Problem with exception in a groovy script in CAS v7.X
79 views
Skip to first unread message
Mikaël Le Bohec
Jun 21, 2024, 5:50:38 AM (8 days ago) Jun 21
to CAS Community
Hi,
In CAS v6.6.15.1 I can throw an AccountPasswordMustChangeException in a groovy script for lppe and I will get the message of "authenticationFailure.AccountPasswordMustChangeException".
But in CAS v7.0.X and v7.1.X it does not work any more, the webflow doesn't redirect to the expected page.
My groovy script is simple :
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException
def List<MessageDescriptor> run(final Object... args) {
throw new AccountPasswordMustChangeException()
}
In the logs I have this :
2024-06-19 12:58:15,807 ERROR [org.apereo.cas.util.concurrent.CasReentrantLock] - <AccountPasswordMustChangeException
IndyInterface.java:fromCache:321
lppe-strategy-throws-error.groovy:run:4
DirectMethodHandleAccessor.java:invoke:103
>
2024-06-19 12:58:15,810 ERROR [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=lehirleb, source=null, customFields={})] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
2024-06-19 12:58:15,810 ERROR [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[LdapAuthenticationHandler]: [org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException / null]>
But in CAS v7.0.X and v7.1.X it does not work any more, the webflow doesn't redirect to the expected page.
My groovy script is simple :
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException
def List<MessageDescriptor> run(final Object... args) {
throw new AccountPasswordMustChangeException()
}
In the logs I have this :
2024-06-19 12:58:15,807 ERROR [org.apereo.cas.util.concurrent.CasReentrantLock] - <AccountPasswordMustChangeException
IndyInterface.java:fromCache:321
lppe-strategy-throws-error.groovy:run:4
DirectMethodHandleAccessor.java:invoke:103
>
2024-06-19 12:58:15,810 ERROR [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=lehirleb, source=null, customFields={})] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
2024-06-19 12:58:15,810 ERROR [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[LdapAuthenticationHandler]: [org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException / null]>
Is there a new way to do it?
My goal is to redirect a user when his password is invalid and is in a special group (a group of banned users for instance).
Regards.
Ray Bon
Jun 22, 2024, 11:30:23 PM (7 days ago) Jun 22
to CAS Community
Mikaël,
Under Password Policy tab on
https://apereo.github.io/cas/7.0.x/installation/Password-Policy-Enforcement.html there are properties that do not show up in the 6.6.x docs. Perhaps some new attributes were introduced.
Ray
From: cas-...@apereo.org <cas-...@apereo.org> on behalf of Mikaël Le Bohec <mama...@gmail.com>
Sent: 21 June 2024 02:05
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Problem with exception in a groovy script in CAS v7.X
Sent: 21 June 2024 02:05
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Problem with exception in a groovy script in CAS v7.X
|
You don't often get email from mama...@gmail.com.
Learn why this is important
|
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fa2f6b46-eb70-4ea2-bb81-0ee639669ff6n%40apereo.org.
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fa2f6b46-eb70-4ea2-bb81-0ee639669ff6n%40apereo.org.
Mikaël Le Bohec
Jun 23, 2024, 4:11:52 AM (7 days ago) Jun 23
to CAS Community, Ray Bon
I don't see any new attributes on the Password Policy Tab, it's just those of the Optional tab ;-).
Reply all
Reply to author
Forward
0 new messages