Hi all, It seems that this problem of flow is not resolved yet. I'm actually testing mfa with gauth on CAS v7.1 (also tested on v7.2) and i still have to make this change in the forms action on file src/main/resources/templates/gauth/casGoogleAuthenticatorRegistrationView.html.. With this change i can successfully register my device but that's all, just after this step i encouter an error 500 also linked to the flow:
Error: jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.otp.web.flow.OneTimeTokenAccountCheckRegistrationAction@342fddc in state 'accountRegistrationCheck' of flow 'mfa-gauth' -- action execution attributes were 'map[[empty]]' Any news here ? Regards, Bruno Le mardi 2 juillet 2024 à 12:03:20 UTC+2, Frédéric Dussurget a écrit : > Hi Artur, > I gave it a try this morning, this is exactly what I've done : > > - I flushed the db before > - cloned a brand new cas-overlay-template version=*7.1.0-SNAPSHOT* and > springBootVersion=3.3.1 (this morning master branch) > - First I gave it a try and *I can confirm to you that I could not > registered my device with this version*. > - Then I edited > https://github.com/apereo/cas/blob/master/support/cas-server-support-thymeleaf/src/main/resources/templates/gauth/casGoogleAuthenticatorRegistrationView.html > > : > nano > src/main/resources/templates/gauth/casGoogleAuthenticatorRegistrationView.html > changed line 20 from <form method="post" id="fm1" class="fm-v > clearfix" th:action="@{${'/' + activeFlowId} }"> to <form method="post" > id="fm1" class="fm-v clearfix" th:action="@{/login}"> > - build and deployed again the .war into tomcat (gradlew then mv as you > did) > - flushed my former cas entry in my device (google authenticator on my > mobile phone) > > Then I was able to register my mobile phone again and was able to log in. > > After that, and because like gaming, I deleted the > src/main/resources/templates/gauth/casGoogleAuthenticatorRegistrationView.html > > and regradlewed again all that stuff nut I did not flushed the db so my > device is still registered : I'm able to log in but cannot register any > other devices ... > > I would not submit a PR, because it looks more like a new mfa global > strategy change than a typo ... > > > > Le jeudi 27 juin 2024 à 15:29:56 UTC+2, artur mis a écrit : > >> I have changed casGoogleAuthenticatorRegistrationView.html >> /gradlew getResource >> -PresourceName=casGoogleAuthenticatorRegistrationView.html >> Edit >> changes to: >> <form method="post" id="fm1" class="fm-v clearfix" th:action="@{/login}"> >> ./gradlew clean build >> ./gradlew run >> logs: >> 2024-06-27 15:04:38,064 DEBUG >> [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl] >> - <Getting FlowDefinition with id 'login'> >> 2024-06-27 15:04:38,064 DEBUG >> [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl] >> - <Getting FlowDefinition with id 'mfa-gauth'> >> 2024-06-27 15:04:38,064 DEBUG >> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Resuming in >> org.springframework.webflow.mvc.servlet.MvcExternalContext@43d3c39c> >> 2024-06-27 15:04:38,064 DEBUG [org.springframework.webflow.engine.Flow] - >> <Restoring [FlowVariable@72d57e64 name = 'credential', valueFactory = >> [BeanFactoryVariableValueFactory@54271a0 type = >> GoogleAuthenticatorTokenCredential]]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.mvc.view.AbstractMvcView] - <Processing user >> event 'submit'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.mvc.view.AbstractMvcView] - <No model to bind >> to; done processing user event> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.ViewState] - <Event 'submit' returned >> from view [CasMvcViewFactoryCreator.CasServletMvcView@19fcc87f view = >> org.thymeleaf.spring6.view.ThymeleafView@20a0257c]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Executing >> [Transition@78d19fd5 on = submit, to = saveRegistration]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Exiting state >> 'viewRegistration'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.ActionState] - <Entering state >> 'saveRegistration' of flow 'mfa-gauth'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> [EvaluateAction@2858a08b