lose service parameter when incorrect credential entered
102 views
Skip to first unread message
Yan Zhou
Feb 6, 2019, 1:00:05 PM2/6/19
to CAS Community
Hi there,
I extended CAS 5.3.4. The app. redirects to CAS login page with service parameter.
When I type incorrect credential, I saw the invalid credential message, but I lost service parameter, the screen refreshes to have only the CAS url.
What could be missing in my code?
Thx!
Ray Bon
Feb 6, 2019, 1:35:57 PM2/6/19
to cas-...@apereo.org
Yan,
Can you post your code?
Ray
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
Yan Zhou
Feb 6, 2019, 2:02:36 PM2/6/19
to CAS Community
Hi,
I read this in CAS 5.3.X documentation: If “service” was specified to /login, “service” MUST also be a parameter of the form, containing the value originally passed to /login.
Is this saying the Form in casLoginView.html should have "service" parameter, along with username & password? With the sample overlay project, I did not see "service" parameter in the form, but this works fine, i.e., if credential is incorrect, it keeps "service" parameter.
This is my complete login webflow.
<?xml version="1.0" encoding="UTF-8"?>
<flow xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/webflow
<action-state id="initializeLoginForm">
<evaluate expression="initializeLoginAction" />
<transition on="success" to="viewLoginForm"/>
</action-state>
<view-state id="viewLoginForm" view="casLoginView" model="credential">
<binder>
<binding property="username" required="true"/>
<binding property="password" required="true"/>
</binder>
<transition on="submit" bind="true" validate="true" to="realSubmit" history="invalidate"/>
<transition on="forgotPassword" to="forgotPwdSubFlow"/>
</view-state>
<action-state id="realSubmit">
<evaluate expression="authenticationViaFormAction"/>
<transition on="warn" to="warn"/>
<transition on="success" to="checkLoginUser"/>
<transition on="successWithWarnings" to="showAuthenticationWarningMessages"/>
<transition on="authenticationFailure" to="handleAuthenticationFailure"/>
<transition on="error" to="initializeLoginForm"/>
</action-state>
<action-state id="checkLoginUser">
<evaluate expression="flowScope.forgotPasswordFlow=false" />
<evaluate expression="checkLoginUserAction" />
<transition on="changeLoginUserPassword" to="casMustChangePassView" />
<transition on="setupEmail" to="confirmEmailAddress" />
<transition on="success" to="createTicketGrantingTicket" />
<transition on="error" to="initializeLoginForm" />
</action-state>
<view-state id="confirmEmailAddress" view="casConfirmEmailAddressView" model="emailAddressValue">
<binder>
<binding property="emailAddress" />
<binding property="confirmEmailAddress" />
</binder>
<transition on="submit" bind="true" validate="true" to="realChangeEmail"/>
</view-state>
<action-state id="realChangeEmail">
<evaluate expression="confirmEmailAddressAction" />
<transition on="success" to="createTicketGrantingTicket" />
<transition on="error" to="confirmEmailAddress" />
</action-state>
</flow>
package org.apereo.cas.config;
import javax.sql.DataSource;
import org.apereo.cas.adaptors.jdbc.QuestAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import com.quest.hub.cas.entity.UserRepository;
@Configuration("QuestAuthenticationEventExecutionPlanConfiguration")
@AutoConfigureAfter(QuestDatabaseConfiguration.class)
@EnableConfigurationProperties(CasConfigurationProperties.class)
@EnableTransactionManagement(proxyTargetClass = true)
public class QuestAuthenticationEventExecutionPlanConfiguration implements AuthenticationEventExecutionPlanConfigurer {
private static final Logger logger = LoggerFactory.getLogger(QuestAuthenticationEventExecutionPlanConfiguration.class);
@Autowired
private CasConfigurationProperties casProperties;
@Autowired
