Yet another info with spring web logs :
2024-04-23 16:46:27,232 DEBUG
[org.springframework.security.web.FilterChainProxy] - <Securing POST /error>
2024-04-23 16:46:27,232 DEBUG
[org.springframework.security.web.access.channel.ChannelProcessingFilter] -
<Request: filter invocation [POST /error]; ConfigAttributes:
[REQUIRES_SECURE_CHANNEL]>
2024-04-23 16:46:27,233 DEBUG
[org.springframework.security.web.FilterChainProxy] - <Secured POST /error>
2024-04-23 16:46:27,234 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch
for POST "/cas/error", parameters={masked}>
2024-04-23 16:46:27,234 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- <Mapped to
org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#error(HttpServletRequest)>
2024-04-23 16:46:27,244 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor]
- <Using 'application/vnd.cas.services+yaml', given [*/*] and supported
[application/vnd.cas.services+yaml, application/json, application/*+json,
application/cbor, application/xml;charset=UTF-8, text/xml;charset=UTF-8,
application/*+xml;charset=UTF-8]>
2024-04-23 16:46:27,244 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor]
- <Writing [{timestamp=Tue Apr 23 16:46:27 CEST 2024, status=403,
error=Forbidden, message=Forbidden, path=/cas/ (truncated)...]>
2024-04-23 16:46:27,273 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Exiting from
"FORWARD" dispatch, status 403>
2024-04-23 16:46:27,273 DEBUG
[org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
- <Set SecurityContextHolder to anonymous SecurityContext>
Le mercredi 24 avril 2024 à 05:54:03 UTC+2, Frédéric Dussurget a écrit :
> Hi,
> Some additional info : The base64 for decoded response is :
>
> --- !<java.util.LinkedHashMap>
> timestamp: "2024-04-23T14:14:08.165+00:00"
> status: 403
> error: "Forbidden"
> message: "Forbidden"
> path: "/cas/webauthn/register"
>
>
>
>
> Le jeudi 18 avril 2024 à 11:56:56 UTC+2, Frédéric Dussurget a écrit :
>
>> Hi,
>> We cannot register devices anymore with mfa-webauthn since last week.
>> It works with a clone of cas-overlay-template from April 11th but not
>> with today's clone (April 18th). Same dependencies and same cas.properties
>> directives. Master CAS 7 branch.
>>
>> When trying to register a new device, I have this message on the login :
>>
>> JSON.parse: unexpected non-digit at line 1 column 2 of the JSON data
>>
>> In the firefox debugger :
>>
>> XHRPOST
>> https://mycasdev.mywonderfuluniv.fr/cas/webauthn/register
>> [HTTP/1.1 200 63ms]
>>
>> Registration failed DOMException: CredentialContainer request is not
>> allowed.
>> createCredential
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:102
>> executeRegisterRequest
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:347
>> executeRequest
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:444
>> performCeremony
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:400
>> promise callback*performCeremony
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:386
>> register
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:434
>> <anonymous> https://mycasdev.mywonderfuluniv.fr/cas/login:373
>> webauthn.js:474:21
>> Uncaught (in promise) DOMException: CredentialContainer request is not
>> allowed.
>> createCredential
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:102
>> executeRegisterRequest
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:347
>> executeRequest
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:444
>> performCeremony
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:400
>> promise callback*performCeremony
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:386
>> register
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:434
>> <anonymous> https://mycasdev.mywonderfuluniv.fr/cas/login:373
>>
>>
>> If I try to reuse a device that had already been registered, I have this
>> error in the ff debugger with today's build :
>>
>> XHRPOST
>> https://mycasdev.mywonderfuluniv.fr/cas/webauthn/authenticate
>> [HTTP/1.1 403 131ms]
>>
>> Authentication failed SyntaxError: JSON.parse: unexpected non-digit at
>> line 1 column 2 of the JSON data webauthn.js:570:17
>> authenticate
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:570
>> (Asynchrone : promise callback)
>> authenticate
>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:561
>> <anonyme> https://mycasdev.mywonderfuluniv.fr/cas/login:356
>> Uncaught (in promise) SyntaxError: JSON.parse: unexpected non-digit at
>> line 1 column 2 of the JSON data
>>
>> Regards,
>>
>>
>>
>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/da6c1720-b0f7-4bb4-8dbf-9a4c190b8678n%40apereo.org.
