Hi,
We at working are looking at implementing delegated authentication for facebook, google, twitter, etc but there seems to be a weird issue with it. A little bit of background we have extended the delegated authentication as we need to map the email associated with facebook for instance back to a staff or student account. If the email has no association then we navigate to a registration screen which the user input a user name and password otherwise it logs the staff or student in. If staff or student follow the flow as designed then all works fine and there is no issue. If the staff or student registers using the username and password provided I trigger the form authentication.
The issue arises if the user does not navigate as expected, if when they get the registration screen they realised they have clicked the wrong client and decided to go back to the main login screen and choose the right client I am receiving
org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.OutOfMemoryError: Java heap space
I am certain its not the modifications I have made as its failing before the call to redirect to the client has happened the problem in the "DelegatedClientNavigationController" class with the following line, place debug statement proceeding the call and debug statement after the call.
this.delegatedSessionCookieManager.store(webContext);
The main dev cas server is running 16gb of ram as initially it was only running 8gb of ram.
The possible steps to replicate the issue are as followings
- Navigate to CAS
- Click Facebook (Authentication must fail)
- Redirected back to login screen (Upon redirecting back PAC4J clients list goes missing)
- Navigate back to CAS so that clients are there
- Click Facebook should get a heap space error.
I have tried this with both 5.3.3 and 5.3.4-SNAPSHOT with no success.
The dump statement where as follows
LOGGER.debug("PRIOR TO CALLING DELEGTED SESSION COOKIE MANAGER STORE");
this.delegatedSessionCookieManager.store(webContext);
LOGGER.debug("AFTER TO CALLING DELEGTED SESSION COOKIE MANAGER STORE");
Attached are is the success results and the heap space error results.
I apologise if this does not make sense.
Regards,
Colin