@Qualifier("servicesManager")
private ServicesManager servicesManager;
@Autowired
@Qualifier("casDataSource")
DataSource dataSource;
@Autowired
private UserRepository userRepository;
@Bean
public AuthenticationHandler questAuthenticationHandler() {
final QuestAuthenticationHandler handler = new QuestAuthenticationHandler("questAuthHandler",
servicesManager, null, 0, dataSource, userRepository);
return handler;
}
@Override
public void configureAuthenticationExecutionPlan(final AuthenticationEventExecutionPlan plan){
plan.registerAuthenticationHandler(questAuthenticationHandler());
}
}
package org.apereo.cas.adaptors.jdbc;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.sql.DataSource;
import org.apache.commons.lang3.time.DateUtils;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.BasicCredentialMetaData;
import org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.exceptions.AccountTemporaryLockedException;
import org.apereo.cas.authentication.exceptions.OneMoreAttemptLoginException;
import org.apereo.cas.authentication.exceptions.TwoMoreAttemptLoginException;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.PasswordDigest;
import org.springframework.dao.DataAccessException;
import com.quest.hub.cas.entity.User;
import com.quest.hub.cas.entity.UserRepository;
import lombok.extern.slf4j.Slf4j;
/**
*/
@Slf4j
public class QuestAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
private UserRepository userRepo;
public QuestAuthenticationHandler(String name, ServicesManager servicesManager, PrincipalFactory principalFactory,
Integer order, DataSource dataSource, UserRepository userRepo) {
super(name, servicesManager, principalFactory, order, dataSource);
this.userRepo = userRepo;
}
protected final AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential, final String originalPassword)
throws GeneralSecurityException {
try {
User user = userRepo.findByLoginNameIgnoreCase(credential.getUsername());
validateUser(user);
if (!user.isEmployee()) {
return authenticateNonEmployee(credential, user);
} else {
throw new FailedLoginException("Login failed: do not support employee login yet.");
}
} catch (DataAccessException ex) {
LOGGER.error("Looking up user error: " + credential.getUsername(), ex);
throw new FailedLoginException("Login failed: cannot find user");
}
}
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
org.apereo.cas.config.QuestAuthenticationEventExecutionPlanConfiguration,\
org.apereo.cas.config.EmbeddedTomcatDatabaseConfiguration,\
org.apereo.cas.config.QuestDatabaseConfiguration,\
org.apereo.cas.config.EnvironmentConfig,\
org.apereo.cas.config.CollaborationConfiguration,\
org.apereo.cas.config.pm.JdbcPasswordManagementConfiguration,\
org.apereo.cas.web.config.QuestCasSupportActionsConfiguration
Thx!
Ray Bon
Feb 6, 2019, 4:42:09 PM2/6/19
to cas-...@apereo.org
Yan,
The log in flow that exists when CAS is running is considerably more complex than the xml file that is in the code base. A number of features will modify the flow.
It may be possible that your 'checkLoginUser' is not being executed where/when in the flow you think.
I have a gist, https://gist.github.com/rbonatuvic/d3ef9e8dc0c5a78870a8520bc2ab2b74, that will format the login flow during startup. Use this to see what the flow looks like
when your custom configuration is being configured.
Where is 'checkLoginUserAction' defined?
Ray
Yan Zhou
Feb 6, 2019, 5:28:17 PM2/6/19
to CAS Community
I think the log may help better. I do not believe CheckLoginUserAction has anything to do with it, because it only comes into the picture if authN is successful.
I just enabled debug logging, the stacktrace below is only because I entered incorrect credential. Notice that my URL had service parameter, but at the end, it is gone.
