Hi Jérôme, Yeah sorry about the lenghty-ugly stack trace, I've got no real way to format it...
Here's my cas.properties file where I define the entry points: cas.securityContext.serviceProperties.service=https://d1109142:8181/cas/services/j_acegi_cas_security_check cas.securityContext.casProcessingFilterEntryPoint.loginUrl=https://d1109142:8181/cas/login cas.securityContext.ticketValidator.casServerUrlPrefix=https://d1104142:8181/cas cas.securityContext.casProxyTicketValidator.casValidate=https://d1104142:8181/cas/proxyValidate cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN ticket.cleaner.database.platform=SQL92 database.hibernate.dialect=org.hibernate.dialect.MySQLDialect host.name=d1109142 cas.themeResolver.defaultThemeName=default cas.viewResolver.basename=default_views And in the deployerConfigContext.xml: <sec:user-service id="userDetailsService"> <sec:user name="[email protected]"<mailto:[email protected]> password="notused" authorities="ROLE_ADMIN" /> </sec:user-service> Along with: <bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl" p:entityManagerFactory-ref="entityManagerFactory" /> <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="dataSource" ref="TicketDBSource"/> <property name="jpaVendorAdapter"> <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="generateDdl" value="true"/> <property name="showSql" value="true" /> </bean> </property> <property name="jpaProperties"> <props> <prop key="hibernate.dialect">org.hibernate.dialect.MySQLInnoDBDialect</prop> <prop key="hibernate.hbm2ddl.auto">update</prop> </props> </property> </bean> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="entityManagerFactory"/> </bean> <tx:annotation-driven transaction-manager="transactionManager"/> <bean id="TicketDBSource" class="org.apache.commons.dbcp.BasicDataSource" p:driverClassName="com.mysql.jdbc.Driver" p:url="jdbc:mysql://bi-db-testix.sopres.be:3306/cas_sso_devl?autoReconnect=true" p:password="mypwd" p:username="cas_sso_admin" /> I've had a problem before where a user tried to set a non-existing theme, which created a null-pointer when I tried to load the services management. But here, I have no other traces. I've redo the installation from scratch quite a few times now. Thanks for your time! Regards, ___________________________________________________ SEBASTIEN TOULMONDE UNIX System Administrator Information Services Department BISNODE Direct: +32 2 555 96 86 Mobile: +32 475 49 81 45 Office fax: +32 2 521 21 98 E-mail: [email protected]<mailto:[email protected]> Address: Researchdreef 65 Allée de la Recherche, 1070 Brussels, Belgium www.bisnode.be<http://www.bisnode.be> __________________________________________________ On 01/10/13 14:29, Jérôme LELEU wrote: Hi, Your stacktrace is hard to read. I see an "Access is denied" and a redirection through the authentication entry point, which is pretty normal when you are not authenticated and try to access a protected page. The main settings are the urls of the services webapp and entry point ("CAS URLs" in the wiki page) and the ROLE_ADMIN for the right user. The blank screen is pretty strange : sure that you don't have any error logs somewhere ? Best regards, Jérôme 2013/10/1 Sébastien Toulmonde <[email protected]<mailto:[email protected]>> Hi CAS gurus, I'm having the strangest issue right now regarding the services management app... It's no more accessible: I get a blank screen (https://cas-server:8181/cas/services) I've tried on several servers, including a separate workstation, and hit several DBs - same issue. I'm using Mysql as a back-end for services management (like in the wiki https://wiki.jasig.org/display/CASUM/Configuring) Lowering the logs to debug/trace, I found this: 2013-10-01 09:37:28,956 DEBUG [org.springframework.security.web.FilterChainProxy] - Converted URL to lowercase, from: '/services'; to: '/services' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - Candidate is: '/services'; pattern is /services/loggedout.html; matched=false 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - Converted URL to lowercase, from: '/services'; to: '/services' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - Candidate is: '/services'; pattern is /**; matched=true 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 1 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.context.SecurityContextPersistenceFilter@461e4b' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - HttpSession returned null object for SPRING_SECURITY_CONTEXT 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@b0ce1f. A new one will be created. 