MFA Gauth registry fails to register multiple users

125 views

Skip to first unread message

Bertrand Carlier

unread,

Jul 20, 2017, 11:40:55 AM7/20/17

to CAS Community

hello all,

I cannot register multiple users on Google Auth mfa method:

- using the JSON registry will only record the first user, the second one fails

- using the MongoDB registry will only record the last registering user removing the (only) previous record.

with a JSONI get an exception regarding an ArrayList not being castable to a java.lang.Comparable :

2017-07-20 14:36:39,011 DEBUG [org.apereo.cas.otp.repository.credentials.BaseJsonOneTimeTokenCredentialRepository] - <Storing google authenticator account for [jon]>

2017-07-20 14:36:39,012 DEBUG [org.apereo.cas.otp.repository.credentials.BaseJsonOneTimeTokenCredentialRepository] - <Ensuring JSON repository file exists at [c:\temp\somewhere.json]>

2017-07-20 14:36:39,013 DEBUG [org.apereo.cas.otp.repository.credentials.BaseJsonOneTimeTokenCredentialRepository] - <Reading JSON repository file at [c:\temp\somewhere.json]>

2017-07-20 14:36:39,014 DEBUG [org.apereo.cas.otp.repository.credentials.BaseJsonOneTimeTokenCredentialRepository] - <Found [1] account(s) and added google authenticator account for [jon]>

2017-07-20 14:36:39,015 ERROR [org.apereo.cas.otp.repository.credentials.BaseJsonOneTimeTokenCredentialRepository] - <java.util.ArrayList cannot be cast to java.lang.Comparable>

java.lang.ClassCastException: java.util.ArrayList cannot be cast to java.lang.Comparable

anyone was succeeded in registering multiple users with either JSON or MongeDB registry? (does not seem to be the same bug though, MongoDB seems to be an issue with an initialized id, never overridden at https://github.com/apereo/cas/blob/8a7289a6e5b506bf92ad6a639cbb7f5990f0f0fc/support/cas-server-support-otp-mfa/src/main/java/org/apereo/cas/otp/repository/credentials/OneTimeTokenAccount.java#L40)

thanks.

(version 5.1.2)

Mark Klinchin

unread,

Aug 28, 2017, 4:13:13 PM8/28/17

to CAS Community

I have the same situation with CAS 5.1.3 with both JSON and MongoDB.

Somewhat related question is whether I can use container managed datasource (java:comp/env/jdbc/...) instead of database URL (with login and password) to store Google Authenticator registrations?

Thank you

Mark

Reply all

Reply to author

Forward

0 new messages