Yan
2019-02-06 17:13:43,958 DEBUG [org.springframework.web.servlet.DispatcherServlet] - <Last-Modified value for [/cas5/favicon.ico] is: -1>
2019-02-06 17:13:43,975 DEBUG [org.springframework.web.servlet.DispatcherServlet] - <Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling>
2019-02-06 17:13:43,975 DEBUG [org.springframework.web.servlet.DispatcherServlet] - <Successfully completed request>
2019-02-06 17:13:47,047 DEBUG [org.springframework.web.servlet.DispatcherServlet] - <DispatcherServlet with name 'dispatcherServlet' processing POST request for [/cas5/login]>
2019-02-06 17:13:47,048 DEBUG [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] - <Looking up handler method for path /login>
2019-02-06 17:13:47,048 DEBUG [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] - <Did not find handler method for [/login]>
2019-02-06 17:13:47,048 DEBUG [org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - <Mapping request with URI '/cas5/login' to flow with id 'login'>
2019-02-06 17:13:47,048 DEBUG [org.springframework.web.cors.DefaultCorsProcessor] - <Skip CORS processing: request is from same origin>
2019-02-06 17:13:47,049 DEBUG [org.springframework.webflow.executor.FlowExecutorImpl] - <Resuming flow execution with key '91f58848-e4a7-48f3-bd06-.............................................VVS2gxbFQwdmRpNnFCb0wvczRxLmFIMzV5MXFOWGRzMFZrdjdBSUxRMDRyd2VMcjNNYUZCbnRfV3paVUROVTBoc1Y2RThwejNaVzFqREFLRVFjQUJLQnlvQWxDd1p4M3RpN1o0RXdvQVFB>
2019-02-06 17:13:47,076 DEBUG [org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl] - <Getting FlowDefinition with id 'login'>
2019-02-06 17:13:47,076 DEBUG [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Resuming in org.springframework.webflow.mvc.servlet.MvcExternalContext@45a73f16>
2019-02-06 17:13:47,076 DEBUG [org.springframework.webflow.engine.Flow] - <Restoring [FlowVariable@28166464 name = 'credential', valueFactory = [BeanFactoryVariableValueFactory@598dbb8a type = UsernamePasswordCredential]]>
2019-02-06 17:13:47,076 DEBUG [org.springframework.webflow.engine.Flow] - <Restoring [FlowVariable@7ebfbf0d name = 'password', valueFactory = [BeanFactoryVariableValueFactory@51b9ecc3 type = PasswordChangeBean]]>
2019-02-06 17:13:47,077 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Processing user event 'submit'>
2019-02-06 17:13:47,077 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Resolved model UsernamePasswordCredential(username=null)>
2019-02-06 17:13:47,077 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Binding to model>
2019-02-06 17:13:47,092 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Adding mapping for parameter 'username'>
2019-02-06 17:13:47,092 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Adding mapping for parameter 'password'>
2019-02-06 17:13:47,110 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Validating model>
2019-02-06 17:13:47,119 DEBUG [org.springframework.webflow.engine.ViewState] - <Event 'submit' returned from view [ServletMvcView@7b85d56 view = org.thymeleaf.spring4.view.ThymeleafView@2e45283e]>
2019-02-06 17:13:47,119 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@37040f3d on = submit, to = realSubmit]>
2019-02-06 17:13:47,119 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'viewLoginForm'>
2019-02-06 17:13:47,119 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'realSubmit' of flow 'login'>
2019-02-06 17:13:47,119 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@6e964906 expression = flowScope.doChangePassword = requestParameters.doChangePassword != null, resultExpression = [null]]>
2019-02-06 17:13:47,120 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@6e964906 expression = flowScope.doChangePassword = requestParameters.doChangePassword != null, resultExpression = [null]]; result = no>
2019-02-06 17:13:47,120 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@78ba11bc expression = authenticationViaFormAction, resultExpression = [null]]>
2019-02-06 17:13:47,120 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Putting action execution attributes map[[empty]]>
2019-02-06 17:13:47,120 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.actions.InitialAuthenticationAction@3544577f>
2019-02-06 17:13:47,121 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Attempting to resolve authentication event using resolver [ServiceTicketRequestWebflowEventResolver]>
2019-02-06 17:13:47,121 DEBUG [org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver] - <Located ticket-granting ticket [null] from the request context>
2019-02-06 17:13:47,122 DEBUG [org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver] - <Located service [AbstractWebApplicationService(id=https://test.com, originalUrl=https://test.com, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={})] from the request context>
2019-02-06 17:13:47,122 DEBUG [org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver] - <Provided value for [renew] request parameter is [null]>
2019-02-06 17:13:47,122 DEBUG [org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver] - <Request is not eligible to be issued service tickets just yet>
2019-02-06 17:13:47,123 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Attempting to resolve authentication event using resolver [InitialAuthenticationAttemptWebflowEventResolver]>
2019-02-06 17:13:47,292 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=dd)] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
2019-02-06 17:13:47,293 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[questAuthHandler]: []>
2019-02-06 17:13:47,304 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: dd
WHAT: Supplied credentials: [UsernamePasswordCredential(username=dd)]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Wed Feb 06 17:13:47 EST 2019
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================
>
2019-02-06 17:13:47,313 DEBUG [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] - <1 errors, 0 successes>
org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes
at org.apereo.cas.authentication.PolicyBasedAuthenticationManager.evaluateFinalAuthentication(PolicyBasedAuthenticationManager.java:391) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:371) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:144) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.PolicyBasedAuthenticationManager$$FastClassBySpringCGLIB$$90e801d3.invoke(<generated>) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:135) ~[inspektr-audit-1.8.3.GA.jar:1.8.3.GA]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:46) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:32) ~[metrics-spring-3.1.3.jar:?]
