Issue with Safari bowser running on IOS 18.00 and CAS 7.1.0 with Duo
316 views
Skip to first unread message
Robin Joseph
Sep 17, 2024, 6:01:59 PM9/17/24
to CAS Community
I am having issue with CAS using Safari since updating My IPhone to IOS 18. Getting CAS is unable to process this request 500:internal server error, this happens after the duo prompt to enter the code, see the error below
2024-09-17 13:40:15,186 ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to error page from request [/login] due to exception [jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.actions.storage.ReadBrowserStorageAction@299a84aa in state 'verifyBrowserStorageRead' of flow 'login' -- action execution attributes were 'map[[empty]]']>
Patryk Sondej
Sep 18, 2024, 5:21:12 AM9/18/24
to CAS Community, Robin Joseph
I have same problem (but without Duo). It happens randomly after refresing /login page 1000 times.
Caused by: jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@49252d5f in state 'serviceAuthorizationCheck' of flow 'login' -- action execution attributes were 'map[[empty]]'
Caused by: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@49252d5f in state 'serviceAuthorizationCheck' of flow 'login' -- action execution attributes were 'map[[empty]]'
Caused by: org.springframework.beans.NotReadablePropertyException: Invalid property 'clientId' of bean class [org.apereo.cas.services.CasRegisteredService]: Bean property 'clientId' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?
java.lang.RuntimeException: jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@49252d5f in state 'serviceAuthorizationCheck' of flow 'login' -- action execution attributes were 'map[[empty]]'
Caused by: jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@49252d5f in state 'serviceAuthorizationCheck' of flow 'login' -- action execution attributes were 'map[[empty]]'
Caused by: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@49252d5f in state 'serviceAuthorizationCheck' of flow 'login' -- action execution attributes were 'map[[empty]]'
Caused by: org.springframework.beans.NotReadablePropertyException: Invalid property 'clientId' of bean class [org.apereo.cas.services.CasRegisteredService]: Bean property 'clientId' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?
Robin Joseph
Sep 19, 2024, 3:56:45 PM9/19/24
to CAS Community, Patryk Sondej, Robin Joseph
It is happening to me on the first try, it is also happening to others on the first try with IOS 8.0 and Safari.
Jonathon Taylor
Oct 11, 2024, 11:37:19 AM10/11/24
to cas-...@apereo.org, Patryk Sondej, Robin Joseph
Hi Robin and Patryk,
Have you noticed any improvement with either CAS 7.1.1 or IOS 18.0.1?
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4615c05e-f137-41e4-8781-a0f2ecb6a932n%40apereo.org.
--
Jonathon Taylor
Dec 20, 2024, 11:46:34 AM12/20/24
to cas-...@apereo.org
FYI - This is resolved for us in 7.1.3.
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d12f509a-b814-4a2f-928c-4b19c742ad9dn%40apereo.org.
Patryk Sondej
Dec 27, 2024, 12:03:07 PM12/27/24
to CAS Community, Jonathon Taylor
Now the issue changed from 500 error to 403 error.
I think the core problem seems to occur during the reload process of the "JsonServiceRegistry".
When it reloads, it appears to remove all registered services for short time.
After running 1000 requests, randomly I get 403 ("Service Access Denied") error for registered service:
```
2024-12-27 17:35:40,095 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <{
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Granted",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:40.095331828",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Granted",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:40.095331828",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
2024-12-27 17:35:40,265 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [860] service(s) from [JsonServiceRegistry].>
2024-12-27 17:35:40,273 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <{
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Denied",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:40.273405206",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
2024-12-27 17:35:40,273 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <{
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Denied",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:40.273405206",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
2024-12-27 17:35:45,275 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <{
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Granted",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:45.274841283",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
"who" : "audit:unknown",
"what" : {
"result" : "Service Access Granted",
"service" : "http://example.com/"
},
"action" : "SERVICE_ACCESS_ENFORCEMENT_TRIGGERED",
"when" : "2024-12-27T16:35:45.274841283",
"clientIpAddress" : "127.0.0.1",
"serverIpAddress" : "127.0.0.1",
"geoLocation" : "unknown"
}
```
Patryk Sondej
Dec 27, 2024, 10:18:41 PM12/27/24
to CAS Community, Patryk Sondej, Jonathon Taylor
Now I found a workaround:
cas.service-registry.schedule.enabled=false
This resolves the problem. After applying this configuration, the 403 errors no longer occur.
Reply all
Reply to author
Forward
0 new messages