CAS Logout Issue
365 views
Skip to first unread message
Ramakrishna G
May 11, 2018, 10:00:57 AM5/11/18
to cas-...@apereo.org
Hello Team,
On logout CAS cookies are not removed from browser. I need to forcefully clear. What might be the reason?
Thanks
Ramakrishna G
Ray Bon
May 11, 2018, 11:09:33 AM5/11/18
to cas-...@apereo.org
Ramakrishna,
If the browser is redirected to /cas/logout, the cookies will/should be removed.
Ray
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
Ramakrishna G
May 12, 2018, 4:15:27 AM5/12/18
to cas-...@apereo.org
Yes it is redirected to logout page, yet cookies is not removed. When I refresh it redirects to application with valid ticket instead of redirecting to login page.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526051367.1797.41.camel%40uvic.ca.
Ramakrishna G
May 15, 2018, 6:28:59 AM5/15/18
to cas-...@apereo.org
On Clicking logout which calls the cas/logout link :
But i can see that in the browser , the TGC cookie still resides , which forces me to delete the cookies or close the browser for a fresh login. Is there any way to avoid this?
WHO: casuser
WHAT: TGT-1-*********************************************************CPmWzMzi-I-client
ACTION: TICKET_GRANTING_TICKET_DESTROYED
APPLICATION: CAS
WHEN: Tue May 15 15:45:17 IST 2018
CLIENT IP ADDRESS: 192.168.111.12
SERVER IP ADDRESS: 192.168.111.12
=============================================================
But i can see that in the browser , the TGC cookie still resides , which forces me to delete the cookies or close the browser for a fresh login. Is there any way to avoid this?
On Sat, May 12, 2018 at 1:45 PM, Ramakrishna G <r...@tts.in> wrote:
Yes it is redirected to logout page, yet cookies is not removed. When I refresh it redirects to application with valid ticket instead of redirecting to login page.
On Fri, May 11, 2018 at 8:39 PM, Ray Bon <rb...@uvic.ca> wrote:
Ramakrishna,
If the browser is redirected to /cas/logout, the cookies will/should be removed.
Ray
On Fri, 2018-05-11 at 19:30 +0530, Ramakrishna G wrote:Hello Team,
On logout CAS cookies are not removed from browser. I need to forcefully clear. What might be the reason?
ThanksRamakrishna G-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
Ray Bon
May 15, 2018, 2:29:42 PM5/15/18
to cas-...@apereo.org
Ramakrishna,
If the TGT is destroyed, then that SSO session is also destroyed even if the TGC is not (why TGC is not removed is odd).
If you are still logged in to the client application, your client may not be part of single log out (SLO). It is up to the client to manage its own session.
When you say 'valid ticket', do you mean a new service ticket?
You can try these log4j2 options to see what is happening during the logout process:
<!-- DEBUG service status and logout process and a lot of details -->
<AsyncLogger name="org.apereo.cas.logout" level="info" />
<!-- INFO Performing logout operations for [TGT-...]
