Hi, This is due to my change here: https://github.com/apereo/cas/pull/6015
Though, this should be fixed in the latest 7.1.0-SNAPSHOT. Thanks. Best regards, Jérôme Le jeu. 25 avr. 2024 à 07:14, Frédéric Dussurget <[email protected]> a écrit : > Yet another info with spring web logs : > > 2024-04-23 16:46:27,232 DEBUG > [org.springframework.security.web.FilterChainProxy] - <Securing POST /error> > 2024-04-23 16:46:27,232 DEBUG > [org.springframework.security.web.access.channel.ChannelProcessingFilter] - > <Request: filter invocation [POST /error]; ConfigAttributes: > [REQUIRES_SECURE_CHANNEL]> > 2024-04-23 16:46:27,233 DEBUG > [org.springframework.security.web.FilterChainProxy] - <Secured POST /error> > 2024-04-23 16:46:27,234 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <"FORWARD" dispatch > for POST "/cas/error", parameters={masked}> > 2024-04-23 16:46:27,234 DEBUG > [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] > - <Mapped to > org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#error(HttpServletRequest)> > 2024-04-23 16:46:27,244 DEBUG > [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] > - <Using 'application/vnd.cas.services+yaml', given [*/*] and supported > [application/vnd.cas.services+yaml, application/json, application/*+json, > application/cbor, application/xml;charset=UTF-8, text/xml;charset=UTF-8, > application/*+xml;charset=UTF-8]> > 2024-04-23 16:46:27,244 DEBUG > [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] > - <Writing [{timestamp=Tue Apr 23 16:46:27 CEST 2024, status=403, > error=Forbidden, message=Forbidden, path=/cas/ (truncated)...]> > 2024-04-23 16:46:27,273 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Exiting from > "FORWARD" dispatch, status 403> > 2024-04-23 16:46:27,273 DEBUG > [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] > - <Set SecurityContextHolder to anonymous SecurityContext> > > Le mercredi 24 avril 2024 à 05:54:03 UTC+2, Frédéric Dussurget a écrit : > >> Hi, >> Some additional info : The base64 for decoded response is : >> >> --- !<java.util.LinkedHashMap> >> timestamp: "2024-04-23T14:14:08.165+00:00" >> status: 403 >> error: "Forbidden" >> message: "Forbidden" >> path: "/cas/webauthn/register" >> >> >> >> >> Le jeudi 18 avril 2024 à 11:56:56 UTC+2, Frédéric Dussurget a écrit : >> >>> Hi, >>> We cannot register devices anymore with mfa-webauthn since last week. >>> It works with a clone of cas-overlay-template from April 11th but not >>> with today's clone (April 18th). Same dependencies and same cas.properties >>> directives. Master CAS 7 branch. >>> >>> When trying to register a new device, I have this message on the login : >>> >>> JSON.parse: unexpected non-digit at line 1 column 2 of the JSON data >>> >>> In the firefox debugger : >>> >>> XHRPOST >>> https://mycasdev.mywonderfuluniv.fr/cas/webauthn/register >>> [HTTP/1.1 200 63ms] >>> >>> Registration failed DOMException: CredentialContainer request is not >>> allowed. >>> createCredential >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:102 >>> executeRegisterRequest >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:347 >>> executeRequest >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:444 >>> performCeremony >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:400 >>> promise callback*performCeremony >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:386 >>> register >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:434 >>> <anonymous> https://mycasdev.mywonderfuluniv.fr/cas/login:373 >>> webauthn.js:474:21 >>> Uncaught (in promise) DOMException: CredentialContainer request is not >>> allowed. >>> createCredential >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:102 >>> executeRegisterRequest >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:347 >>> executeRequest >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:444 >>> performCeremony >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:400 >>> promise callback*performCeremony >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:386 >>> register >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:434 >>> <anonymous> https://mycasdev.mywonderfuluniv.fr/cas/login:373 >>> >>> >>> If I try to reuse a device that had already been registered, I have this >>> error in the ff debugger with today's build : >>> >>> XHRPOST >>> https://mycasdev.mywonderfuluniv.fr/cas/webauthn/authenticate >>> [HTTP/1.1 403 131ms] >>> >>> Authentication failed SyntaxError: JSON.parse: unexpected non-digit at >>> line 1 column 2 of the JSON data webauthn.js:570:17 >>> authenticate >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:570 >>> (Asynchrone : promise callback) >>> authenticate >>> https://mycasdev.mywonderfuluniv.fr/cas/js/webauthn/webauthn.js:561 >>> <anonyme> https://mycasdev.mywonderfuluniv.fr/cas/login:356 >>> Uncaught (in promise) SyntaxError: JSON.parse: unexpected non-digit at >>> line 1 column 2 of the JSON data >>> >>> Regards, >>> >>> >>> >>> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/da6c1720-b0f7-4bb4-8dbf-9a4c190b8678n%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/da6c1720-b0f7-4bb4-8dbf-9a4c190b8678n%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LxUmfd%2B9NXxbbjW%3DUXWVkYDKLo20OS3NhJ6GnDnh87EGw%40mail.gmail.com.