at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59) ~[metrics-spring-3.1.3.jar:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apereo.cas.authentication.PolicyBasedAuthenticationManager$$EnhancerBySpringCGLIB$$401a6dc.authenticate(<generated>) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.DefaultAuthenticationTransactionManager.handle(DefaultAuthenticationTransactionManager.java:29) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.DefaultAuthenticationSystemSupport.handleAuthenticationTransaction(DefaultAuthenticationSystemSupport.java:48) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.authentication.DefaultAuthenticationSystemSupport.handleInitialAuthenticationTransaction(DefaultAuthenticationSystemSupport.java:34) ~[cas-server-core-authentication-api-5.3.4.jar:5.3.4]
at org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver.resolveInternal(InitialAuthenticationAttemptWebflowEventResolver.java:80) ~[cas-server-core-webflow-api-5.3.4.jar:5.3.4]
at org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolve(AbstractCasWebflowEventResolver.java:403) ~[cas-server-core-webflow-api-5.3.4.jar:5.3.4]
at org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolveSingle(AbstractCasWebflowEventResolver.java:408) ~[cas-server-core-webflow-api-5.3.4.jar:5.3.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) ~[spring-core-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.sun.proxy.$Proxy205.resolveSingle(Unknown Source) ~[?:?]
at org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.doExecute(AbstractAuthenticationAction.java:56) ~[cas-server-core-webflow-api-5.3.4.jar:5.3.4]
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) ~[spring-core-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.sun.proxy.$Proxy202.execute(Unknown Source) ~[?:?]
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.State.enter(State.java:194) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.Transition.execute(Transition.java:228) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.ViewState.resume(ViewState.java:195) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.Flow.resume(Flow.java:537) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) ~[spring-core-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at com.sun.proxy.$Proxy200.resumeExecution(Unknown Source) ~[?:?]
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:254) ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) ~[spring-webmvc-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) ~[spring-webmvc-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) ~[spring-webmvc-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) ~[servlet-api.jar:?]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) ~[servlet-api.jar:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-websocket.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55) ~[spring-boot-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:30) ~[cas-server-core-web-api-5.3.4.jar:5.3.4]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:237) ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94) ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111) ~[spring-boot-actuator-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91) ~[cas-server-core-logging-5.3.4.jar:5.3.4]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:103) ~[spring-boot-actuator-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130) ~[spring-boot-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66) ~[spring-boot-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105) ~[spring-boot-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.19.RELEASE.jar:4.3.19.RELEASE]
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123) ~[spring-boot-1.5.16.RELEASE.jar:1.5.16.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) ~[inspektr-common-1.8.3.GA.jar:1.8.3.GA]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) ~[log4j-web-2.11.0.jar:2.11.0]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[catalina.jar:8.5.32]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) ~[catalina.jar:8.5.32]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) ~[catalina.jar:8.5.32]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) ~[catalina.jar:8.5.32]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) ~[catalina.jar:8.5.32]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) ~[catalina.jar:8.5.32]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) ~[tomcat-coyote.jar:8.5.32]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-coyote.jar:8.5.32]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) ~[tomcat-coyote.jar:8.5.32]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) ~[tomcat-coyote.jar:8.5.32]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:8.5.32]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[?:1.8.0_121]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) ~[?:1.8.0_121]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:8.5.32]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_121]
2019-02-06 17:13:47,313 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Resolved single event [authenticationFailure] via [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] for this context>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.InitialAuthenticationAction@3544577f; result = authenticationFailure>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@78ba11bc expression = authenticationViaFormAction, resultExpression = [null]]; result = authenticationFailure>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@2bd3cfbc on = authenticationFailure, to = handleAuthenticationFailure]>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'realSubmit'>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'handleAuthenticationFailure' of flow 'login'>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@47dbc0ab expression = authenticationExceptionHandler, resultExpression = [null]]>
2019-02-06 17:13:47,313 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@299c6cf0>
2019-02-06 17:13:47,313 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located current event [authenticationFailure]>
2019-02-06 17:13:47,314 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located error attribute [class org.apereo.cas.authentication.AuthenticationException] with message [1 errors, 0 successes] from the current event>