expression = googleSaveAccountRegistrationAction, >> resultExpression = [null]]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> org.apereo.cas.gauth.web.flow.GoogleAuthenticatorSaveRegistrationAction@accba2d> >> 2024-06-27 15:04:38,065 DEBUG >> [org.apereo.cas.gauth.credential.GoogleAuthenticatorOneTimeTokenCredentialValidator] >> >> - <Authorizing token [442461] against account >> [OneTimeTokenAccount(id=1719493478065, validationCode=583590, >> username=casuser, name=serene_faraday, >> registrationDate=2024-06-27T13:04:38.065457164Z, lastUsedDateTime=null, >> source=null)]> >> 2024-06-27 15:04:38,065 WARN >> [org.apereo.cas.gauth.web.flow.GoogleAuthenticatorSaveRegistrationAction] - >> <Unable to authorize given token [442461] for account >> [OneTimeTokenAccount(id=1719493478065, validationCode=583590, >> username=casuser, name=serene_faraday, >> registrationDate=2024-06-27T13:04:38.065457164Z, lastUsedDateTime=null, >> source=null)]> >> 2024-06-27 15:04:38,065 ERROR >> [org.apereo.cas.otp.web.flow.OneTimeTokenAccountSaveRegistrationAction] - >> <Unable to validate account [OneTimeTokenAccount(id=1719493478065, >> validationCode=583590, username=casuser, name=serene_faraday, >> registrationDate=2024-06-27T13:04:38.065457164Z, lastUsedDateTime=null, >> source=null)]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Finished >> executing >> org.apereo.cas.gauth.web.flow.GoogleAuthenticatorSaveRegistrationAction@accba2d; >> >> result = error> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Finished >> executing [EvaluateAction@2858a08b expression = >> googleSaveAccountRegistrationAction, resultExpression = [null]]; result = >> error> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Executing >> [Transition@21706f35 on = *, to = accountRegistrationCheck]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Exiting state >> 'saveRegistration'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.ActionState] - <Entering state >> 'accountRegistrationCheck' of flow 'mfa-gauth'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> [EvaluateAction@27d141a0 expression = googleAccountCheckRegistrationAction, >> resultExpression = [null]]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> org.apereo.cas.otp.web.flow.OneTimeTokenAccountCheckRegistrationAction@d6db36a> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Finished >> executing >> org.apereo.cas.otp.web.flow.OneTimeTokenAccountCheckRegistrationAction@d6db36a; >> >> result = register> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Finished >> executing [EvaluateAction@27d141a0 expression = >> googleAccountCheckRegistrationAction, resultExpression = [null]]; result = >> register> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Executing >> [Transition@27ba422f on = register, to = viewRegistration]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.Transition] - <Exiting state >> 'accountRegistrationCheck'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.engine.ViewState] - <Entering state >> 'viewRegistration' of flow 'mfa-gauth'> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> [SetAction@28627feb name = viewScope.principal, value = >> conversationScope.authentication.principal]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Finished >> executing [SetAction@28627feb name = viewScope.principal, value = >> conversationScope.authentication.principal]; result = success> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> [EvaluateAction@127cb29e expression = >> googleAccountCreateRegistrationAction, resultExpression = [null]]> >> 2024-06-27 15:04:38,065 DEBUG >> [org.springframework.webflow.execution.ActionExecutor] - <Executing >> org.apereo.cas.otp.web.flow.OneTimeTokenAccountCreateRegistrationAction@3208f7f> >> 2024-06-27 15:04:38,071 DEBUG >> [org.apereo.cas.otp.web.flow.OneTimeTokenAccountCreateRegistrationAction] - >> <Registration key URI is >> [otpauth://totp/CASLabel:casuser?secret=****************]> >> >> >> I was thinking that i have wrong sync time becouse : >> 2024-06-27 15:04:38,065 ERROR >> [org.apereo.cas.otp.web.flow.OneTimeTokenAccountSaveRegistrationAction] - >> <Unable