OK, Michael, I’ve chased it down. It is indeed a bug in cas-mfa code. I’m planning a fix on Monday and then we could cut another quick RC release with 1.0 GA to follow shortly. Misagh, what do you say?
Cheers, D. > On Jul 17, 2015, at 12:34 PM, Misagh Moayyed <[email protected]> wrote: > > Michael, > > You may have done this already and I may have missed it, but if possible, you > could put your overlay configuration somewhere on github that we can try and > go through? This would help us determine if the problem is somewhere in the > core mfa code or outside of it. > > - Misagh > >> On Jul 17, 2015, at 12:05 PM, Michael O Holstein >> <[email protected] <mailto:[email protected]>> wrote: >> >> I have built cas-mfa-overlay RC5 from fresh pull a couple of times now .. >> and as long as I use the default ticketManager, everything works fine. >> >> As soon as I try and enable another cache manager (I've tried memcached and >> ehcache thus far) I get a failure mode whereby the first login to CAS or a >> CAS service works fine. The *NEXT* login to something (whereby the TGT >> should be verified from the cache) fails with a 500 web error and this >> exception thrown : >> >> Jul 17, 2015 11:53:13 AM org.apache.catalina.core.StandardWrapperValve invoke >> SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] >> threw exception [Request processing failed; nested exception is >> org.springframework.webflow.execution.ActionExecutionException: Exception >> thrown executing org.jasig.cas.web.flow.InitialFlowSetupAction@30502819 in >> state 'null' of flow 'login' -- action execution attributes were >> 'map[[empty]]'] with root cause >> java.lang.ClassCastException: Cannot cast >> org.jasig.cas.ticket.registry.AbstractDistributedTicketRegistry$TicketGrantingTicketDelegator >> to org.jasig.cas.ticket.TicketGrantingTicketImpl >> >> I've already dealt with the bug of competing classes between the ticket >> ehcache and the one that comes with support-radius using an exclusion in the >> overlay .. but regardless of what cache manager I use I always get the above >> error when trying to authenticate to the 2nd (and subsequent) service. >> >> Actually it fails way before it even gets to looking up services, because >> something that normally would fail with not authorized like this : >> >> https://my.cas.server/cas/login?TARGET=https://foo.bar >> <https://my.cas.server/cas/login?TARGET=https://foo.bar> .. still barfs with >> the "cannot cast" exception. >> >> Anyone have any ideas on this? I've been through spring forums and Google >> and not found much to point me in the right direction. >> >> Thanks, >> >> Michael Holstein >> Cleveland State University >> -- >> You are currently subscribed to [email protected] >> <mailto:[email protected]> as: [email protected] >> <mailto:[email protected]> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> <http://www.ja-sig.org/wiki/display/JSG/cas-user> > -- > You are currently subscribed to [email protected] > <mailto:[email protected]> as: [email protected] > <mailto:[email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > <http://www.ja-sig.org/wiki/display/JSG/cas-user> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