[number] logout requests were processed
DEBUG ST, principal and URL -->
<AsyncLogger name="org.apereo.cas.logout.DefaultLogoutManager" level="info">
<Filters>
<ThresholdFilter level="INFO" onMatch="ACCEPT" onMismatch="NEUTRAL" />
<RegexFilter regex="Captured logout request.*" onMismatch="DENY" />
</Filters>
</AsyncLogger>
<!-- DEBUG Logout request will be sent to but does not print anything when login was through SAML 1.1 -->
<AsyncLogger name="org.apereo.cas.logout.DefaultSingleLogoutServiceLogoutUrlBuilder" level="warn" />
<!-- DEBUG preparing, processing and logout with URL and ST -->
<AsyncLogger name="org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler" level="debug" />
<!-- DEBUG SAML logout payload -->
<AsyncLogger name="org.apereo.cas.logout.SamlCompliantLogoutMessageCreator" level="debug" />
Ray
Ramakrishna G
May 17, 2018, 2:31:23 AM5/17/18
to cas-...@apereo.org
Hi Ray,
As said by you, I enabled logs and this is the output
2018-05-17 11:50:46,479 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <Performing logout operations for [TGT-2-*********************************************************eGcHG1JqHs-client]>
2018-05-17 11:50:46,501 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Processing logout request for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]]...>
2018-05-17 11:50:46,503 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]] supports single logout and is found in the registry as [id=10000001,name=HTTPS and IMAPS,description=This service definition authorizes all application urls that support HTTPS and IMAPS protocols.,serviceId=^(https|imaps)://.*,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=<null>,evaluationOrder=10000,logoutType=BACK_CHANNEL,attributeReleasePolicy=org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy@15646ed9[attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@7923006f[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseAuthenticationAttributes=true,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=<null>,consentPolicy=org.apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy@330ae512[excludedAttributes=<null>,includeOnlyAttributes=<null>,enabled=true],allowedAttributes=[]],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@5bc47191[enabled=true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false,rejectedAttributes={}],publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@2cd156ce,logo=<null>,logoutUrl=<null>,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@6dc092b8[multifactorAuthenticationProviders=[],failureMode=NOT_SET,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>,bypassEnabled=false],informationUrl=<null>,privacyUrl=<null>,contacts=[],expirationPolicy=org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy@687fb318[deleteWhenExpired=false,notifyWhenDeleted=false,expirationDate=<null>],<null>]. Proceeding...>
2018-05-17 11:50:46,514 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout url [https://192.168.111.12:8443/] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]]>
2018-05-17 11:50:46,515 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating logout request for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]] and ticket id [ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client]>
2018-05-17 11:50:46,517 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout request [org.apereo.cas.logout.DefaultLogoutRequest@61e23890[ticketId=ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML],status=NOT_ATTEMPTED]] created for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]] and ticket id [ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client]>
2018-05-17 11:50:46,518 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout type registered for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML]] is [BACK_CHANNEL]>
2018-05-17 11:50:46,519 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating back-channel logout request based on [org.apereo.cas.logout.DefaultLogoutRequest@61e23890[ticketId=ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@432f5faa[id=https://192.168.111.12:8443/,originalUrl=https://192.168.111.12:8443/,artifactId=<null>,principal=casuser,loggedOutAlready=false,format=XML],status=NOT_ATTEMPTED]]>
2018-05-17 11:50:46,522 DEBUG [org.apereo.cas.logout.SamlCompliantLogoutMessageCreator] - <Generated logout message: [<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-1-vL8zdM8-dQR8rayaAYJJz6d2" Version="2.0" IssueInstant="2018-05-17T11:50:46Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client</samlp:SessionIndex></samlp:LogoutRequest>]>
2018-05-17 11:50:46,522 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Preparing logout request for [https://192.168.111.12:8443/] to [https://192.168.111.12:8443/]>
2018-05-17 11:50:46,547 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout message to send is [org.apereo.cas.logout.LogoutHttpMessage@e0bb76[url=https://192.168.111.12:8443/,message=<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-1-vL8zdM8-dQR8rayaAYJJz6d2" Version="2.0" IssueInstant="2018-05-17T11:50:46Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-3-Ca79ror-smWCKyQzaBNn0ZYt6l0-client</samlp:SessionIndex></samlp:LogoutRequest>,asynchronous=false,contentType=application/x-www-form-urlencoded,responseCode=0]]. Sending...>
2018-05-17 11:50:46,659 WARN [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout message is not sent to [https://192.168.111.12:8443/]; Continuing processing...>
2018-05-17 11:50:46,661 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <[1] logout requests were processed>
2018-05-17 11:50:46,668 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: casuser
WHAT: TGT-2-*********************************************************eGcHG1JqHs-client
ACTION: TICKET_GRANTING_TICKET_DESTROYED
APPLICATION: CAS
WHEN: Thu May 17 11:50:46 IST 2018
CLIENT IP ADDRESS: 192.168.111.12
SERVER IP ADDRESS: 192.168.111.12
=============================================================
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526408970.1817.28.camel%40uvic.ca.To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
Ray Bon
May 17, 2018, 12:19:09 PM5/17/18
to cas-...@apereo.org
Ramakrishna,
Add this to the log config:
<AsyncLogger name="org.apereo.cas.util.http" level="debug" />
The above may produce a lot of messages.
