Is it me or does this log say that the PASSWORD_MUST_CHANGE error is not getting processed with the authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext) properly. Is this a coding thing again?
2015-02-25 09:12:10,746 DEBUG [org.jasig.cas.authentication.support.DefaultAccountStateHandler] - <Handling PASSWORD_MUST_CHANGE> 2015-02-25 09:12:10,746 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler failed authenticating cs02357+password> 2015-02-25 09:12:10,748 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@4694d08f expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext), resultExpression = [null]]; result = authenticationFailure> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@3c90aefd on = authenticationFailure, to = handleAuthenticationFailure]> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'realSubmit'> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'handleAuthenticationFailure' of flow 'login'> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@3ed0831b expression = authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext), resultExpression = [null]]> 2015-02-25 09:12:10,750 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Putting action execution attributes map[[empty]]> 2015-02-25 09:12:10,751 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] - <Returning cached instance of singleton bean 'authenticationExceptionHandler'> 2015-02-25 09:12:10,756 DEBUG [org.springframework.binding.message.DefaultMessageContext] - <Resolving message using [DefaultMessageResolver@100a53fa source = [null], severity = ERROR, codes = array<String>['authenticationFailure.UNKNOWN'], args = array<Object>[[empty]], defaultText = [null]]> 2015-02-25 09:12:10,756 DEBUG [org.springframework.binding.message.DefaultMessageContext] - <Adding resolved message [Message@160f4a50 source = [null], severity = ERROR, text = 'Invalid credentials.']> On Wed, Feb 25, 2015 at 8:23 AM, Jim Price <[email protected]> wrote: > I added the entry and it still did not work. Wait for 4.1 so much for my > deadline of the end of the week. > Strange thing was the following had no effect on my logs: > > <logger name="org.jasig.cas.web.flow" additivity="true"> > <level value="DEBUG" /> > <appender-ref ref="cas" /> > </logger> > > > On Tue, Feb 24, 2015 at 4:35 PM, Dmitriy Kopylenko <[email protected]> > wrote: > >> But there is one in master: >> >> >> https://github.com/Jasig/cas/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/webflow/login/login-webflow.xml#L116 >> >> So, wait for 4.1 release ;-) >> >> Cheers, >> D. >> >> On Feb 24, 2015, at 4:30 PM, Dmitriy Kopylenko <[email protected]> >> wrote: >> >> Looks like there is no explicit mapping of >> ‘AccountPasswordMustChangeException’ to the corresponding view in 4.0.1: >> >> >> https://github.com/Jasig/cas/blob/v4.0.1/cas-server-webapp/src/main/webapp/WEB-INF/login-webflow.xml#L114 >> >> Could be a simple overlook. >> >> Cheers, >> D. >> >> On Feb 24, 2015, at 4:17 PM, Marvin Addison <[email protected]> >> wrote: >> >> 2015-02-24 14:20:57,866 DEBUG >>> [org.jasig.cas.authentication.support.DefaultAccountStateHandler] - >>> <Handling PASSWORD_MUST_CHANGE> >>> >>> An AccountPasswordMustChangeException was thrown here. Something in the >>> view layer is supposed to catch that and route the user appropriately. >>> >> >> org.jasig.cas.web.flow.AuthenticationExceptionHandler is the key >> component to bridge authentication errors with view dispatching. There's a >> TRACE-level logger on that component that's worth enabling and trying >> again. It emits a message if no mapping is found. You should scan your >> login-webflow.xml and make sure it contains a reference to >> AuthenticationExceptionHandler, >> which is defined in cas-servlet.xml. All this is configured by default in >> 4.0.1, so unless you changed it, you should be good. >> >> M >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