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 2 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.logout.LogoutFilter@e55a5c' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 3 of 12 in additional filter chain; firing Filter: 'org.springframework.security.cas.web.CasAuthenticationFilter@19a1fd9' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 4 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1dce27e' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 5 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@19cf5f6' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 6 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.www.BasicAuthenticationFilter@e8bccf' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 7 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.savedrequest.RequestCacheAwareFilter@1b21964' 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - pathInfo: both null (property equals) 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - queryString: both null (property equals) 2013-10-01 09:37:28,957 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - requestURI: arg1=/cas/services; arg2=/cas/services (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - serverPort: arg1=8181; arg2=8181 (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - requestURL: arg1=https://localhost:8181/cas/services; arg2=https://localhost:8181/cas/services (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - scheme: arg1=https; arg2=https (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - serverName: arg1=localhost; arg2=localhost (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - contextPath: arg1=/cas; arg2=/cas (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] - servletPath: arg1=/services; arg2=/services (property equals) 2013-10-01 09:37:28,958 DEBUG [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - Removing DefaultSavedRequest from session if present 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 8 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@149e2b7' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 9 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.AnonymousAuthenticationFilter@a38463' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.authentication.AnonymousAuthenticationFilter] - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2: Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: 2f21e121748cc93b0432261b8990; Granted Authorities: ROLE_ANONYMOUS' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 10 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.session.SessionManagementFilter@16fd35b' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 11 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.access.ExceptionTranslationFilter@1d72cee' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] - /services at position 12 of 12 in additional filter chain; firing Filter: 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor@19900fa' 2013-10-01 09:37:28,966 DEBUG [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource] - Converted URL to lowercase, from: '/services'; to: '/services' 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource] - Candidate is: '/services'; pattern is /**; matched=true 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /services; Attributes: [ROLE_ADMIN ] 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2: Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: 2f21e121748cc93b0432261b8990; Granted Authorities: ROLE_ANONYMOUS 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.access.vote.RoleVoter@1bac611, returned: -1 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.access.vote.AuthenticatedVoter@45f1f2, returned: 0 2013-10-01 09:37:28,967 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - Access is denied (user is anonymous); redirecting to authentication entry point org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71) at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:96) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:90) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231) at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) at java.lang.Thread.run(Thread.java:722) I did mapped my user as ROLE_ADMIN: <sec:user-service id="userDetailsService"> <sec:user name="[email protected]<mailto:[email protected]>"<mailto:[email protected]<mailto:[email protected]>> password="notused" authorities="ROLE_ADMIN" /> </sec:user-service> And as I get a blank screen, I'm a bit stuck... Does someone has a clue on what I've done wrong? I've already dropped the tables in Mysql to elemininate any thrash there - same issue. Thanks for your help! -- ___________________________________________________ SEBASTIEN TOULMONDE UNIX System Administrator Information Services Department BISNODE Direct: +32 2 555 96 86<tel:%2B32%202%20555%2096%2086> Mobile: +32 475 49 81 45<tel:%2B32%20475%2049%2081%2045> Office fax: +32 2 521 21 98<tel:%2B32%202%20521%2021%2098> E-mail: [email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>> Address: Researchdreef 65 Allée de la Recherche, 1070 Brussels, Belgium www.bisnode.be<http://www.bisnode.be><http://www.bisnode.be> __________________________________________________ **** DISCLAIMER **** "This e-mail and any attachments thereto may contain information which is confidential and/or protected by intellectual property rights and are intended for the sole use of the recipient(s)named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form)by persons other than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation." -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user **** DISCLAIMER **** "This e-mail and any attachments thereto may contain information which is confidential and/or protected by intellectual property rights and are intended for the sole use of the recipient(s)named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form)by persons other than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation." -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