It looks to be a problem with CAS contacting your client. It could be a certificate issue.
I guess you created a certificate since it is on a 192 ip. Did you add the certificate to the java key store? If CAS and your client are on different machines, then the certificate will need to be added to both.
Ray
Ramakrishna G
May 18, 2018, 1:34:59 AM5/18/18
to cas-...@apereo.org
Ray,
Let me explain you my architecture. I have a CAS client (mod_auth_cas) which redirects to NGINX Load Balancer. The nginx forwards to one of the active CAS Server. Do I need to install certificates on all CAS Server?
User request to Mod_auth_cas via HTTPS but I am doing ssl stripping for internal communication from Nginx to CAS server. i.e Plain http comminication is happenning from nginx to cas server.
Can you pls guide me how can I achieve logout for my approach.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526408970.1817.28.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526573941.1817.65.camel%40uvic.ca.
Ramakrishna G
May 18, 2018, 3:34:33 AM5/18/18
to cas-...@apereo.org
Ray,
As said by you it is a ssl certificate issue. I have explained my architecture in previous mail. Pls check and suggest me the possible solution for it.
Logs got after enabling
<AsyncLogger name="org.apereo.cas.util.http" level="debug" />
2018-05-18 12:53:10,768 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Preparing logout request for [https://192.168.111.12:8443/] to [https://192.168.111.12:8443/]>
2018-05-18 12:53:10,771 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout message to send is [org.apereo.cas.logout.LogoutHttpMessage@f72d6bd[url=https://192.168.111.12:8443/,message=<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-1-7AF17x8HWHBSSf4weMiKBVl1" Version="2.0" IssueInstant="2018-05-18T12:53:10Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-1-N-h7wYHUwjIzOkbsjwdsPuDmBr0-client</samlp:SessionIndex></samlp:LogoutRequest>,asynchronous=false,contentType=application/x-www-form-urlencoded,responseCode=0]]. Sending...>
2018-05-18 12:53:10,788 DEBUG [org.apereo.cas.util.http.SimpleHttpClient] - <Created HTTP post message payload [POST https://192.168.111.12:8443/ HTTP/1.1]>
2018-05-18 12:53:10,873 DEBUG [org.apereo.cas.util.http.SimpleHttpClient] - <Unable to send message>
java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[?:1.8.0_161]
at java.util.concurrent.FutureTask.get(FutureTask.java:192) ~[?:1.8.0_161]
at org.apereo.cas.util.http.SimpleHttpClient.sendMessageToEndPoint(SimpleHttpClient.java:92) ~[cas-server-core-util-5.2.4.jar:5.2.4]
at org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler.performBackChannelLogout(DefaultSingleLogoutServiceMessageHandler.java:129) ~[cas-server-core-logout-5.2.4.jar:5.2.4]
at org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler.handle(DefaultSingleLogoutServiceMessageHandler.java:97) ~[cas-server-core-logout-5.2.4.jar:5.2.4]
at org.apereo.cas.logout.DefaultLogoutManager.lambda$performLogoutForTicket$2(DefaultLogoutManager.java:81) ~[cas-server-core-logout-5.2.4.jar:5.2.4]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) ~[?:1.8.0_161]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) ~[?:1.8.0_161]
at java.util.HashMap$EntrySpliterator.forEachRemaining(HashMap.java:1696) ~[?:1.8.0_161]
at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:580) ~[?:1.8.0_161]
at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:270) ~[?:1.8.0_161]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) ~[?:1.8.0_161]
at java.util.stream.Streams$StreamBuilderImpl.forEachRemaining(Streams.java:419) ~[?:1.8.0_161]
at java.util.stream.Streams$ConcatSpliterator.forEachRemaining(Streams.java:742) ~[?:1.8.0_161]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481) ~[?:1.8.0_161]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) ~[?:1.8.0_161]
at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) ~[?:1.8.0_161]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:1.8.0_161]
at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499) ~[?:1.8.0_161]
at org.apereo.cas.logout.DefaultLogoutManager.performLogoutForTicket(DefaultLogoutManager.java:84) ~[cas-server-core-logout-5.2.4.jar:5.2.4]
at org.apereo.cas.logout.DefaultLogoutManager.performLogout(DefaultLogoutManager.java:62) ~[cas-server-core-logout-5.2.4.jar:5.2.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.sun.proxy.$Proxy563.performLogout(Unknown Source) ~[?:?]