2019-02-06 17:13:47,316 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Unable to translate handler errors of the authentication exception [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes]. Returning [UNKNOWN]>
2019-02-06 17:13:47,321 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Final event id resolved from the error is [UNKNOWN]>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@299c6cf0; result = UNKNOWN>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@47dbc0ab expression = authenticationExceptionHandler, resultExpression = [null]]; result = UNKNOWN>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@73e96d0f on = *, to = initializeLoginForm]>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'handleAuthenticationFailure'>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'initializeLoginForm' of flow 'login'>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@3474bb36 expression = initializeLoginAction, resultExpression = [null]]>
2019-02-06 17:13:47,321 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Putting action execution attributes map[[empty]]>
2019-02-06 17:13:47,322 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.login.InitializeLoginAction@65338763>
2019-02-06 17:13:47,322 INFO [org.apereo.cas.web.flow.login.InitializeLoginAction] - <Initialized Quest login sequence, original request URL: http://localhost:8180/cas5/login>
Now we lost the service parameter as you can see in the last line.
Ray Bon
Feb 6, 2019, 5:55:25 PM2/6/19
to cas-...@apereo.org
Yan,
Fix the error first. It could be eating the parameters. Return to default login flow and try again.
Are you sure your authentication handler is correct?
Ray
Colin Wilkinson
Feb 6, 2019, 6:12:52 PM2/6/19
to CAS Community
Hi Yan,
As Ray correct pointed out the XML webflow defined is a basic starting point, if search through the you find alot of class extending CasWebflowConfigurer this include the DefaultLoginWebflowConfigurer.
During our upgrade from I noticed the same issue that at times the service parameter was going missing, but the page worked fine as long as I did NOT do a refresh. From my investigation the service parameter is stored upon entry into CAS and as long as the page is not force refresh from the user without the service parameter then CAS should work fine.
During my investigation I found the following redirect,
<end-state id="redirectView" view="externalRedirect:#{requestScope.url}"/>
They redirect without the query parameters. There is also a redirectToLogin as well.
<end-state id="redirectToLogin" view="externalRedirect:#{'login'}"/>
Given that you have started invalid credentials then its more than likely going down the "<transition on="authenticationFailure" to="handleAuthenticationFailure"/>" code and not even hitting your code.
Regards,
Colin
Yan Zhou
Feb 7, 2019, 3:04:17 PM2/7/19
to CAS Community
Hi,
What I did is to compare the two projects, one is a simple cas5.3.x overlay and the other is mine (after removing any customization of login flow). Still the simple overlay preserves service parameter, and mine does not, even after I removed all customization done to the flow (apparently there must be still some subtle changes to the flow, I just do not know what it is).
For some reason, my flowExecutionUrl lost service parameter.
This is mine that lost service parameter after incorrect user credential.
2019-02-07 10:42:08,403 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Resolved single event [authenticationFailure] via [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] for this context>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.InitialAuthenticationAction@1d082ed8; result = authenticationFailure>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@1c04a306 expression = authenticationViaFormAction, resultExpression = [null]]; result = authenticationFailure>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@69b93ff2 on = authenticationFailure, to = handleAuthenticationFailure]>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'realSubmit'>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'handleAuthenticationFailure' of flow 'login'>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@5a7334d4 expression = authenticationExceptionHandler, resultExpression = [null]]>
2019-02-07 10:42:08,404 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6>
2019-02-07 10:42:08,404 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located current event [authenticationFailure]>
2019-02-07 10:42:08,404 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located error attribute [class org.apereo.cas.authentication.AuthenticationException] with message [1 errors, 0 successes] from the current event>
2019-02-07 10:42:08,406 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Unable to translate handler errors of the authentication exception [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes]. Returning [UNKNOWN]>
2019-02-07 10:42:08,409 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Final event id resolved from the error is [UNKNOWN]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6; result = UNKNOWN>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@5a7334d4 expression = authenticationExceptionHandler, resultExpression = [null]]; result = UNKNOWN>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@4b9fecdf on = *, to = initializeLoginForm]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'handleAuthenticationFailure'>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'initializeLoginForm' of flow 'login'>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@2b48526a expression = initializeLoginAction, resultExpression = [null]]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Putting action execution attributes map[[empty]]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394>
2019-02-07 10:42:08,410 INFO [org.apereo.cas.web.flow.login.InitializeLoginAction] - <Initialized Quest login sequence, original request URL: http://localhost:8180/cas5/login>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394; result = success>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@2b48526a expression = initializeLoginAction, resultExpression = [null]]; result = success>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@75b36a3f on = success, to = viewLoginForm]>
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'initializeLoginForm'>
..............................
