CAS 6.3.4 SAML Error.
36 views
Skip to first unread message
erik.m...@gmail.com
Jul 15, 2021, 9:35:26 AM7/15/21
to cas-...@apereo.org
Hello,
It's me again.
I have included SAML in the 6.3.4 cas.war file and I get the "too many
redirects error, I turned up debug for open saml and this is the error
I see over and over. Most times the redirect issue is a client issue or
a misconfigured service definition, this time I think it's something
else.
As usual, any help is greatly appricated. Error messages follows:
2021-07-15 08:27:55,641 ERROR
[org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[di
spatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet]
in context with path [/cas] threw exception [Handler dispatch failed;
nested exception is java.lang.StackOverflowError] with root cause>
java.lang.StackOverflowError: null
at java.util.HashMap.putVal(HashMap.java:624) ~[?:?]
at java.util.HashMap.putMapEntries(HashMap.java:510) ~[?:?]
at java.util.LinkedHashMap.<init>(LinkedHashMap.java:384)
~[?:?]
at
org.apereo.cas.authentication.principal.cache.AbstractPrincipalAttribut
esRepository.convertPrincipalAttributesToPersonAttributes(AbstractPrinc
ipalAttributesRepository.java:98) ~[cas-server-core-authentication-
attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.authentication.principal.cache.AbstractPrincipalAttribut
esRepository.getPrincipalAttributes(AbstractPrincipalAttributesReposito
ry.java:204) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepos
itory.getAttributes(DefaultPrincipalAttributesRepository.java:33)
~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.resolveAttributesFromPrincipalAttributeRepository(AbstractRegisteredSe
rviceAttributeReleasePolicy.java:201) ~[cas-server-core-authentication-
attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:99)
~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.insertPrincipalIdAsAttributeIfNeeded(AbstractRegisteredServiceAttribut
eReleasePolicy.java:220) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:124
) ~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.insertPrincipalIdAsAttributeIfNeeded(AbstractRegisteredServiceAttribut
eReleasePolicy.java:220) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:124
) ~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
...
...
2021-07-15 08:27:55,643 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <"ERROR" dispatch
for POST
"/cas/error?TARGET=https%3A%2F%2Fssbappdev.wichita.edu%2FStudentFaculty
GradeEntry%2Fj_spring_cas_security_check", parameters={masked}>
2021-07-15 08:27:55,644 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHa
ndlerMapping] - <Mapped to
org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorCont
roller#errorHtml(HttpServletRequest, HttpServletResponse)>
2021-07-15 08:27:55,652 DEBUG
[org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
<Selected 'text/html' given [text/html, text/html;q=.2]>
2021-07-15 08:27:55,697 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Exiting from
"ERROR" dispatch, status 500>
2021-07-15 08:27:55,698 ERROR [org.apache.tomcat.util.net.NioEndpoint]
- <Failed to close channel>
java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method) ~[?:?]
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
~[?:?]
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:113)
~[?:?]
at sun.nio.ch.IOUtil.write(IOUtil.java:79) ~[?:?]
at sun.nio.ch.IOUtil.write(IOUtil.java:50) ~[?:?]
at
sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:462) ~[?:?]
at
org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java
:150) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java
:561) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java
:585) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doClose(NioEndp
oint.java:1286) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SocketWrapperBase.close(SocketWrapperBase.ja
va:422) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.
java:791) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoin
t.java:1710) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.
java:49) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.ja
va:1128) ~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.j
ava:628) ~[?:?]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThre
ad.java:61) ~[tomcat-util-9.0.45.jar!/:9.0.45]
at java.lang.Thread.run(Thread.java:829) [?:?]
It's me again.
I have included SAML in the 6.3.4 cas.war file and I get the "too many
redirects error, I turned up debug for open saml and this is the error
I see over and over. Most times the redirect issue is a client issue or
a misconfigured service definition, this time I think it's something
else.
As usual, any help is greatly appricated. Error messages follows:
2021-07-15 08:27:55,641 ERROR
[org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[di
spatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet]
in context with path [/cas] threw exception [Handler dispatch failed;
nested exception is java.lang.StackOverflowError] with root cause>
java.lang.StackOverflowError: null
at java.util.HashMap.putVal(HashMap.java:624) ~[?:?]
at java.util.HashMap.putMapEntries(HashMap.java:510) ~[?:?]
at java.util.LinkedHashMap.<init>(LinkedHashMap.java:384)
~[?:?]