at org.apereo.cas.DefaultCentralAuthenticationService.destroyTicketGrantingTicket(DefaultCentralAuthenticationService.java:119) ~[cas-server-core-5.2.4.jar:5.2.4]
at org.apereo.cas.DefaultCentralAuthenticationService$$FastClassBySpringCGLIB$$b02e48f2.invoke(<generated>) ~[cas-server-core-5.2.4.jar:5.2.4]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:135) ~[inspektr-audit-1.8.2.GA.jar:1.8.2.GA]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) ~[spring-tx-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) ~[spring-tx-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) ~[spring-tx-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:46) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:32) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apereo.cas.DefaultCentralAuthenticationService$$EnhancerBySpringCGLIB$$fada7e3f.destroyTicketGrantingTicket(<generated>) ~[cas-server-core-5.2.4.jar:5.2.4]
at org.apereo.cas.web.flow.TerminateSessionAction.terminate(TerminateSessionAction.java:79) ~[cas-server-support-actions-5.2.4.jar:5.2.4]
at org.apereo.cas.web.flow.TerminateSessionAction.doExecute(TerminateSessionAction.java:55) ~[cas-server-support-actions-5.2.4.jar:5.2.4]
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.sun.proxy.$Proxy592.execute(Unknown Source) ~[?:?]
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.engine.State.enter(State.java:194) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.engine.Flow.start(Flow.java:527) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:368) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:223) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:140) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at com.sun.proxy.$Proxy579.launchExecution(Unknown Source) ~[?:?]
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:263) ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) ~[spring-webmvc-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) ~[spring-webmvc-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) ~[spring-webmvc-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) ~[servlet-api.jar:?]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) ~[servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-websocket.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:28) ~[cas-server-core-web-5.2.4.jar:5.2.4]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) ~[cas-server-security-filter-2.0.7.jar:2.0.7]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:245) ~[cas-server-security-filter-2.0.7.jar:2.0.7]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111) ~[spring-boot-actuator-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:93) ~[cas-server-core-logging-5.2.4.jar:5.2.4]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) ~[spring-boot-actuator-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:117) ~[spring-boot-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:61) ~[spring-boot-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:92) ~[spring-boot-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.16.RELEASE.jar:4.3.16.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:110) ~[spring-boot-1.5.12.RELEASE.jar:1.5.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) ~[inspektr-common-1.8.2.GA.jar:1.8.2.GA]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) ~[log4j-web-2.9.1.jar:2.9.1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[catalina.jar:8.5.24]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) ~[catalina.jar:8.5.24]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) ~[catalina.jar:8.5.24]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) ~[catalina.jar:8.5.24]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) ~[catalina.jar:8.5.24]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) ~[catalina.jar:8.5.24]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) ~[tomcat-coyote.jar:8.5.24]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-coyote.jar:8.5.24]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) ~[tomcat-coyote.jar:8.5.24]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) ~[tomcat-coyote.jar:8.5.24]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:8.5.24]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_161]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:8.5.24]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:1.8.0_161]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:85) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.HttpRequestTaskCallable.call(HttpRequestTaskCallable.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_161]