to validate account [OneTimeTokenAccount(id=1719493478065, >> validationCode=583590, username=casuser, name=serene_faraday, >> registrationDate=2024-06-27T13:04:38.065457164Z, lastUsedDateTime=null, >> source=null)]> >> LOGS are in CEST but some internal logs are UTC but they look like the >> same after calculation. >> >> >> Finally: I havent recive logs like before with 403 but : >> 024-06-27 15:25:53,702 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - <Completed 401 >> UNAUTHORIZED> >> So i'm still in black ass. >> >> On Thursday, June 27, 2024 at 1:11:29 PM UTC+2 artur mis wrote: >> >>> Could anybody confirm that this issue still appear itself in v7.1. >>> Ii seems i have the same . My logs : >>> >>> [env : simple as posible casuser:Mellon with mf-gauth run by ./gradlew >>> run debug,time synced with ntpd server] >>> >>> 2024-06-27 12:09:08,262 DEBUG >>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping >>> request with URI '/cas/mfa-gauth' to flow with id 'mfa-gauth'> >>> 2024-06-27 12:09:08,262 DEBUG >>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping >>> request with URI '/cas/mfa-gauth' to flow with id 'mfa-gauth'> >>> 2024-06-27 12:09:08,263 DEBUG >>> [org.springframework.boot.actuate.audit.listener.AuditListener] - >>> <AuditEvent [timestamp=2024-06-27T10:09:08.263569200Z, >>> principal=anonymousUser, type=AUTHORIZATION_FAILURE, >>> data={details=WebAuthenticationDetails [RemoteIpAddress=127.0.0.1, >>> SessionId=null]}]> >>> 2024-06-27 12:09:08,266 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - <"ERROR" dispatch for >>> POST "/cas/error", parameters={masked}> >>> 2024-06-27 12:09:08,266 DEBUG >>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>> >>> - <Mapped to >>> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#error(HttpServletRequest)> >>> 2024-06-27 12:09:08,267 DEBUG >>> [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] >>> >>> - <Using 'application/vnd.cas.services+yaml', given [*/*] and supported >>> [application/vnd.cas.services+yaml, application/json, application/*+json, >>> application/xml;charset=UTF-8, text/xml;charset=UTF-8, >>> application/*+xml;charset=UTF-8]> >>> 2024-06-27 12:09:08,268 DEBUG >>> [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] >>> >>> - <Writing [{timestamp=Thu Jun 27 12:09:08 CEST 2024, status=403, >>> error=Forbidden, message=Access Denied, path=/ (truncated)...]> >>> 2024-06-27 12:09:08,269 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - <Exiting from "ERROR" >>> dispatch, status 403> >>> 2024-06-27 12:09:16,765 DEBUG >>> [org.apereo.cas.otp.repository.token.OneTimeTokenRepositoryCleaner] - >>> <Starting to clean previously used authenticator tokens from >>> [BaseOneTimeTokenRepository()] at >>> [2024-06-27T12:09:16.765857631+02:00[Europe/Warsaw]]> >>> >>> On Wednesday, January 10, 2024 at 7:52:52 PM UTC+1 Al Faller wrote: >>> >>>> Did some http level comparison between 6.6 and 7.0 - >>>> 6.6 sends the POST to /cas/login, whereas >>>> 7.0 sends the POST to /cas/mfa-gauth >>>> >>>> So, editing the form action in the html for the device registration, I >>>> set the action=/cas/login on my 7.0 test and it worked! >>>> >>>> Looks like the form was changed in commit 15580dc in October, for "allow >>>> account profile to allow users to register devices with gauth". I don't >>>> pretend to understand how the flow was changed, but maybe this will help >>>> someone with straightening this out. Unfortunately my hack works fine >>>> with >>>> a vanilla version of CAS running, but does not work once I turn on all of >>>> the features I need (I get different errors though, which is likely >>>> related >>>> to the flow changes). >>>> >>>> >>>> >>>> >>>> >>>> On Wed, Jan 10, 2024 at 11:00 AM Al Faller <[email protected]> wrote: >>>> >>>>> HI All - >>>>> >>>>> Turned on debugging for spring and it looks like spring is sending the >>>>> error: >>>>> >>>>> 2024-01-10 15:49:02,787 INFO >>>>> [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] >>>>> expired tickets removed.