Hi,
latest build broke MFA (both gauth and web-authn). I have kept besides a
cas.war from august 22nd which is working fine with the exact same
build.gradle deps and /etc/cas/config/cas/yml config. One difference is
that the new cas.war was compiled and run (external tomcat) with openjdk 21
vs the other one was compiled and run with openjdk17
DB backend is Redis for everything.
Thanks if anyone could help ...
Regards,
Fred
Here are the deps I'm using :
build.gradle :
// ### MFA ###
//MFA TOTP
implementation
"org.apereo.cas:cas-server-support-gauth:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-gauth-redis:${project.'cas.version'}"
// MFA FIDO2 WEBAUTHN
implementation
"org.apereo.cas:cas-server-support-webauthn:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-webauthn-redis:${project.'cas.version'}"
//MFA TRUSTED DEVICE
implementation
"org.apereo.cas:cas-server-support-trusted-mfa:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-trusted-mfa-redis:
${project.'cas.version'}"
Here is the MFA block in my cas.yml :
mfa:
core:
provider-selection-enabled: true
gauth:
core:
issuer: CASIssuer
label: Blah
scratch-codes.encryption.key: blah-blah-blah
name: OATH Authentification
crypto:
encryption:
key: blah-blah-blah
signing:
key: blah-blah-blah
redis:
host: localhost
port: 6379
username: default
password: blah-blah-blah
sentinel:
node[0]: blah-blah-blah:26379
node[1]: blah-blah-blah:26379
node[2]: blah-blah-blah:26379
master: instancecas
web-authn:
core:
relying-party-id: blah-blah-blah.fr
relying-party-name: blah-blah-blah
allowed-origins: blah-blah-blah
trusted-device-enabled: false
application-id: blah-blah-blah
crypto:
encryption:
key: blah-blah-blah
signing:
key: blah-blah-blah
redis:
host: localhost
port: 6379
username: default
password: blah-blah-blah
sentinel:
node[0]: blah-blah-blah:26379
node[1]: blah-blah-blah:26379
node[2]: blah-blah-blah:26379
master: instancecas
trusted:
core:
auto-assign-device-name: true
device-registration-enabled: true
authentication-context-attribute:
isFromTrustedMultifactorAuthentication
redis:
host: localhost
port: 6379
username: default
password: blah-blah-blah
sentinel:
node[0]: blah-blah-blah:26379
node[1]: blah-blah-blah:26379
node[2]: blah-blah-blah:26379
master: instancecas
crypto:
enabled: true
signing:
key: blah-blah-blah
encryption:
key: blah-blah-blah
device-fingerprint:
cookie:
crypto:
enabled: true
signing:
key: blah-blah-blah
encryption:
key: blah-blah-blah
And the stacktrace :
2023-10-13 11:19:17,196 DEBUG
[org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <Placing service
in context scope: [https://blah-blah-blah:9447/protected]>
2023-10-13 11:19:17,196 DEBUG
[org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <Placing
registered service [https://blah-blah-blah] with id [48] in context scope>
2023-10-13 11:19:17,197 DEBUG
[org.apereo.cas.web.flow.authentication.RegisteredServiceAuthenticationPolicySingleSignOnParticipationStrategy]
- <Evaluating authentication policy
[DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[],
excludedAuthenticationHandlers=[], criteria=null)] for [Service Test
Bootiful]>
2023-10-13 11:19:17,197 DEBUG
[org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] -
<Resolved single event [success] via
[org.apereo.cas.web.flow.resolver.impl.RankedMultifactorAuthenticationProviderWebflowEventResolver]
for this context>
2023-10-13 11:19:27,246 DEBUG
[org.apereo.cas.web.flow.CasFlowHandlerMapping] - <Mapped to
[FlowHandlerMapping.DefaultFlowHandler@4fcf6be1]>
2023-10-13 11:19:27,250 DEBUG
[org.apereo.cas.web.flow.CasFlowHandlerMapping] - <Mapped to
[FlowHandlerMapping.DefaultFlowHandler@dacb3f2]>
2023-10-13 11:19:27,260 DEBUG
[org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver]
- <Request is not eligible to be issued service tickets just yet>
2023-10-13 11:19:27,276 WARN
[org.apereo.cas.authentication.attribute.PrincipalAttributeRepositoryFetcher]
- <No person records were fetched from attribute repositories for [{
principal=frederic.dussurget, blah blah, username=frederic.dussurget,
service=https://blah-blah-blah:9447/protected}]>
2023-10-13 11:19:27,280 WARN
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
- <Name is null>
java.lang.NullPointerException: Name is null
at java.lang.Enum.valueOf(Enum.java:291) ~[?:?]