... 1 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) ~[?:1.8.0_161]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:1.8.0_161]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:1.8.0_161]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:85) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.HttpRequestTaskCallable.call(HttpRequestTaskCallable.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_161]
... 1 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:1.8.0_161]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:1.8.0_161]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:1.8.0_161]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[?:1.8.0_161]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:1.8.0_161]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_161]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:1.8.0_161]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_161]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:1.8.0_161]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:1.8.0_161]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:85) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165) ~[httpclient-4.5.3.jar:4.5.3]
at org.apache.http.impl.client.HttpRequestTaskCallable.call(HttpRequestTaskCallable.java:89) ~[httpclient-4.5.3.jar:4.5.3]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_161]
... 1 more
2018-05-18 12:53:10,874 WARN [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout message is not sent to [https://192.168.111.12:8443/]; Continuing processing...>
2018-05-18 12:53:10,876 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <[1] logout requests were processed>
2018-05-18 12:53:10,882 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: casuser
WHAT: TGT-1-*********************************************************DtQUGCI5b0-client
ACTION: TICKET_GRANTING_TICKET_DESTROYED
APPLICATION: CAS
WHEN: Fri May 18 12:53:10 IST 2018
CLIENT IP ADDRESS: 192.168.111.12
SERVER IP ADDRESS: 192.168.111.12
=============================================================
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526573941.1817.65.camel%40uvic.ca.
Ray Bon
May 18, 2018, 11:20:52 AM5/18/18
to cas-...@apereo.org
Ramakrishna,
During log out when CAS contacts your service (where mod_auth_cas is), it does so with https. You need to install the custom certificate that is on your service into the jvm running CAS.
sudo keytool -import -file ${certName} -alias ${aliasName} -keystore $JAVA_HOME/jre/lib/security/cacerts
Ray
Ramakrishna G
May 19, 2018, 7:15:57 AM5/19/18
to cas-...@apereo.org
Ray,
I configured ssl as advised by you. Now I have a different issue.
When I use CASValidateURL with https url I get this error. If i remove https it works but logout issue still persist
Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
I am sharing my config
CASCookiePath /var/cache/mod_auth_cas/
CASCertificatePath /etc/httpd/conf/casdev.crt
CASLoginURL https://192.168.111.12:8443/cas/login
CASRootProxiedAs https://192.168.111.12:8443
CASValidateURL https://192.168.111.12:8443/cas/serviceValidate
#CASValidateURL http://192.168.111.12:8888/cas/serviceValidate // Tomcat http port
CASValidateSAML Off
CASSSOEnabled On
<VirtualHost _default_:8443>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
Loglevel debug
<Location />
AllowOverride
AuthType CAS
require valid-user
# CASGateway /sbimf/css
CASRenew On
ProxyPass http://192.168.111.10/
ProxyPassReverse http://192.168.111.10/
</Location>
<Location /cas>
Require all granted
ProxyPass https://192.168.111.12:9443/cas
ProxyPassReverse https://192.168.111.12:9443/cas
</Location>
</
VirtualHost>
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526573941.1817.65.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526656841.1817.94.camel%40uvic.ca.
Ramakrishna G
May 19, 2018, 7:21:20 AM5/19/18
to cas-...@apereo.org
Ray,
I configured ssl as advised by you. Now I have a different issue.