2019-02-07 10:42:08,410 DEBUG [org.springframework.webflow.engine.ViewState] - <Entering state 'viewLoginForm' of flow 'login'>
2019-02-07 10:42:08,415 DEBUG [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key 2551e999-88a9-4540-b31a..................................>
2019-02-07 10:42:08,415 DEBUG [org.springframework.webflow.engine.ViewState] - <Rendering + [ServletMvcView@30813248 view = org.thymeleaf.spring4.view.ThymeleafView@6781c9ef]>
2019-02-07 10:42:08,415 DEBUG [org.springframework.webflow.engine.ViewState] - < Flash scope = map[[empty]]>
2019-02-07 10:42:08,415 DEBUG [org.springframework.webflow.engine.ViewState] - < Messages = [DefaultMessageContext@54943838 sourceMessages = map[[null] -> list[[Message@46ab2bcf source = [null], severity = ERROR, text = 'Invalid credentials.']]]]>
2019-02-07 10:42:08,418 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC [org.thymeleaf.spring4.view.ThymeleafView@6781c9ef] with model map [{passwordManagementEnabled=true, viewScope=map[[empty]], warnCookieValue=false,
org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: 1 errors
Error in object 'credential': codes []; arguments []; default message [Invalid credentials.], staticAuthentication=false,
flowExecutionUrl=/cas5/login?username=fd&password=f&geolocation=&execution=6334l1YjRDZ5X0Qzb21tZ3pKaXRWRmJxSlRB........,
service=AbstractWebApplicationService(id=https://test.com, originalUrl=https://test.com, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML,
attributes={}), ticketGrantingTicketId=null, googleAnalyticsTrackingId=null, trackGeoLocation=false, flashScope=map[[empty]],
registeredService=AbstractRegisteredService(serviceId=^https?://.*, name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, responseType=null, id=1,
description=Management3, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, expirationDate=null),
proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, evaluationOrder=1,
usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, logoutType=BACK_CHANNEL, requiredHandlers=[],
attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null,
principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, excludedAttributes=null,
includeOnlyAttributes=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false,
authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null)), multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[],
failureMode=NOT_SET, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false), logo=null,
logoutUrl=https://localhost:8543/ssvenroll/logout, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null,
delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={},
caseInsensitive=false), publicKey=null, properties={}, contacts=[]), doChangePassword=false}]>
================================================
the following is the one preserved service parameter after incorrect credential.
