Thanks Ray, I owe you a case of what ever your vice is by now.
In retrospect it makes sense now. The service ticket was being searched for
in the requestScope as the log reflects:
2023-08-08 15:25:26,057 DEBUG
[org.apereo.cas.web.flow.GenerateServiceTicketAction] - <Granted service
ticket [ST-2-********9u96HVcbf8-https://localhost:8443] and added it to the
request scope>
Since I was redirecting the user to a view, this triggered a new request
which would lose the request scope including the service ticket.
So, right before I redirect the user to the view, I saved the requestScope
object into flowScope, then after action was taken in the view I triggered
another action that would put the temp requestScope object from the
flowScope back into requestScope and finally removed the temp requestScope
object from flowScope.
-psv
On Wednesday, August 9, 2023 at 9:09:00 PM UTC-5 Ray Bon wrote:
> Pablo,
>
>
> There are a number of maps associated with the web flow.
> You can put to one of the maps, if needed. From your action class you can
> see their contents:
>
> // authn attributes contains encrypted credential
> // LOGGER.debug("auth attribs Map: " +
> WebUtils.getAuthentication(requestContext).getAttributes());
> // printMap("attributes Map", requestContext.getAttributes().asMap());
> // printMap("conversation Map",
> requestContext.getConversationScope().asMap());
> // printMap("flash Map", requestContext.getFlashScope().asMap());
> // printMap("flow scope Map", requestContext.getFlowScope().asMap());
> // printMap("request Map", requestContext.getRequestScope().asMap());
> // printMap("parameter Map",
> requestContext.getRequestParameters().asMap());
>
>
> private void printMap(String identifier, Map<String, Object> mam) {
> LOGGER.trace(identifier + ": [" + mam.keySet().size() + "]:");
> for (String key : mam.keySet()) {
> LOGGER.trace("\t" + key + " : " + mam.get(key));
> }
> }
>
> Ray
>
> On Wed, 2023-08-09 at 17:23 -0700, Pablo Vidaurri wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> It looks like I'm losing the request scope, or at least the service
> ticket:
>
>
> 2023-08-08 15:25:26,057 DEBUG
> [org.apereo.cas.web.flow.GenerateServiceTicketAction] - <Granted service
> ticket [ST-2-********9u96HVcbf8-https://localhost:8443] and added it to
> the request scope>
> 2023-08-08 15:25:26,057 DEBUG [org.apereo.cas.web.flow.MyCustomAction] -
> <Inside myCustomAction doExecute>
> ...
> 2023-08-08 15:25:27,186 DEBUG
> [org.apereo.cas.web.flow.actions.RedirectToServiceAction] - <Located
> service ticket [null] from the context>
>
> Inside MyCustomAction.java, I can confirm I have a requestScope with ST.
> My customAction will trigger a redirect to a view. After my view it seems I
> lose the ST.
>
> Do I need to pass my requestscope or ST along with my form inside my view
> via an input form parameter?
>
> -psv
>
>
> On Wednesday, August 9, 2023 at 2:50:18 PM UTC-5 Pablo Vidaurri wrote:
>
> Hi Ray, looks to be a self inflicted issue.
>
> We have a custom login webflow and have injected as view between
> generateServiceTicket and Redirect action/view states. When I disable this
> custom step all works fine. I haven't been able to trace my issue but it is
> my issue.
>
> -psv
>
> On Thursday, August 3, 2023 at 9:24:17 AM UTC-5 Ray Bon wrote:
>
> Pablo,
>
> What version of Cas is this?
>
> Check your logs. The audit log records the authentication events,
> including ticket creation.
>
> Ray
>
> On Wed, 2023-08-02 at 14:39 -0700, Pablo Vidaurri wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
>
> I am seeing a problem where after a successful login a redirect is happing
> back to the service URL but does not have a ticket=ST-xxxx query parameter.
> This of course means that the service has no ticket to go validate. But if
> I hit the login page again, i get the ticket on the 2nd try.
>
> 1) https://www.xxx.com/cas/login?service=https://myapp.xxx.com/cas/login
> 2) after login redirects to https://myapp.newco.com/cas/login, with no
> ticket
> 3) since no ticket, login to the app fails.
> 4) I go to
> https://www.xxx.com/cas/login?service=https://myapp.xxx.com/cas/login
> again
> 5) immediately redirects back to
> https://myapp.xxx.com/cas/login?ticket=ST-xxxx
> 6) now logged into the app
>
> Why would ticket not be sent the first time?
>
> -psv
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b9a850fb-dd71-48e2-a0d3-7ada7f703911n%40apereo.org.
