OpenID Connect issues
70 views
Skip to first unread message
Shawn Cutting
Sep 24, 2019, 10:49:19 AM9/24/19
to CAS Community
I am trying to setup CAS to function as an OpenID provider, and am running into a roadblock. When I attempt to retrieve the jwks info, I am hit with the following error in the log:
java.io.FileNotFoundException: Could not open ServletContext resource [/etc/cas/jwks/keystore.jwks]
at org.springframework.web.context.support.ServletContextResource.getInputStream(ServletContextResource.java:141) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]
at org.apereo.cas.oidc.web.controllers.OidcJwksEndpointController.lambda$handleRequestInternal$1(OidcJwksEndpointController.java:89) ~[cas-server-support-oidc-5.3.11.jar:5.3.11]
at org.springframework.web.context.support.ServletContextResource.getInputStream(ServletContextResource.java:141) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]
at org.apereo.cas.oidc.web.controllers.OidcJwksEndpointController.lambda$handleRequestInternal$1(OidcJwksEndpointController.java:89) ~[cas-server-support-oidc-5.3.11.jar:5.3.11]
I know that CAS sees and can read the file, because if I make any format changes to the JSON, it returns an error stating that there is an incorrect character in the file.
Any help would be fabulous. Thanks.
Dmitriy Kopylenko
Sep 24, 2019, 10:57:02 AM9/24/19
to cas-...@apereo.org
What is the value of cas.authn.oidc.jwksFile property?
D.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6b87b276-bfdc-4112-9526-b5bad3872c67%40apereo.org.
Shawn Cutting
Sep 24, 2019, 10:59:05 AM9/24/19
to CAS Community, dkopy...@unicon.net
cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks
On Tuesday, September 24, 2019 at 10:57:02 AM UTC-4, Dmitriy Kopylenko wrote:
What is the value of cas.authn.oidc.jwksFile property?D.
From: Shawn Cutting <scu...@messiah.edu>
Reply: cas-...@apereo.org <cas...@apereo.org>
Date: September 24, 2019 at 10:49:24 AM
To: CAS Community <cas...@apereo.org>
Subject: [cas-user] OpenID Connect issues
--I am trying to setup CAS to function as an OpenID provider, and am running into a roadblock. When I attempt to retrieve the jwks info, I am hit with the following error in the log:java.io.FileNotFoundException: Could not open ServletContext resource [/etc/cas/jwks/keystore.jwks]
at org.springframework.web.context.support.ServletContextResource.getInputStream(ServletContextResource.java:141) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]
at org.apereo.cas.oidc.web.controllers.OidcJwksEndpointController.lambda$handleRequestInternal$1(OidcJwksEndpointController.java:89) ~[cas-server-support-oidc-5.3.11.jar:5.3.11]I know that CAS sees and can read the file, because if I make any format changes to the JSON, it returns an error stating that there is an incorrect character in the file.Any help would be fabulous. Thanks.
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org.
Shawn Cutting
Sep 24, 2019, 11:03:33 AM9/24/19
to CAS Community, dkopy...@unicon.net
Ok, this is strange. I am not sure why the error is giving /etc/cas/jwks/keystore.jwks when that is not in the config. I did have it there at one point, but why did it persist after I restarted the service?
Dmitriy Kopylenko
Sep 24, 2019, 11:59:05 AM9/24/19
to CAS Community, Shawn Cutting
So with this setting: cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks you are still seeing the error?
You might want to check the version of CAS you’re using and try newer version(s) if this error persists despite the properties setting, etc.
D.
From: Shawn Cutting <scut...@messiah.edu>
Reply: Shawn Cutting <scut...@messiah.edu>
Date: September 24, 2019 at 11:03:42 AM
To: CAS Community <cas-...@apereo.org>
Ok, this is strange. I am not sure why the error is giving /etc/cas/jwks/keystore.jwks when that is not in the config. I did have it there at one point, but why did it persist after I restarted the service?
On Tuesday, September 24, 2019 at 10:59:05 AM UTC-4, Shawn Cutting wrote:
This email has been scanned for spam and viruses by Proofpoint Essentials. Click here to report this email as spam.
=
Appify
Sep 24, 2019, 12:04:15 PM9/24/19
to cas-...@apereo.org
The below config is working for me.
cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/afda9ed0-ebab-4edc-9ad7-e4123d30372b%40apereo.org.
Shawn Cutting
Sep 24, 2019, 12:04:32 PM9/24/19
to CAS Community, scut...@messiah.edu, dkopy...@unicon.net
I am now able to see the JSON returned, but I also placed the file in both places (/etc/cas/keystore.jwks & /etc/cas/jwks/keystore.jwks). I would prefer not to have it in both places, but it is what seems to return the information.
I am using ver. 5.3.11.
Bruno ELIE
Jun 16, 2021, 9:07:58 AM6/16/21
to CAS Community, Shawn Cutting, dkopylenko
Hi,
I dig up this issue because I'm encountering the same behaviour on CAS version 5.3.16.
cas.properties:
cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks
keystore.jwks is present in /etc/cas, i tried also
/etc/cas/jwks (i wonder why but since i have no more idea...) but the
result is similar: I still unable to check the public key at
"https://<cas_url>/cas/oidc/jwks" and get this message: java.io.FileNotFoundException: Could not open ServletContext resource [/etc/cas/keystore.jwks]
The same error is in the logs:
2021-06-16
14:47:35,191 ERROR
[org.apereo.cas.oidc.web.controllers.OidcJwksEndpointController] -
<Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101
Firefox/89.0|10.10.18.46|java.io.FileNotFoundException: Could not open
ServletContext resource [/etc/cas/keystore.jwks]>java.io.UncheckedIOException: java.io.FileNotFoundException: Could not open ServletContext resource [/etc/cas/keystore.jwks]
at org.jooq.lambda.Unchecked.lambda$static$0(Unchecked.java:53) ~[jool-0.9.12.jar:?]
.....
......
.........
Caused by: java.io.FileNotFoundException: Could not open ServletContext resource [/etc/cas/keystore.jwks]
at org.springframework.web.context.support.ServletContextResource.getInputStream(ServletContextResource.java:141) ~[spring-web-4.3.25.RELEASE.jar:4.3.25.RELEASE]
at org.apereo.cas.oidc.web.controllers.OidcJwksEndpointController.lambda$handleRequestInternal$1(OidcJwksEndpointController.java:89) ~[cas-server-support-oidc-5.3.16.jar:5.3.16]
at org.jooq.lambda.Unchecked.lambda$consumer$16(Unchecked.java:646) ~[jool-0.9.12.jar:?]
... 116 more
Can you specify how you solved this ?
Any help is welcome
Thanks
Reply all
Reply to author
Forward
0 new messages