
> I am checking with the network team about the reverse proxy..
> request.getRequestURL() is coming in as "http "
>
> Following is the log
>
>
> 2020-08-31 17:45:43,157 DEBUG
> [org.springframework.security.web.FilterChainProxy] -
> </login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s
>
> reached end of additional filter chain; proceeding with original chain>
> 2020-08-31 17:45:43,164 DEBUG
> [org.springframework.web.servlet.DispatcherServlet] - <GET
> "/codesESSO/login/CodesESSO_Dev?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s",
>
> parameters={masked}>
> 2020-08-31 17:45:43,167 DEBUG
> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
>
> - <Mapped to
> org.apereo.cas.web.DelegatedClientNavigationController#redirectResponseToFlow(String,
>
> HttpServletRequest, HttpServletResponse)>
> 2020-08-31 17:45:43,201 DEBUG
> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Response for
> client [http://<domain>:8445/codesESSO/login/CodesESSO_Dev],>
>
>
> I manually added a http to https replace here in
> BaseDelegatedAuthenticationController for testing
> val url = httpUrl.replace("http", "https");
>
>
> 2020-08-31 17:45:43,204 DEBUG
> [org.apereo.cas.web.BaseDelegatedAuthenticationController] - <Received a
> response for client [a204264-CodesESSO_Dev], redirecting the login flow
> [https://<domain>:8445/codesESSO/login?code=aF7GlAT5G_5OTjTQQw512P5U7WQ87DQwGfloQZcI&state=TST-1-M7NvxcUUbWhZsfDKg9WZ3CF2ift41e5s&client_name=CodesESSO_Dev]>
>
> Ended up throwing an error [Which I believe is expected due to the
> manipulation]
> org.springframework.webflow.execution.ActionExecutionException: Exception
> thrown executing
> org.apereo.cas.web.flow.DelegatedClientAuthenticationAction@40e79dec in
> state 'delegatedAuthenticationAction' of flow 'login' -- action execution
> attributes were 'map[[empty]]'
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
> at
> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
>
> On Mon, Aug 31, 2020 at 1:52 AM Jérôme LELEU <[email protected]> wrote:
>
> Hi,
>
> This redirection relies on: request.getRequestURL()
> Do you have some reverse proxy in front of your Tomcat?
> Thanks.
> Best regards,
> Jérôme
>
>
> Le jeu. 27 août 2020 à 17:20, Joe Manavalan <[email protected]> a
> écrit :
>
> I have cas6.1 deployed and working with cas.authn.pac4j.oauth2. The app
> works fine in my local windows machine on an https port
> When deployed in unix with the same setting [except the url has domain
> name instead of server name] the app after authenticating with the external
> oauth2 provider redirects the url to an http port as shown below
> This is the redirect url configured and get successfully redirected after
> authentication and authorization based on the browser trace
>
> https://<domain>:<port>/cas/login/<clientName>?code=<code>&state=<state>&client_name=<clientName>
> It then gets redirected to the below http port instead of the expected
> https port
>
> http//<domain>:<port>/cas/login?code=<code>&state=<state>&client_name=<clientName>
>
> Is this some configuration in CAS or need to be investigated on the
> network side ?
> Any help appreciated
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9fa4862-6604-4c32-8a75-81a04f982998n%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
>
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz_k_jQenLtSjYe3TPNOD%3DStaVdub7UaF4yUpMErBTiHg%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
>
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f20905c-771f-457c-8dce-2c29e792364an%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
>
>
>
>
>
>
>
>
>
>
> --
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected]
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3c6785a-cc57-4887-a9e8-fd76f7d61f9an%40apereo.org.
