As a part of performance testing, we were seeing following behavior for OOTB cas. When you go to following url http://server/cas/login?username=test&password=test<=_cAAAA_kBBB&_eventId=submit (note it is ‘& lt’ without space and not ‘<’ if displayed incorrectly) cas goes in a redirect loop. Spring logs, shows following 2011-12-28 15:52:45,328 DEBUG [org.jasig.cas.web.NoSuchFlowExecutionExceptionResolver] - Error getting flow information for URL:/cas/login?username=test&password=test<=_cAAAA_kBBB&_eventId=submit org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key '_cAAAA_kBBB' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.; nested exception is org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id 'AAAA' -- perhaps this conversation has ended? at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getConversation(AbstractConversationFlowExecutionRepository.java:229) at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getLock(AbstractConversationFlowExecutionRepository.java:119) at org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:217) at org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111) at org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:662) Caused by: org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id 'AAAA' -- perhaps this conversation has ended? at org.springframework.webflow.conversation.impl.ConversationContainer.getConversation(ConversationContainer.java:107) at org.springframework.webflow.conversation.impl.SessionBindingConversationManager.getConversation(SessionBindingConversationManager.java:125) at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getConversation(AbstractConversationFlowExecutionRepository.java:227) ... 29 more 2011-12-28 15:52:45,328 DEBUG [org.springframework.web.servlet.DispatcherServlet] - Handler execution resulted in exception - forwarding to resolved error view: ModelAndView: materialized View is [org.springframework.web.servlet.view.RedirectView: unnamed; URL [/cas/login?username=test&password=test<=_cAAAA_kBBB&_eventId=submit]]; model is null org.springframework.webflow.execution.repository.NoSuchFlowExecutionException: No flow execution could be found with key '_cAAAA_kBBB' -- perhaps this executing flow has ended or expired? This could happen if your users are relying on browser history (typically via the back button) that references ended flows.; nested exception is org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id 'AAAA' -- perhaps this conversation has ended? at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getConversation(AbstractConversationFlowExecutionRepository.java:229) at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getLock(AbstractConversationFlowExecutionRepository.java:119) at org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:217) at org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111) at org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:662) Caused by: org.springframework.webflow.conversation.NoSuchConversationException: No conversation could be found with id 'AAAA' -- perhaps this conversation has ended? at org.springframework.webflow.conversation.impl.ConversationContainer.getConversation(ConversationContainer.java:107) at org.springframework.webflow.conversation.impl.SessionBindingConversationManager.getConversation(SessionBindingConversationManager.java:125) at org.springframework.webflow.execution.repository.support.AbstractConversationFlowExecutionRepository.getConversation(AbstractConversationFlowExecutionRepository.java:227) ... 29 more 2011-12-28 15:52:45,328 DEBUG [org.springframework.web.servlet.DispatcherServlet] - Rendering view [org.springframework.web.servlet.view.RedirectView: unnamed; URL [/cas/login?username=test&password=test<=_cAAAA_kBBB&_eventId=submit]] in DispatcherServlet with name 'cas' 2011-12-28 15:52:45,328 DEBUG [org.springframework.web.servlet.DispatcherServlet] - Successfully completed request 2011-12-28 15:52:45,328 DEBUG [org.springframework.web.servlet.DispatcherServlet] - DispatcherServlet with name 'cas' determining Last-Modified value for [/cas/login] So the spring correctly throws a ‘NoSuchFlowExecutionExceptionResolver’ which is caught by ‘org.jasig.cas.web.NoSuchFlowExecutionExceptionResolver’. BUT the user is redirected to the same url containing incorrect ‘lt’ value. Is this a know bug? Is there any to avoid the redirection or at least redirect to correct url (without the ‘lt’)? Please advice PS: I have read the credentials are not to be passed using a GET request. But this is part of performance test. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
