Minor Issue With CAS Functional Tests
Skip to first unread message
William
Jun 30, 2016, 5:56:07 PM6/30/16
to CAS Community
I have written all of the Geb/Groovy Login and Validation Test scripts for the CAS Functional Tests: https://github.com/wcrowell/cas-functional-tests
You can check these scripts out by doing a: git clone https://github.com/wcrowell/cas-functional-tests.git
Then run: gradle clean farmIntegrationTest
I am having a minor issue with the last test called "proxy-granting ticket invalidation by logout": https://wiki.jasig.org/display/CAS/CAS+Functional+Tests
The test states: "9. After verifying that Steps 1-8 above succeed, visit /logout"
You can view this test here: https://github.com/wcrowell/cas-functional-tests/blob/master/src/test/groovy/PGTInvalidationByLogoutSpec.groovy
When I visit "/cas/logout", I get the CAS logout page as expected, but when I call "/cas/proxy?targetService=bar&pgt=[PGT]" I should get:
<cas:proxyFailure code='BAD_PGT'>
Instead, CAS appears to have not logged me out and gives me the proxy ticket in return:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:proxySuccess> <cas:proxyTicket>PT-10-uyucoGE4BNqkNg46HX5q-cas01.example.org</cas:proxyTicket> </cas:proxySuccess> </cas:serviceResponse>
Any ideas?
Misagh Moayyed
Jul 1, 2016, 9:46:47 AM7/1/16
to CAS Community
Which CAS version?
-- Misagh
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8c9a5d38-93e7-4424-ad20-176af87e300e%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Dmitriy Kopylenko
Jul 1, 2016, 9:48:37 AM7/1/16
to Misagh Moayyed, CAS Community
Looks like it’s 4.2.2: https://github.com/wcrowell/cas-functional-tests/blob/master/gradle.properties#L6
D.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b816972c-8f48-40d4-ac47-ef5bafd6ff1f%40unicon.net.
Misagh Moayyed
Jul 1, 2016, 11:16:39 AM7/1/16
to CAS Community
Ah. So that really should not happen. You should trace the ticket activity in the logs and see what's going on.
-- Misagh
William
Jul 5, 2016, 2:22:40 PM7/5/16
to CAS Community, mmoa...@unicon.net
I found what I was missing, but unfortunately it did not fix the issue.
Since I am using the CAS REST API to create the TGT, I needed to include a call to "/v1/tickets/TGT-<some TGT ID>" using the HTTP DELETE method before calling the "/cas/proxy" endpoint.
I am attaching another test run which includes the call for the TGT to be deleted.
I can see the TGT get destroyed in the log, but then it allows me to create a proxy ticket off the proxy granting ticket. That proxy granting ticket is tied to the destroyed TGT.
This seems like a bug to me unless I am missing something. Any thoughts?
Message has been deleted
Misagh Moayyed
Jul 5, 2016, 5:54:06 PM7/5/16
to CAS Community
It does sort of look like a bug. Your PT is actually tied to the PGT which is tied to the TGT. Destroying the TGT should remove the PGT too. The only reasonable explanation here is that your TGT is not tracking services for which STs have been issued. When you create STs, TGT is supposed to track services that are associated with those. In your logs, I am not seeing children of a TGT removed, which sort of suggests that those services are not kept in check somehow.
I don’t know if this is a bug yet; nothing jumps out at me. You probably should step through the registry code at the time when CAS attempts to delete a TGT.
--
Misagh
Misagh
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3bc28aa1-473f-47b3-88cb-2bea1dddb37f%40apereo.org.
Misagh Moayyed
Jul 5, 2016, 5:55:04 PM7/5/16
to CAS Community
Never mind. I see it. Please file an issue. Excellent find.
--
Misagh
Misagh
William
Jul 5, 2016, 6:07:30 PM7/5/16
to CAS Community, mmoa...@unicon.net
Misagh,
Will do. I will probably file it late today or tomorrow. Thanks.
Dmitriy Kopylenko
Jul 5, 2016, 6:13:46 PM7/5/16
to William, CAS Community, Misagh Moayyed
This proves the usefulness of the functional tests which were able to catch this bug!
Cheers,
D.
On Jul 5, 2016, at 6:07 PM, William <william...@openlogic.com> wrote:
Misagh,Will do. I will probably file it late today or tomorrow. Thanks.
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6273d150-8c6e-48e5-ba37-d6355398b375%40apereo.org.
William
Jul 5, 2016, 6:30:00 PM7/5/16
to CAS Community, william...@openlogic.com, mmoa...@unicon.net, dkopy...@unicon.net
Good to hear! Maybe I can take this a step further and track this down. I am getting more familiar with the code base everyday.
William
Jul 6, 2016, 7:26:50 AM7/6/16
to CAS Community, william...@openlogic.com, mmoa...@unicon.net, dkopy...@unicon.net
Issue 1869 created for this issue:
Destroying the TGT Does Not Remove the PGT #1869
Reply all
Reply to author
Forward
0 new messages