Hi For further investigations, I flushed the redis db (just kept my 3 services) For both MFA provider (gauth and web-authn) I'm being asked to register my devices. (It wasn't the cas before flushing the db, after login/pwd authentication I falled back immediatly on the same login form.) So I guess, the devices I registered on the end of august are stored in a format that is just no more compatible with the newer builds ?
But, that still does'nt work, I have the failure popup : "Unable to accept this token. The given token is invalid, does not belong to the device or has expired." Here are errors in the browsers (tested in FF and Chrome) consoles : About gauth attempt : *jquery.min.js:2 POST https://cas-pp.universite-lyon.fr/cas/mfa-gauth 401 (Unauthorized)send @ jquery.min.js:2ajax @ jquery.min.js:2ce.<computed> @ jquery.min.js:2(anonymous) @ login?service=https%3A%2F%2Fsrv-cas-pp01.ad.universite-lyon.fr%3A9447%2Fprotected:351maybe here -> [...]try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw [...]* About web-authn attempt : *login:8 GET https://cas-pp.universite-lyon.fr/cas/webjars/base64-js/1.5.1/base64js.min.js net::ERR_ABORTED 403 (Forbidden)login:14 GET https://cas-pp.universite-lyon.fr/cas/js/webauthn/webauthn.js net::ERR_ABORTED 403 (Forbidden)login:5 GET https://cas-pp.universite-lyon.fr/cas/webjars/text-encoding/0.7.0/lib/encoding.js net::ERR_ABORTED 403 (Forbidden)login:7 GET https://cas-pp.universite-lyon.fr/cas/webjars/whatwg-fetch/3.6.2/dist/fetch.umd.js net::ERR_ABORTED 403 (Forbidden)login:6 GET https://cas-pp.universite-lyon.fr/cas/webjars/text-encoding/0.7.0/lib/encoding-indexes.js net::ERR_ABORTED 403 (Forbidden)* That may has something to deal with spring security but, I did not change anything since august. Here are my ACLs : * monitor: endpoints: endpoint: defaults: access: AUTHENTICATED health: access: IP_ADDRESS requiredIpAddresses: blah blah blah registeredServices: access: IP_ADDRESS requiredIpAddresses: blah blah blah importRegisteredServices: access: IP_ADDRESS requiredIpAddresses: blah blah blah multiFactorTrustedDevices: access: IP_ADDRESS requiredIpAddresses: blah blah blah management: endpoints: web: exposure: include: '*' enabled-by-default: true* Le mardi 17 octobre 2023 à 12:43:46 UTC+2, Frédéric Dussurget a écrit : > Hi Ray, > thank you very much for your help. There are no ERROR message except this > DEBUG error 401 message at the very end : > 2023-10-17 12:28:46,419 DEBUG > [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] > > - <Authentication request failed with [401], resulting in event [error]> > 2023-10-17 12:28:46,419 DEBUG > [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - > <Resolved single event [error] via > [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] > > for this context> > > For more information, you'll find below the service I used (but it is > exactly the same as the one I used in august 2nd) ... > Best regards, > > { > "@class": "org.apereo.cas.services.CasRegisteredService", > "serviceId": > "https://(testserver([123])|cas-pp)(.subdomain|).myuniversity.fr:944([678]).*" > , > "name": "Service Test Bootiful", > "id": 48, > "description": "Service de test Bootiful port 9446/7/8 MFA > gauth/webauthn", > "evaluationOrder": 48, > "attributeReleasePolicy": { > "@class": > "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", > "canonicalizationMode": null, > "allowedAttributes": [ > "java.util.ArrayList", > [ > "displayname mail blah givenname" > ] > ] > }, > "logo": "https://cas.myuniversity.fr/logo.svg";, > "accessStrategy": { > "@class": > "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", > "requireAllAttributes": false, > "requiredAttributes": { > "@class": "java.util.LinkedHashMap", > "memberOf": [ > "java.util.HashSet", > [ > "OU=blahblah", > "OU=blahblah", > "DC=blahblah", > "DC=myuniversity", > "CN=casmanagers", > "DC=fr" > ] > ] > } > }, > > Le mardi 17 octobre 2023 à 04:22:16 UTC+2, Ray Bon a écrit : > >> Frédéric, >> >> Are there any error messages in the logs? >> >> Ray >> >> On Fri, 2023-10-13 at 06:26 -0700, Frédéric Dussurget wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Hi, >> latest build broke MFA (both gauth and web-authn). I have kept besides a >> cas.war from august 22nd which is working fine with the exact same >> build.gradle deps and /etc/cas/config/cas/yml config. One difference is >> that the new cas.war was compiled and run (external tomcat) with openjdk 21 >> vs the other one was compiled and run with openjdk17 >> DB backend is Redis for everything. >> >> Thanks if anyone could help ... >> Regards, >> >> Fred >> >> Here are the deps I'm using : >> >> build.gradle : >> >> // ### MFA ### >> >> //MFA TOTP >> implementation >> "org.apereo.cas:cas-server-support-gauth:${project.'cas.version'}" >> implementation >> "org.apereo.cas:cas-server-support-gauth-redis:${project.'cas.version'}" >> >> // MFA FIDO2 WEBAUTHN >> implementation >> "org.apereo.cas:cas-server-support-webauthn:${project.'cas.version'}" >> implementation >> "org.apereo.cas:cas-server-support-webauthn-redis:${project.'cas.version'}" >> >> //MFA TRUSTED DEVICE >> implementation >> "org.apereo.cas:cas-server-support-trusted-mfa:${project.'cas.version'}" >> implementation "org.apereo.cas:cas-server-support-trusted-mfa-redis: >> ${project.'cas.version'}" >> >> Here is the MFA block in my cas.yml : >> >> mfa: >> core: >> provider-selection-enabled: true >> gauth: >> core: >> issuer: CASIssuer >> label: Blah >> scratch-codes.encryption.key: blah-blah-blah >> name: OATH Authentification >> crypto: >> encryption: >> key: blah-blah-blah >> signing: >> key: blah-blah-blah >> redis: >> host: localhost >> port: 6379 >> username: default >> password: blah-blah-blah >> sentinel: >> node[0]: blah-blah-blah:26379 >> node[1]: blah-blah-blah:26379 >> node[2]: blah-blah-blah:26379 >> master: instancecas >> >> web-authn: >> core: >> relying-party-id: blah-blah-blah.fr >> relying-party-name: blah-blah-blah >> allowed-origins: blah-blah-blah >> trusted-device-enabled: false >> application-id: blah-blah-blah >> crypto: >> encryption: >> key: blah-blah-blah >> signing: >> key: blah-blah-blah >> redis: >> host: localhost >> port: 6379 >> username: default >> password: blah-blah-blah >> sentinel: >> node[0]: blah-blah-blah:26379 >> node[1]: blah-blah-blah:26379 >> node[2]: blah-blah-blah:26379 >> master: instancecas >> >> trusted: >> core: >> auto-assign-device-name: true >> device-registration-enabled: true >> authentication-context-attribute: >> isFromTrustedMultifactorAuthentication >> redis: >> host: localhost >> port: 6379 >> username: default >> password: blah-blah-blah >> sentinel: >> node[0]: blah-blah-blah:26379 >> node[1]: blah-blah-blah:26379 >> node[2]: blah-blah-blah:26379 >> master: instancecas >> crypto: >> enabled: true >> signing: >> key: blah-blah-blah >> encryption: >> key: blah-blah-blah >> device-fingerprint: >> cookie: >> crypto: >> enabled: true >> signing: >> key: blah-blah-blah >> encryption: >> key: blah-blah-blah >> >> And the stacktrace : >> >> 2023-10-13 11:19:17,196 DEBUG >> [org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <Placing service >> in context scope: [https://blah-blah-blah:9447/protected]> >> 2023-10-13 11:19:17,196 DEBUG >> [org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <Placing >> registered service [https://blah-blah-blah] with id [48] in context >> scope> >> >> 2023-10-13 11:19:17,197 DEBUG >> [org.apereo.cas.web.flow.authentication.RegisteredServiceAuthenticationPolicySingleSignOnParticipationStrategy] >> >> - <Evaluating authentication policy >> [DefaultRegisteredServiceAuthenticationPolicy( >> requiredAuthenticationHandlers=[],excludedAuthenticationHandlers=[], >> criteria=null)] for [Service Test Bootiful]> >> >> 2023-10-13 11:19:17,197 DEBUG >> [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - >> <Resolved single event [success] via >> [org.apereo.cas.web.flow.resolver.impl.RankedMultifactorAuthenticationProviderWebflowEventResolver] >> >> for this context> >> 2023-10-13 11:19:27,246 DEBUG >> [org.apereo.cas.web.flow.CasFlowHandlerMapping] - <Mapped to >> [FlowHandlerMapping.DefaultFlowHandler@4fcf6be1]> >> 2023-10-13 11:19:27,250 DEBUG >> [org.apereo.cas.web.flow.CasFlowHandlerMapping] - <Mapped to >> [FlowHandlerMapping.DefaultFlowHandler@dacb3f2]> >> 2023-10-13 11:19:27,260 DEBUG >> [org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver] >> >> - <Request is not eligible to be issued service tickets just yet> >> >> 2023-10-13 11:19:27,276 WARN >> [org.apereo.cas.authentication.attribute.PrincipalAttributeRepositoryFetcher] >> >> - <No person records were fetched from attribute repositories for [{ >> principal=frederic.dussurget, blah blah, username=frederic.dussurget, >> service=https://blah-blah-blah:9447/protected}]> >> >> 2023-10-13 11:19:27,280 WARN >> [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] >> >> - <Name is null> >> java.lang.NullPointerException: Name is null >> at java.lang.Enum.valueOf(Enum.java:291) ~[?:?] >> at >> org.apereo.services.persondir.util.CaseCanonicalizationMode.valueOf(CaseCanonicalizationMode.java:26) >> >> ~[person-directory-impl-3.0.1.jar:?] >> at >> org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy.returnFinalAttributesCollection(AbstractRegisteredServiceAttributeReleasePolicy.java:250) >> >> ~[cas-server-core-authentication-attributes-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:134) >> >> ~[cas-server-core-authentication-attributes-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver.determineRegisteredServiceForEvent(DefaultCasDelegatingWebflowEventResolver.java:180) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver.resolveInternal(DefaultCasDelegatingWebflowEventResolver.java:82) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolve(AbstractCasWebflowEventResolver.java:48) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolveSingle(AbstractCasWebflowEventResolver.java:53) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.lambda$doExecuteInternal$0(AbstractAuthenticationAction.java:63) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.jooq.lambda.Unchecked.lambda$supplier$38(Unchecked.java:1695) >> ~[jool-0.9.15.jar:?] >> at >> org.apereo.cas.util.function.FunctionUtils.doUnchecked(FunctionUtils.java:449) >> >> ~[cas-server-core-util-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.doExecuteInternal(AbstractAuthenticationAction.java:41) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apereo.cas.web.flow.actions.BaseCasWebflowAction.doExecute(BaseCasWebflowAction.java:38) >> >> ~[cas-server-core-webflow-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at org.springframework.webflow.engine.State.enter(State.java:194) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.Transition.execute(Transition.java:228) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.ViewState.resume(ViewState.java:195) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at org.springframework.webflow.engine.Flow.resume(Flow.java:537) >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:254) >> >> ~[spring-webflow-3.0.0.jar:3.0.0] >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1086) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:979) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1011) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:914) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590) >> ~[servlet-api.jar:6.0] >> at >> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:885) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658) >> ~[servlet-api.jar:6.0] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:205) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) >> ~[tomcat-websocket.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:66) >> >> ~[spring-webmvc-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:391) >> >> ~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:177) >> >> ~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:62) >> >> ~[cas-server-core-web-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.boot.actuate.web.exchanges.servlet.HttpExchangesFilter.doFilterInternal(HttpExchangesFilter.java:89) >> >> ~[spring-boot-actuator-3.2.0-M3.jar:3.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:231) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:479) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:340) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator.lambda$wrapSecured$0(ObservationFilterChainDecorator.java:82) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:128) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:100) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:179) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:168) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:75) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:133) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:323) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:224) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:109) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:95) >> >> ~[cas-server-core-logging-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:124) >> >> ~[spring-boot-3.2.0-M3.jar:3.2.0-M3] >> at >> org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:99) >> >> ~[spring-boot-3.2.0-M3.jar:3.2.0-M3] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:117) >> >> ~[spring-boot-3.2.0-M3.jar:3.2.0-M3] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >> >> ~[spring-web-6.1.0-M5.jar:6.1.0-M5] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) >> >> ~[spring-security-web-6.2.0-M3.jar:6.2.0-M3] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:55) >> >> ~[cas-server-core-audit-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) >> >> ~[log4j-jakarta-web-2.20.0.jar:2.20.0] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:166) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:676) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) >> >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:738) >> ~[catalina.jar:10.1.9] >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341) >> ~[catalina.jar:10.1.9] >> at >> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:391) >> ~[tomcat-coyote.jar:10.1.9] >> at >> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) >> >> ~[tomcat-coyote.jar:10.1.9] >> at >> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:894) >> >> ~[tomcat-coyote.jar:10.1.9] >> at >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741) >> >> ~[tomcat-coyote.jar:10.1.9] >> at >> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) >> >> ~[tomcat-coyote.jar:10.1.9] >> at >> org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) >> >> ~[tomcat-util.jar:10.1.9] >> at >> org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) >> >> ~[tomcat-util.jar:10.1.9] >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> >> ~[tomcat-util.jar:10.1.9] >> at java.lang.Thread.run(Thread.java:1583) [?:?] >> 2023-10-13 11:19:27,280 DEBUG >> [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] >> >> - <Authentication request failed with [401], resulting in event [error]> >> 2023-10-13 11:19:27,280 DEBUG >> [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - >> <Resolved single event [error] via >> [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] >> >> for this context> >> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b33a5aa2-a6ff-4706-88d6-1109764e6e21n%40apereo.org.
![https://cas.myuniversity.fr/logo.svg"](https://cas.myuniversity.fr/logo.svg"){kind=link}