When I use CASValidateURL with https url I get this Unauthorized error. If i remove https it works but logout issue still persist
Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
I am sharing my config
CASCookiePath /var/cache/mod_auth_cas/
CASCertificatePath /etc/httpd/conf/casdev.crt
CASLoginURL https://192.168.111.12:8443/cas/login
CASRootProxiedAs https://192.168.111.12:8443
CASValidateURL https://192.168.111.12:8443/cas/serviceValidate
#CASValidateURL http://192.168.111.12:8888/cas/serviceValidate // Tomcat http port 8888
CASValidateSAML Off
CASSSOEnabled On
<VirtualHost _default_:8443>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
Loglevel debug
<Location />
AllowOverride
AuthType CAS
require valid-user
CASRenew On
ProxyPass http://192.168.111.10/
ProxyPassReverse http://192.168.111.10/
</Location>
<Location /cas>
Require all granted
ProxyPass https://192.168.111.12:9443/cas // Tomcat https port 9443
ProxyPassReverse https://192.168.111.12:9443/cas
</Location>
</ VirtualHost>
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526573941.1817.65.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526656841.1817.94.camel%40uvic.ca.
Ramakrishna G
May 22, 2018, 6:11:48 AM5/22/18
to cas-...@apereo.org
Ray,
I was able to solve the ssl issue using open_sll. Now I am using https at both end with valid certificate.
But my original problem of cas not logging out still persist.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526656841.1817.94.camel%40uvic.ca.
Ray Bon
May 22, 2018, 12:23:15 PM5/22/18
to cas-...@apereo.org
Ramakrishna,
This now sounds like an issue on the client side. I have not used mod_auth_cas. Try debugging it and your client for how they handle the logout request.
Ray
Ramakrishna G
May 23, 2018, 7:32:41 AM5/23/18
to cas-...@apereo.org
Ok Ray. Thanks for your help!!
Anyone who has worked on Mod_auth_cas along with CAS server pls guide me. My issue is MOD_AUTH_CAS_S cookie is not removed from browser after logout.
Thanks
Ramakrishna G
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1527006184.1830.3.camel%40uvic.ca.To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
Maksim Kopeyka
Mar 24, 2020, 6:21:07 AM3/24/20
to CAS Community, r...@tts.in
Hi Ramakrishna,
Did you solve your issue? I have the same problem with SSL session which is alive after backchannel logout.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526051367.1797.41.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526408970.1817.28.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526573941.1817.65.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526656841.1817.94.camel%40uvic.ca.
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
Ramakrishna G
Mar 24, 2020, 7:33:23 AM3/24/20
to Maksim Kopeyka, CAS Community
Hi Maksim,
Yes I had resolved this problem.
I had specified logoutType & logoutUrl in service file.
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http)://.*",
"name" : "testId",
"id" : 1,
"logoutType" : "BACK_CHANNEL",
"logoutUrl" : "https://backchannel.abc.com/logout.php"
}
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http)://.*",
"name" : "testId",
"id" : 1,
"logoutType" : "BACK_CHANNEL",
"logoutUrl" : "https://backchannel.abc.com/logout.php"
}
Logout.php
<?php
foreach($_POST as $h => $v)
{
$ticket = $v;
$filename = md5($ticket);
$fileContent = file_get_contents("/var/cache/mod_auth_cas/.$filename");
if($fileContent != "")
{
unlink("/var/cache/mod_auth_cas/$fileContent");
unlink("/var/cache/mod_auth_cas/.$filename");
}
}
?>
foreach($_POST as $h => $v)
{
$ticket = $v;
$filename = md5($ticket);
$fileContent = file_get_contents("/var/cache/mod_auth_cas/.$filename");
if($fileContent != "")
{
unlink("/var/cache/mod_auth_cas/$fileContent");
unlink("/var/cache/mod_auth_cas/.$filename");
}
}
?>
Basically I am forcefully deleting the cache files created by mod_auth_cas during login. Next time any request from the browser will be invalidated as the cookie files are deleted and automatically redirected to the login page.
Thanks & Regards
Ramakrishna G
Reply all
Reply to author
Forward
0 new messages