> >>>>> 2024-01-10 15:49:10,713 DEBUG >>>>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping >>>>> request with URI '/cas/mfa-gauth' to flow with id 'mfa-gauth'> >>>>> 2024-01-10 15:49:10,715 DEBUG >>>>> [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping >>>>> request with URI '/cas/mfa-gauth' to flow with id 'mfa-gauth'> >>>>> 2024-01-10 15:49:10,716 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Trying to match >>>>> request against DefaultSecurityFilterChain [RequestMatcher=any request, >>>>> Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@b09f0dd, >>>>> >>>>> org.springframework.security.web.access.channel.ChannelProcessingFilter@72011381, >>>>> >>>>> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@782e15e, >>>>> >>>>> org.springframework.security.web.context.SecurityContextHolderFilter@3824c76c, >>>>> >>>>> org.springframework.web.filter.CorsFilter@3baaf6b3, >>>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter@465fbf9b, >>>>> >>>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@32ec28f8, >>>>> >>>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter@336656e0, >>>>> >>>>> org.springframework.security.web.access.ExceptionTranslationFilter@2410c8fa, >>>>> >>>>> org.springframework.security.web.access.intercept.AuthorizationFilter@19ff9d9a]] >>>>> >>>>> (1/1)> >>>>> 2024-01-10 15:49:10,716 DEBUG >>>>> [org.springframework.security.web.FilterChainProxy] - <Securing POST >>>>> /mfa-gauth> >>>>> 2024-01-10 15:49:10,716 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> DisableEncodeUrlFilter (1/10)> >>>>> 2024-01-10 15:49:10,717 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> ChannelProcessingFilter (2/10)> >>>>> 2024-01-10 15:49:10,717 TRACE >>>>> [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource] >>>>> >>>>> - <Did not match request to >>>>> org.apereo.cas.web.security.CasWebSecurityConfigurerAdapter$$Lambda/0x00007f631cae9678@1cc4d16 >>>>> >>>>> - [REQUIRES_SECURE_CHANNEL] (1/1)> >>>>> 2024-01-10 15:49:10,718 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> WebAsyncManagerIntegrationFilter (3/10)> >>>>> 2024-01-10 15:49:10,718 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> SecurityContextHolderFilter (4/10)> >>>>> 2024-01-10 15:49:10,718 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> CorsFilter >>>>> (5/10)> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> RequestCacheAwareFilter (6/10)> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - >>>>> <matchingRequestParameterName is required for getMatchingRequest to >>>>> lookup >>>>> a value, but not provided> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> SecurityContextHolderAwareRequestFilter (7/10)> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> AnonymousAuthenticationFilter (8/10)> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> ExceptionTranslationFilter (9/10)> >>>>> 2024-01-10 15:49:10,719 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> AuthorizationFilter (10/10)> >>>>> 2024-01-10 15:49:10,720 TRACE >>>>> [org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager] >>>>> >>>>> - <Authorizing SecurityContextHolderAwareRequestWrapper[ >>>>> FirewalledRequest[ >>>>> org.apache.catalina.connector.RequestFacade@4d5329b9]]> >>>>> 2024-01-10 15:49:10,739 TRACE >>>>> [org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager] >>>>> >>>>> - <Denying request since did not find matching RequestMatcher> >>>>> 2024-01-10 15:49:13,459 TRACE >>>>> [org.springframework.security.web.context.SupplierDeferredSecurityContext] >>>>> >>>>> - <Created SecurityContextImpl [Null authentication]> >>>>> 2024-01-10 15:49:13,459 TRACE >>>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>>> >>>>> - <No HttpSession currently exists> >>>>> 2024-01-10 15:49:13,459 TRACE >>>>> [org.springframework.security.web.context.SupplierDeferredSecurityContext] >>>>> >>>>> - <Created SecurityContextImpl [Null authentication]> >>>>> 2024-01-10 15:49:13,459 TRACE >>>>> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] >>>>> >>>>> - <Set SecurityContextHolder to AnonymousAuthenticationToken >>>>> [Principal=anonymousUser, Credentials=[PROTECTED], Authenticated=true, >>>>> Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, >>>>> SessionId=null], Granted