It's the bone stock one, with the following additions :
As an aside, I discovered another error during the interaction between
"cas-server-support-radius" (which has a dependency that calls for
net.sf.ehcache:ehcache:jar:1.5.0-beta2:compile) .. and
"cas-server-support-ehcache" (which has a dependency that calls for
net.sf.ehcache:ehcache-core:jar:2.6.0:compile) .. which is why you see I added
the exclusion to the overlay.
The earlier version was loaded first and caused problems due to unsupported
methods required in ehcache. Deleting the offending jar is short-term fix, the
below is (I think) the correct method.
The clearpass dependency was already in there, so the customizations required
for it's use were added per the wiki for versions > 3.5 (this is 3.6.0 of CAS
with the RC5 mfa overlay).
Many thanks,
Michael Holstein
Cleveland State University
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-integration-ehcache</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-radius</artifactId>
<version>${cas.version}</version>
<exclusions>
<exclusion>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-spnego</artifactId>
<version>${cas.version}</version>
</dependency>
________________________________
From: Misagh Moayyed <[email protected]>
Sent: Friday, July 17, 2015 12:34 PM
To: [email protected]
Subject: Re: [cas-user] mfa + any distributed cache = fail
Michael,
You may have done this already and I may have missed it, but if possible, you
could put your overlay configuration somewhere on github that we can try and go
through? This would help us determine if the problem is somewhere in the core
mfa code or outside of it.
- Misagh
On Jul 17, 2015, at 12:05 PM, Michael O Holstein
<[email protected]<mailto:[email protected]>> wrote:
I have built cas-mfa-overlay RC5 from fresh pull a couple of times now .. and
as long as I use the default ticketManager, everything works fine.
As soon as I try and enable another cache manager (I've tried memcached and
ehcache thus far) I get a failure mode whereby the first login to CAS or a CAS
service works fine. The *NEXT* login to something (whereby the TGT should be
verified from the cache) fails with a 500 web error and this exception thrown :
Jul 17, 2015 11:53:13 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] threw
exception [Request processing failed; nested exception is
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing org.jasig.cas.web.flow.InitialFlowSetupAction@30502819 in
state 'null' of flow 'login' -- action execution attributes were
'map[[empty]]'] with root cause
java.lang.ClassCastException: Cannot cast
org.jasig.cas.ticket.registry.AbstractDistributedTicketRegistry$TicketGrantingTicketDelegator
to org.jasig.cas.ticket.TicketGrantingTicketImpl
I've already dealt with the bug of competing classes between the ticket ehcache
and the one that comes with support-radius using an exclusion in the overlay ..
but regardless of what cache manager I use I always get the above error when
trying to authenticate to the 2nd (and subsequent) service.
Actually it fails way before it even gets to looking up services, because
something that normally would fail with not authorized like this :
https://my.cas.server/cas/login?TARGET=https://foo.bar .. still barfs with the
"cannot cast" exception.
Anyone have any ideas on this? I've been through spring forums and Google and
not found much to point me in the right direction.
Thanks,
Michael Holstein
Cleveland State University
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
