[cas-user] CAS 6.5.9 - SAML Session Exception

Tue, 18 Oct 2022 01:11:00 -0700 

Hi!
I upgraded from CAS 6.1.x to 6.5.9 and got that to run with little trouble (apart from per-Service-CORS). 


Now I am getting reports that people cannot log in to a SAML-service and 
looking in the log, I see



java.lang.IllegalArgumentException: SAML request or context could not be 
determined from session store


My setup is

HA-Proxy->2 tomcats->REDIS Sentinel.


The proxy is only balancing and setting cookies while the sentinel is of 
course identical for both tomcats, just as their crypto-setup (which i 
did not change from 6.1).


I stumbled across a similar problem of another CAS-User and proceeded to set

cas.authn.saml-idp.core.session-storage-type=TICKET_REGISTRY

Alas, that did not really work either.


Then i deactivated one of the tomcats to check if there is voodoo 
happening if requests are checked by a different tomcat than the one 
issuing them.


Did not change the errors.


Since there is no hint in the error (the exception is not very 
helpful..), I wonder if anyone out there has similar trouble and can 
enlighten me.


Best regards,

Sven Specker
--
__________________________________________________________________
*** Sven Specker -- University of Frankfurt Computing Center   ***
*********** UNIX System Administration (Auth/IDM) ****************
***** spec...@rz.uni-frankfurt.de [Phone (+49)-69-798-15188] *****
******************************************************************
__________________________________________________________________              
                Johann Wolfgang Goethe Universitaet
                   - Hochschulrechenzentrum -
                 Theodor W. Adorno-Platz 1 (PA-1P16)

                   D-60323 Frankfurt/Main
__________________________________________________________________
______________ TeX-users do it in {groups}________________________

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG

--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f530608d-7265-d571-663b-ba8560e55486%40rz.uni-frankfurt.de.



Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature






















					Reply via email to