Authorities=[ROLE_ANONYMOUS]]> >>>>> 2024-01-10 15:49:13,460 TRACE >>>>> [org.springframework.security.web.access.ExceptionTranslationFilter] - >>>>> <Sending AnonymousAuthenticationToken [Principal=anonymousUser, >>>>> Credentials=[PROTECTED], Authenticated=true, >>>>> Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, >>>>> SessionId=null], Granted Authorities=[ROLE_ANONYMOUS]] to authentication >>>>> entry point since access is denied> >>>>> org.springframework.security.access.AccessDeniedException: Access >>>>> Denied >>>>> at >>>>> org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:98) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126) >>>>> at >>>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:179) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:75) >>>>> at >>>>> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:133) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:323) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:224) >>>>> at >>>>> org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) >>>>> at >>>>> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) >>>>> at >>>>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) >>>>> at >>>>> org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) >>>>> at >>>>> org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:195) >>>>> at >>>>> org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) >>>>> at >>>>> org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) >>>>> at >>>>> org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:225) >>>>> at >>>>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352) >>>>> at >>>>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:109) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:95) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) >>>>> at >>>>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) >>>>> at >>>>> org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:32) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) >>>>> at >>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) >>>>> at >>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) >>>>> at >>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) >>>>> at >>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482) >>>>> at >>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) >>>>> at >>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) >>>>> at >>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) >>>>> at >>>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:673) >>>>> at >>>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:735) >>>>> at >>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:340) >>>>> at >>>>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:391) >>>>> at >>>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) >>>>> at >>>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:896) >>>>> at >>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1744) >>>>> at >>>>> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) >>>>> at java.base/java.lang.VirtualThread.run(VirtualThread.java:309) >>>>> 2024-01-10 15:49:13,462 TRACE >>>>> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - >>>>> <Did not save request since it did not match [And [Not [Ant >>>>> [pattern='/**/favicon.*']], Not [MediaTypeRequestMatcher >>>>> [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@52ed42d6, >>>>> >>>>> matchingMediaTypes=[application/json], useEquals=false, >>>>> ignoredMediaTypes=[*/*]]], Not [RequestHeaderRequestMatcher >>>>> [expectedHeaderName=X-Requested-With, >>>>> expectedHeaderValue=XMLHttpRequest]], >>>>> Not [MediaTypeRequestMatcher >>>>> [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@52ed42d6, >>>>> >>>>> matchingMediaTypes=[multipart/form-data], useEquals=false, >>>>> ignoredMediaTypes=[*/*]]], Not [MediaTypeRequestMatcher >>>>> [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@52ed42d6, >>>>> >>>>> matchingMediaTypes=[text/event-stream], useEquals=false, >>>>> ignoredMediaTypes=[*/*]]]]]> >>>>> 2024-01-10 15:49:13,462 DEBUG >>>>> [org.springframework.security.web.authentication.Http403ForbiddenEntryPoint] >>>>> >>>>> - <Pre-authenticated