2019-02-07 09:27:55,199 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Resolved single event [authenticationFailure] via [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] for this context>
2019-02-07 09:27:55,199 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.InitialAuthenticationAction@723fc09a; result = authenticationFailure>
2019-02-07 09:27:55,199 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@1c4ec4ac expression = authenticationViaFormAction, resultExpression = [null]]; result = authenticationFailure>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@7919640a on = authenticationFailure, to = handleAuthenticationFailure]>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'realSubmit'>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'handleAuthenticationFailure' of flow 'login'>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@522dccba expression = authenticationExceptionHandler, resultExpression = [null]]>
2019-02-07 09:27:55,200 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4>
2019-02-07 09:27:55,200 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located current event [authenticationFailure]>
2019-02-07 09:27:55,200 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Located error attribute [class org.apereo.cas.authentication.AuthenticationException] with message [0 errors, 0 successes] from the current event>
2019-02-07 09:27:55,202 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Unable to translate handler errors of the authentication exception [org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 successes]. Returning [UNKNOWN]>
2019-02-07 09:27:55,205 DEBUG [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - <Final event id resolved from the error is [UNKNOWN]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4; result = UNKNOWN>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@522dccba expression = authenticationExceptionHandler, resultExpression = [null]]; result = UNKNOWN>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@51381f10 on = *, to = initializeLoginForm]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'handleAuthenticationFailure'>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.ActionState] - <Entering state 'initializeLoginForm' of flow 'login'>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing [EvaluateAction@2d85dcb3 expression = initializeLoginAction, resultExpression = [null]]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Putting action execution attributes map[[empty]]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Executing org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7; result = success>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@2d85dcb3 expression = initializeLoginAction, resultExpression = [null]]; result = success>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@3965ba70 on = success, to = checkForPswdResetToken]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'initializeLoginForm'>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.DecisionState] - <Entering state 'checkForPswdResetToken' of flow 'login'>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@6fccb97d on = *, to = viewLoginForm]>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'checkForPswdResetToken'>
2019-02-07 09:27:55,206 DEBUG [org.springframework.webflow.engine.ViewState] - <Entering state 'viewLoginForm' of flow 'login'>
2019-02-07 09:27:55,212 DEBUG [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key 5a4a05e9-4f13-41e8-859a-........................................>
2019-02-07 09:27:55,212 WARN [org.apereo.cas.services.web.RegisteredServiceThemeResolver] - <Custom theme [hcp] for service [AbstractRegisteredService(serviceId=^https?://.*, name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, responseType=null, id=1, description=Management3, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, expirationDate=null), proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, evaluationOrder=1, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, logoutType=BACK_CHANNEL, requiredHandlers=[], attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, excludedAttributes=null, includeOnlyAttributes=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null)), multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=NOT_SET, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, logoutUrl=https://localhost:8543/ssvenroll/logout, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false), publicKey=null, properties={}, contacts=[])] cannot be located. Falling back to default theme...>
2019-02-07 09:27:55,213 DEBUG [org.springframework.webflow.engine.ViewState] - <Rendering + [ServletMvcView@2fa3b937 view = org.thymeleaf.spring4.view.ThymeleafView@16f0e998]>
2019-02-07 09:27:55,213 DEBUG [org.springframework.webflow.engine.ViewState] - < Flash scope = map[[empty]]>
2019-02-07 09:27:55,213 DEBUG [org.springframework.webflow.engine.ViewState] - < Messages = [DefaultMessageContext@133c6c9b sourceMessages = map[[null] -> list[[Message@728eb6f7 source = [null], severity = ERROR, text = 'Invalid credentials.']]]]>
2019-02-07 09:27:55,216 DEBUG [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC [org.thymeleaf.spring4.view.ThymeleafView@16f0e998] with model map [{passwordManagementEnabled=true, viewScope=map[[empty]], warnCookieValue=false, org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: 1 errors
Error in object 'credential': codes []; arguments []; default message
[Invalid credentials.], staticAuthentication=false,
flowExecutionUrl=/cas5/login?service=https%3A%2F%2Ftest.com&username=d&password=dd&geolocation=&execution=3594802e-...................VR,
service=AbstractWebApplicationService(id=https://test.com, originalUrl=https://test.com, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML,
attributes={}), ticketGrantingTicketId=null, googleAnalyticsTrackingId=null, trackGeoLocation=false, flashScope=map[[empty]],
registeredService=AbstractRegisteredService(serviceId=^https?://.*, name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, responseType=null, id=1,
description=Management3, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, expirationDate=null),
proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, evaluationOrder=1,
usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, logoutType=BACK_CHANNEL, requiredHandlers=[],
attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null,
principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, excludedAttributes=null, includeOnlyAttributes=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null)), multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=NOT_SET, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, logoutUrl=https://localhost:8543/ssvenroll/logout, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false), publicKey=null, properties={}, contacts=[]), doChangePassword=false}]>
Ray Bon
Feb 7, 2019, 5:12:32 PM2/7/19
to cas-...@apereo.org
Yan,
In the preserved parameter log, checkForPswdResetToken exists between initializeLoginForm and viewLoginForm. It is missing in yours.
Ray
Yan Zhou
Feb 7, 2019, 7:04:39 PM2/7/19
to CAS Community
Thanks for reading through such long logs. I appreciate it!
