Auditing code look up ticket after it is already deleted, why?

[Yan Zhou]

Hi, 

This is CAS 4.1.7 overlay app.

I do not know if I missed something, the auditing code cannot find the ticket, because it is looking it up after it is already deleted.  But i have not changed anything as far as auditing is concerned. 

Yan

2016-05-19 13:21:48,795 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: https://intcas.dev.medplus.com/cas-admin/j_spring_cas_security_check>

2016-05-19 13:21:48,803 DEBUG [org.jasig.cas.ticket.registry.MemCacheTicketRegistry] - <Updating ticket ST-1-7ofsFTmc9Kh43zqSWjWo-dcasde01.dev.medplus.com>

2016-05-19 13:21:48,808 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attribute policy [org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy@3ae91ec[attributeFilter=<null>,principalAttributesRepository=org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository@39ee1ed7[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,allowedAttributes=[]]] is associated with service [id=128,name=cas-admin,description=cas-admin,serviceId=^https?://[\w\._-]+\.(qdx|questdiagnostics|medplus|care360|care180|cin\.mp-emaxx)\.com(:\d+)?/(cas-admin.*|care360-admin.*)|^http://(localhost|10\.0\.2\.2):\d+(/cas-admin.*|/care360-admin.*|/j_spring_cas_security.*)?,usernameAttributeProvider=org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=casadmin,evaluationOrder=2,logoutType=BACK_CHANNEL,attributeReleasePolicy=org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy@3ae91ec[attributeFilter=<null>,principalAttributesRepository=org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository@39ee1ed7[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,allowedAttributes=[]],accessStrategy=org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy@70b6e8dc[enabled=true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={},startingDateTime=<null>,endingDateTime=<null>,unauthorizedRedirectUrl=<null>,caseInsensitive=false],publicKey=<null>,proxyPolicy=org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy@3b807dcb,logo=<null>,logoutUrl=<null>,requiredHandlers=[],properties={},<null>]>

2016-05-19 13:21:48,830 DEBUG [org.jasig.cas.ticket.registry.MemCacheTicketRegistry] - <Deleting ticket ST-1-7ofsFTmc9Kh43zqSWjWo-dcasde01.dev.medplus.com>

2016-05-19 13:21:48,833 DEBUG [org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver] - <Resolving argument [String] for audit>

2016-05-19 13:21:48,835 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Ticket [ST-1-7ofsFTmc9Kh43zqSWjWo-dcasde01.dev.medplus.com] by type [Ticket] cannot be found in the ticket registry.>

2016-05-19 13:21:48,838 DEBUG [org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver] - <Could not locate ticket [ST-1-7ofsFTmc9Kh43zqSWjWo-dcasde01.dev.medplus.com] in the registry>

2016-05-19 13:21:48,838 DEBUG [org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver] - <Unable to determine the audit argument. Returning [audit:unknown]>

2016-05-19 13:21:48,839 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: audit:unknown

WHAT: ST-1-7ofsFTmc9Kh43zqSWjWo-dcasde01.dev.medplus.com

ACTION: SERVICE_TICKET_VALIDATED

APPLICATION: CAS

[Misagh Moayyed]

It’s likely because the auditing code gets its hand on the final operation result AFTER it’s done, and the operation deletes the ticket.

 

Something to look into, if you want to submit an issue.

 

--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ff42aabe-1542-4875-8178-58deaed1c0e0%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.