at
org.apereo.cas.authentication.principal.cache.AbstractPrincipalAttribut
esRepository.convertPrincipalAttributesToPersonAttributes(AbstractPrinc
ipalAttributesRepository.java:98) ~[cas-server-core-authentication-
attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.authentication.principal.cache.AbstractPrincipalAttribut
esRepository.getPrincipalAttributes(AbstractPrincipalAttributesReposito
ry.java:204) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepos
itory.getAttributes(DefaultPrincipalAttributesRepository.java:33)
~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.resolveAttributesFromPrincipalAttributeRepository(AbstractRegisteredSe
rviceAttributeReleasePolicy.java:201) ~[cas-server-core-authentication-
attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:99)
~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.insertPrincipalIdAsAttributeIfNeeded(AbstractRegisteredServiceAttribut
eReleasePolicy.java:220) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:124
) ~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.insertPrincipalIdAsAttributeIfNeeded(AbstractRegisteredServiceAttribut
eReleasePolicy.java:220) ~[cas-server-core-authentication-attributes-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy
.getAttributes(AbstractRegisteredServiceAttributeReleasePolicy.java:124
) ~[cas-server-core-authentication-attributes-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.getPrincipalAttributesFromReleasePolicy(PrincipalAttributeRegister
edServiceUsernameProvider.java:105) ~[cas-server-core-services-api-
6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProv
ider.resolveUsernameInternal(PrincipalAttributeRegisteredServiceUsernam
eProvider.java:57) ~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
at
org.apereo.cas.services.BaseRegisteredServiceUsernameAttributeProvider.
resolveUsername(BaseRegisteredServiceUsernameAttributeProvider.java:44)
~[cas-server-core-services-api-6.3.4.jar!/:6.3.4]
...
...
2021-07-15 08:27:55,643 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <"ERROR" dispatch
for POST
"/cas/error?TARGET=https%3A%2F%2Fssbappdev.wichita.edu%2FStudentFaculty
GradeEntry%2Fj_spring_cas_security_check", parameters={masked}>
2021-07-15 08:27:55,644 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHa
ndlerMapping] - <Mapped to
org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorCont
roller#errorHtml(HttpServletRequest, HttpServletResponse)>
2021-07-15 08:27:55,652 DEBUG
[org.springframework.web.servlet.view.ContentNegotiatingViewResolver] -
<Selected 'text/html' given [text/html, text/html;q=.2]>
2021-07-15 08:27:55,697 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - <Exiting from
"ERROR" dispatch, status 500>
2021-07-15 08:27:55,698 ERROR [org.apache.tomcat.util.net.NioEndpoint]
- <Failed to close channel>
java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method) ~[?:?]
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
~[?:?]
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:113)
~[?:?]
at sun.nio.ch.IOUtil.write(IOUtil.java:79) ~[?:?]
at sun.nio.ch.IOUtil.write(IOUtil.java:50) ~[?:?]
at
sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:462) ~[?:?]
at
org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java
:150) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java
:561) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java
:585) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doClose(NioEndp
oint.java:1286) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SocketWrapperBase.close(SocketWrapperBase.ja
va:422) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.
java:791) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoin
t.java:1710) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.
java:49) ~[tomcat-embed-core-9.0.45.jar!/:9.0.45]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.ja
va:1128) ~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.j
ava:628) ~[?:?]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThre
ad.java:61) ~[tomcat-util-9.0.45.jar!/:9.0.45]
at java.lang.Thread.run(Thread.java:829) [?:?]
Tom O'Neill
Jul 15, 2021, 2:28:43 PM7/15/21
to cas-...@apereo.org
Eric,
What does the access log look like on the servlet container?
For example, Tomcat should have a localhost_access_<date>.log file that records all of the requests.
I've seen this when ticket validation fails and I've had luck spotting the issue in the past by reviewing the incoming requests.
Thanks,
Tom
-----Original Message-----
From: cas-...@apereo.org <cas-...@apereo.org> On Behalf Of erik.m...@gmail.com
Sent: Thursday, July 15, 2021 9:35 AM
To: cas-...@apereo.org
Subject: [EXT] [cas-user] CAS 6.3.4 SAML Error.
CAUTION: This email originated from outside of SIG. Exercise caution when opening attachments or clicking links, especially from unknown senders.
[EXT-STAMP-ADDED]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b03198b868505f368b1887a47c397a5b2133279b.camel%40gmail.com.
What does the access log look like on the servlet container?
For example, Tomcat should have a localhost_access_<date>.log file that records all of the requests.
I've seen this when ticket validation fails and I've had luck spotting the issue in the past by reviewing the incoming requests.
Thanks,
Tom
-----Original Message-----
From: cas-...@apereo.org <cas-...@apereo.org> On Behalf Of erik.m...@gmail.com
Sent: Thursday, July 15, 2021 9:35 AM
To: cas-...@apereo.org
Subject: [EXT] [cas-user] CAS 6.3.4 SAML Error.
CAUTION: This email originated from outside of SIG. Exercise caution when opening attachments or clicking links, especially from unknown senders.
[EXT-STAMP-ADDED]
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b03198b868505f368b1887a47c397a5b2133279b.camel%40gmail.com.
Reply all
Reply to author
Forward
0 new messages