I am getting closer. With the one missing service parameter, it is because when the login form submits, it is missing service parameter to begin with. CAS code confirmed the behavior.
the FORM POST did not have service parameter to begin with
127.0.0.1 - - [07/Feb/2019:18:47:09 -0500] "POST /cas5/login HTTP/1.1" 401 18021 <== this happens to my form when I submit login form after entering incorrect credential
127.0.0.1 - - [07/Feb/2019:18:52:43 -0500] "POST /cas5/login?service=https://test.com HTTP/1.1" 401 18184 <== this happens at the simple overlay app
Now the question is, how did I get here? I am using essentially the same form, not sure why one appends service parameter but the other does not.
<form method="post" id="fm1" action="login" class="login__form md-block layout-align-center-center layout-column ng-valid ng-valid-required" _lpchecked="1" >
<md-input-container class="md-block layout-fill md-has-icon md-input-has-value" layout-fill="">
<label for="username">Username</label>
<input type="text" ng-model="vm.username" required="" name="username" id="username" class="qd-text-input md-input ng-not-empty ng-dirty ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" tabindex="1" value="" aria-invalid="false" style="background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAAAXNSR0IArs4c6QAAAUBJREFUOBGVVE2ORUAQLvIS4gwzEysHkHgnkMiEc4zEJXCMNwtWTmDh3UGcYoaFhZUFCzFVnu4wIaiE+vvq6+6qTgthGH6O4/jA7x1OiCAIPwj7CoLgSXDxSjEVzAt9k01CBKdWfsFf/2WNuEwc2YqigKZpK9glAlVVwTTNbQJZlnlCkiTAZnF/mePB2biRdhwHdF2HJEmgaRrwPA+qqoI4jle5/8XkXzrCFoHg+/5ICdpm13UTho7Q9/0WnsfwiL/ouHwHrJgQR8WEwVG+oXpMPaDAkdzvd7AsC8qyhCiKJjiRnCKwbRsMw9hcQ5zv9maSBeu6hjRNYRgGFuKaCNwjkjzPoSiK1d1gDDecQobOBwswzabD/D3Np7AHOIrvNpHmPI+Kc2RZBm3bcp8wuwSIot7QQ0PznoR6wYSK0Xb/AGVLcWwc7Ng3AAAAAElFTkSuQmCC"); background-repeat: no-repeat; background-attachment: scroll; background-size: 16px 18px; background-position: 98% 50%; cursor: auto;"><div class="md-errors-spacer"></div><md-icon class="icon-user ng-isolate-scope material-icons" aria-hidden="true"></md-icon>
</md-input-container>
<md-input-container class="md-block layout-fill md-has-icon md-input-has-value" layout-fill="">
<label for="password">Password</label>
<input type="password" ng-model="vm.password" required="" name="password" id="password" class="qd-text-input md-input ng-not-empty ng-dirty ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" tabindex="2" value="" aria-invalid="false" style="background-image: url("data:image/png;base64,iVBORw.........3AAAAAElFTkSuQmCC"); background-repeat: no-repeat; background-attachment: scroll; background-size: 16px 18px; background-position: 98% 50%; cursor: auto;"><div class="md-errors-spacer"></div><md-icon class="icon-lock ng-isolate-scope material-icons" aria-hidden="true"></md-icon>
<div class="hint">Password is case-sensitive</div>
</md-input-container>
<button class="md-raised qd-button login__button md-button md-ink-ripple" type="submit" ng-transclude="" tabindex="6" ng-disabled="!vm.username || !vm.password" aria-label="Login"><span class="ng-scope">Login</span></button>
<input type="hidden" name="geolocation"><input type="hidden" name="execution" value="27f6679d-4caf-4671-bf76-...................................">
<input type="hidden" name="_eventId" value="submit">
</form>
Ray Bon
Feb 7, 2019, 7:31:02 PM2/7/19
to cas-...@apereo.org
Yan,
Use your browser development tools to see if there is an unexpected redirect. If there is, that would be where the service param is lost.
The service is part of the url and not a form variable.
Ray
Yan Zhou
Feb 8, 2019, 10:27:07 AM2/8/19
to CAS Community
Thanks Ray for staying on this!!
I finally figured this out. My Login page is loading some JS and CSS file. One of the JS does not exist, returning 404. That apparently caused the problem. Once I removed that non-existing JS, it works!
Yan
Reply all
Reply to author
Forward
0 new messages