at
org.apereo.services.persondir.util.CaseCanonicalizationMode.valueOf(CaseCanonicalizationMode.java:26)
~[person-directory-impl-3.0.1.jar:?]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy.returnFinalAttributesCollection(AbstractRegisteredServiceAttributeReleasePolicy.java:250)
~[cas-server-core-authentication-attributes-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:134)
~[cas-server-core-authentication-attributes-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver.determineRegisteredServiceForEvent(DefaultCasDelegatingWebflowEventResolver.java:180)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver.resolveInternal(DefaultCasDelegatingWebflowEventResolver.java:82)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolve(AbstractCasWebflowEventResolver.java:48)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolveSingle(AbstractCasWebflowEventResolver.java:53)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.lambda$doExecuteInternal$0(AbstractAuthenticationAction.java:63)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.jooq.lambda.Unchecked.lambda$supplier$38(Unchecked.java:1695)
~[jool-0.9.15.jar:?]
at
org.apereo.cas.util.function.FunctionUtils.doUnchecked(FunctionUtils.java:449)
~[cas-server-core-util-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.doExecuteInternal(AbstractAuthenticationAction.java:41)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.web.flow.actions.BaseCasWebflowAction.doExecute(BaseCasWebflowAction.java:38)
~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
~[spring-webflow-3.0.0.jar:3.0.0]
at org.springframework.webflow.engine.State.enter(State.java:194)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.Transition.execute(Transition.java:228)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.ViewState.resume(ViewState.java:195)
~[spring-webflow-3.0.0.jar:3.0.0]
at org.springframework.webflow.engine.Flow.resume(Flow.java:537)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:254)
~[spring-webflow-3.0.0.jar:3.0.0]
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1086)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:979)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1011)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:914)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590)
~[servlet-api.jar:6.0]
at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:885)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
~[servlet-api.jar:6.0]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:205)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
~[tomcat-websocket.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:66)
~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:391)
~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:177)
~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:62)
~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.boot.actuate.web.exchanges.servlet.HttpExchangesFilter.doFilterInternal(HttpExchangesFilter.java:89)
~[spring-boot-actuator-3.2.0-M3.jar:3.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:231)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:479)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:340)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator.lambda$wrapSecured$0(ObservationFilterChainDecorator.java:82)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:128)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:100)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:179)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:168)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:75)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:133)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:323)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:224)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:109)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:95)
~[cas-server-core-logging-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:124)
~[spring-boot-3.2.0-M3.jar:3.2.0-M3]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:99)
~[spring-boot-3.2.0-M3.jar:3.2.0-M3]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:117)
~[spring-boot-3.2.0-M3.jar:3.2.0-M3]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
~[spring-web-6.1.0-M5.jar:6.1.0-M5]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69)
~[spring-security-web-6.2.0-M3.jar:6.2.0-M3]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:55)
~[cas-server-core-audit-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
~[log4j-jakarta-web-2.20.0.jar:2.20.0]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:166)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
~[catalina.jar:10.1.9]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
~[catalina.jar:10.1.9]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
~[catalina.jar:10.1.9]
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:676)
~[catalina.jar:10.1.9]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
~[catalina.jar:10.1.9]
at
org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:738)
~[catalina.jar:10.1.9]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341)
~[catalina.jar:10.1.9]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:391)
~[tomcat-coyote.jar:10.1.9]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
~[tomcat-coyote.jar:10.1.9]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:894)
~[tomcat-coyote.jar:10.1.9]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
~[tomcat-coyote.jar:10.1.9]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
~[tomcat-coyote.jar:10.1.9]
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
~[tomcat-util.jar:10.1.9]
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
~[tomcat-util.jar:10.1.9]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-util.jar:10.1.9]
at java.lang.Thread.run(Thread.java:1583) [?:?]
2023-10-13 11:19:27,280 DEBUG
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
- <Authentication request failed with [401], resulting in event [error]>
2023-10-13 11:19:27,280 DEBUG
[org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] -
<Resolved single event [error] via
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
for this context>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/10714163-83f1-4025-aacc-0c2e44083920n%40apereo.org.