entry point called. Rejecting access> >>>>> 2024-01-10 15:49:13,485 TRACE >>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>>> >>>>> - <2 matching mappings: [{ [/error]}, { [/error], produces [text/html]}]> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Trying to match >>>>> request against DefaultSecurityFilterChain [RequestMatcher=any request, >>>>> Filters=[org.springframework.security.web.session.DisableEncodeUrlFilter@b09f0dd, >>>>> >>>>> org.springframework.security.web.access.channel.ChannelProcessingFilter@72011381, >>>>> >>>>> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@782e15e, >>>>> >>>>> org.springframework.security.web.context.SecurityContextHolderFilter@3824c76c, >>>>> >>>>> org.springframework.web.filter.CorsFilter@3baaf6b3, >>>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter@465fbf9b, >>>>> >>>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@32ec28f8, >>>>> >>>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter@336656e0, >>>>> >>>>> org.springframework.security.web.access.ExceptionTranslationFilter@2410c8fa, >>>>> >>>>> org.springframework.security.web.access.intercept.AuthorizationFilter@19ff9d9a]] >>>>> >>>>> (1/1)> >>>>> 2024-01-10 15:49:13,503 DEBUG >>>>> [org.springframework.security.web.FilterChainProxy] - <Securing POST >>>>> /error> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> DisableEncodeUrlFilter (1/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> ChannelProcessingFilter (2/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource] >>>>> >>>>> - <Did not match request to >>>>> org.apereo.cas.web.security.CasWebSecurityConfigurerAdapter$$Lambda/0x00007f631cae9678@1cc4d16 >>>>> >>>>> - [REQUIRES_SECURE_CHANNEL] (1/1)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> WebAsyncManagerIntegrationFilter (3/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> SecurityContextHolderFilter (4/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> CorsFilter >>>>> (5/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> RequestCacheAwareFilter (6/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - >>>>> <matchingRequestParameterName is required for getMatchingRequest to >>>>> lookup >>>>> a value, but not provided> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> SecurityContextHolderAwareRequestFilter (7/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> AnonymousAuthenticationFilter (8/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> ExceptionTranslationFilter (9/10)> >>>>> 2024-01-10 15:49:13,503 TRACE >>>>> [org.springframework.security.web.FilterChainProxy] - <Invoking >>>>> AuthorizationFilter (10/10)> >>>>> 2024-01-10 15:49:13,504 TRACE >>>>> [org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager] >>>>> >>>>> - <Authorizing SecurityContextHolderAwareRequestWrapper[ >>>>> FirewalledRequest[ >>>>> org.apache.catalina.core.ApplicationHttpRequest@16ba441]]> >>>>> 2024-01-10 15:49:13,504 TRACE >>>>> [org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager] >>>>> >>>>> - <Checking authorization on SecurityContextHolderAwareRequestWrapper[ >>>>> FirewalledRequest[ >>>>> org.apache.catalina.core.ApplicationHttpRequest@16ba441]] using >>>>> org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer$$Lambda/0x00007f631caeb020@73216a8b> >>>>> 2024-01-10 15:49:13,504 DEBUG >>>>> [org.springframework.security.web.FilterChainProxy] - <Secured POST >>>>> /error> >>>>> 2024-01-10 15:49:13,504 TRACE >>>>> [org.springframework.web.servlet.i18n.CookieLocaleResolver] - <Parsed >>>>> cookie value [en-US] into locale 'en_US'> >>>>> 2024-01-10 15:49:13,504 TRACE >>>>> [org.springframework.web.servlet.DispatcherServlet] - <"ERROR" dispatch >>>>> for >>>>> POST "/cas/error", parameters={masked}, headers={masked} in >>>>> DispatcherServlet 'dispatcherServlet'> >>>>> 2024-01-10 15:49:13,505 TRACE >>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>>> >>>>> - <2 matching mappings: [{ [/error]}, { [/error], produces [text/html]}]> >>>>> 2024-01-10 15:49:13,505 TRACE >>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] >>>>> >>>>> - <Mapped to >>>>> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#error(HttpServletRequest)> >>>>> 2024-01-10 15:49:13,513 TRACE >>>>> [org.springframework.web.method.HandlerMethod] - <Arguments: >>>>> [org.springframework.web.servlet.resource.ResourceUrlEncodingFilter$ResourceUrlEncodingRequestWrapper@3b6c3379]> >>>>> 2024-01-10 15:49:13,531 DEBUG >>>>> [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] >>>>> >>>>> - <Using 'application/vnd.cas.services+yaml', given [*/*] and supported >>>>> [application/vnd.cas.services+yaml, application/json, application/*+json, >>>>> application/xml;charset=UTF-8, text/xml;charset=UTF-8, >>>>> application/*+xml;charset=UTF-8]> >>>>> 2024-01-10 15:49:13,531 TRACE >>>>> [org.springframework.web.servlet.mvc.method.annotation.HttpEntityMethodProcessor] >>>>> >>>>> - <Writing [{timestamp=Wed Jan 10 15:49:13 UTC 2024, status=403, >>>>> error=Forbidden, message=Access Denied, path=/cas/mfa-gauth}]> >>>>> 2024-01-10 15:49:13,574 TRACE >>>>> [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter] >>>>> >>>>> - <Applying default cacheSeconds=-1> >>>>> 2024-01-10 15:49:13,574 TRACE >>>>> [org.springframework.web.servlet.DispatcherServlet] - <No view rendering, >>>>> null ModelAndView returned.> >>>>> 2024-01-10 15:49:13,576 DEBUG >>>>> [org.springframework.web.servlet.DispatcherServlet] - <Exiting from >>>>> "ERROR" >>>>> dispatch, status 403, headers={masked}> >>>>> 2024-01-10 15:49:13,576 TRACE >>>>> [org.springframework.security.web.context.SupplierDeferredSecurityContext] >>>>> >>>>> - <Created SecurityContextImpl [Null authentication]> >>>>> 2024-01-10 15:49:13,576 TRACE >>>>> [org.springframework.security.web.context.HttpSessionSecurityContextRepository] >>>>> >>>>> - <No HttpSession currently exists> >>>>> 2024-01-10 15:49:13,576 TRACE >>>>> [org.springframework.security.web.context.SupplierDeferredSecurityContext] >>>>> >>>>> - <Created SecurityContextImpl [Null authentication]> >>>>> 2024-01-10 15:49:13,576 TRACE >>>>> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] >>>>> >>>>> - <Set SecurityContextHolder to AnonymousAuthenticationToken >>>>> [Principal=anonymousUser, Credentials=[PROTECTED], Authenticated=true, >>>>> Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, >>>>> SessionId=null], Granted Authorities=[ROLE_ANONYMOUS]]> >>>>> >>>>> On Wednesday, January 10, 2024 at 7:57:27 AM UTC-5 Frédéric Dussurget >>>>> wrote: >>>>> >>>>>> Hi Al, >>>>>> I've got the same issue, could not fixed it. F12 console in your >>>>>> browser might throw a 401 error ... (for info my db backend is redis) >>>>>> we have a topic here : >>>>>> https://groups.google.com/a/apereo.org/g/cas-user/c/XKFgFS__U9M >>>>>> regards, >>>>>> >>>>>> >>>>>> Le mercredi 10 janvier 2024 à 05:26:03 UTC+1, Al Faller a écrit : >>>>>> >>>>>>> Hi - >>>>>>> >>>>>>> Trying to get mfa-gauth working with 7.0. Unfortunately when I'm >>>>>>> attempting to "Confirm account registration" (save my new device), I >>>>>>> receive a 403 error back from CAS at /cas/mfa-gauth and an error on the >>>>>>> screen. I can reproduce this with a clean copy of the overlay. My >>>>>>> steps: >>>>>>> >>>>>>> - add 'implementation "org.apereo.cas:cas-server-support-gauth"' >>>>>>> to the build.gradle >>>>>>> - ./gradlew build >>>>>>> - add cas.authn.mfa.triggers.global.global-provider-id=mfa-gauth to >>>>>>> /etc/cas/config/cas.properties >>>>>>> - java -jar build/libs/cas.war --server.ssl.enabled=false >>>>>>> --server.port=8080 >>>>>>> >>>>>>> From chrome developer tools, looks like the following was returned: >>>>>>> --- !<java.util.LinkedHashMap> >>>>>>> timestamp: "2024-01-09T22:48:27.384+00:00" >>>>>>> status: 403 >>>>>>> error: "Forbidden" >>>>>>> message: "Access Denied" >>>>>>> path: "/cas/mfa-gauth" >>>>>>> >>>>>>> added debug logging - nothing useful shows up. >>>>>>> >>>>>>> Attached is the screenshot: >>>>>>> [image: Screenshot from 2024-01-09 17-45-14.png] >>>>>>> >>>>>>> Any ideas why this might be breaking? I have tried 7.0 and master >>>>>>> with no luck. >>>>>>> >>>>>>> Thanks in advance, >>>>>>> >>>>>>> Al >>>>>>> >>>>>>> -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f59b43d3-3aea-4dc5-ab19-dc11dd7bee12n%40apereo.org.
