We have a cas environment with 2 front ends, and want to point to a central
jms server for distributed ticketing. We have artemis set up on a third
box (not using artemis specifically, just using it as the next activemq
release). Auth is handed off via delegated saml (to okta) so pac4j is used
for authentication. When a user logs in, it is successful, they get a
ticket and they get attributes, but I do not believe the distributed
ticketing is successful. Here is the JMS configuration:
cas.ticket.registry.jms.crypto.signing.key=REDACTED
cas.ticket.registry.jms.crypto.encryption.key=REDACTED
spring.activemq.broker-url=tcp://urltoserver:61617
spring.activemq.user=REDACTED
spring.activemq.password=REDACTED
spring.activemq.pool.enabled=true
spring.activemq.pool.max-connections=50
spring.activemq.packages.trust-all=false
spring.activemq.packages.trusted=org.apereo.cas
Then when a user logs in, despite the login being successful, I get this in
the cas logs (the actual value of the specified config replaces what's in
bold):
2022-07-20 20:32:37,106 WARN
[org.springframework.jms.listener.DefaultMessageListenerContainer] -
<Execution of JMS message listener failed, and no ErrorHandler has been
set.>
org.springframework.jms.listener.adapter.ListenerExecutionFailedException:
Listener method 'public void
org.apereo.cas.ticket.registry.JmsTicketRegistryQueueReceiver.receive(org.apereo.cas.ticket.queue.BaseMessageQueueCommand)
throws java.lang.Exception' threw exception; nested exception is
org.springframework.jms.support.converter.MessageConversionException:
Failed to convert JSON message content; nested exception is
com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Problem
deserializing 'setterless' property ("authnContexts"): no way to handle
typed deser with setterless yet
at [Source:
(String)"{"@class":"org.apereo.cas.ticket.queue.UpdateTicketMessageQueueCommand","id":{"@class":"org.apereo.cas.util.PublisherIdentifier","id":"90e5a8e0-2654-43dc-aeb8-210880c1083d"},"ticket":{"@class":"org.apereo.cas.ticket.TransientSessionTicketImpl","@id":1,"expirationPolicy":{"@class":"org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy$TransientSessionTicketExpirationPolicy","numberOfUses":1,"timeToLive":300,"name":"TransientSessionTicketExpirationPolicy-95b2fec6-0c78-4d42-8f70-99"[truncated
2020 chars]; line: 1, column: 2068] (through reference chain:
org.apereo.cas.ticket.queue.UpdateTicketMessageQueueCommand["ticket"]->org.apereo.cas.ticket.TransientSessionTicketImpl["properties"]->java.util.HashMap["pac4jUserProfiles"]->java.util.LinkedHashMap["
*cas.authn.pac4j.saml[0].clientName=*
"]->org.pac4j.saml.profile.SAML2Profile["authnContexts"])
Additionally, this is in the artemis logs:
2022-07-20 20:32:39,115 WARN [org.apache.activemq.artemis.core.server]
AMQ222149: Message
Reference[47408]:RELIABLE:CoreMessage[messageID=47408,durable=true,userID=11bdaf9a-086b-11ed-b8ae-0a888fcbcf63,priority=4,
timestamp=Wed Jul 20 20:32:27 UTC 2022,expiration=0, durable=true,
address=CasTicketRegistryQueue,size=6788,properties=TypedProperties[__HDR_dlqDeliveryFailureCause=java.lang.Throwable:
Delivery[7] exceeds redelivery policy limit:RedeliveryPolicy {destination =
null, collisionAvoidanceFactor = 0.15, maximumRedeliveries = 6,
maximumRedeliveryDelay = -1, initialRedeliveryDelay = 1000,
useCollisionAvoidance = false, useExponentialBackOff = false,
backOffMultiplier = 5.0, redeliveryDelay = 1000, preDispatchCheck = true},
cause:null,__AMQ_CID=ID:*cas-front-end-hostname*
-36353-1658348877999-0:10,_AMQ_GROUP_SEQUENCE=0,__HDR_BROKER_IN_TIME=1658349147052,@class=org.apereo.cas.ticket.queue.UpdateTicketMessageQueueCommand,_AMQ_ROUTING_TYPE=1,__HDR_ARRIVAL=0,__HDR_COMMAND_ID=5,__HDR_PRODUCER_ID=ID:
*cas-front-end-hostname*-36353-1658348877999-1:10:1:1,__HDR_MESSAGE_ID=ID:
*cas-front-end-hostname*-36353-1658348877999-1:10:1:1:1,__HDR_DROPPABLE=false]]@1093364495
has reached maximum delivery attempts, sending it to Dead Letter Address
DLQ from CasTicketRegistryQueue
I'm stumped, this is over my head as a sysadmin and not a java developer,
any clues would be helpful here.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f24067b2-b26d-4772-9fb9-392c27fab261n%40apereo.org.
