CAS sometimes does not accept MFA code
29 views
Skip to first unread message
Vitalii
Jul 4, 2024, 6:04:25 AMJul 4
to CAS Community
Hi All,
We are using CAS of version 7.0.1 where we have added Simple Multifactor Authentication with MFA codes sent via email. It does authentication for only one app.
Second step authentication fine most of the time, but from time to time we have problem that the MFA code is not accepted despite user enters correct one from email. It seems to happen sporadically and unpredictable.
When users get into such situation and then they use standard "send code again" functionality, CAS sends them new email with the same code and usually CAS accepts the code on the second attempt, although sometimes it happens that even entering code after receiving second email fails for the same reason (and with same error in logs).
I've collected debug logs for both successful and failed cases.
We are using CAS of version 7.0.1 where we have added Simple Multifactor Authentication with MFA codes sent via email. It does authentication for only one app.
Second step authentication fine most of the time, but from time to time we have problem that the MFA code is not accepted despite user enters correct one from email. It seems to happen sporadically and unpredictable.
When users get into such situation and then they use standard "send code again" functionality, CAS sends them new email with the same code and usually CAS accepts the code on the second attempt, although sometimes it happens that even entering code after receiving second email fails for the same reason (and with same error in logs).
I've collected debug logs for both successful and failed cases.
These are logs forÂ
failed
case:
[32m2024-06-30 13:07:39,878 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:39.877981593
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:39,880 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:39.880737548
WHO: audit:unknown
WHAT: {source=RankedMultifactorAuthenticationProviderWebflowEventResolver, event=success, url=http://login.dev.domain.com/cas/login?service=https%3A%2F%2Fweb.dev.domain.com%2Fcore%2Fstart.html%3Bjsessionid%3D3EAD5D5681FD9887AA5218224C8BE87A, timestamp=2024-06-30T11:07:39.880}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:07:39,934 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-6][fragments/loginform] Deprecated unwrapped fragment expression "fragments/recaptcha :: recaptchaToken" found in template fragments/loginform, line 65, col 22. Please use the complete syntax of fragment expressions instead ("~{fragments/recaptcha :: recaptchaToken}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <User agent [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36] is authorized to proceed> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <Adaptive authentication policy has authorized client [10.1.116.4] to proceed.> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})], authentications=[])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers produced no candidate authentication handler. Using the default handler resolver instead...> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})].> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [admin-premium5] using [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Transforming credential username via [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler$$Lambda/0x00007efde197f338]> [m
[36m2024-06-30 13:07:52,647 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting to encode credential password via [org.springframework.security.crypto.password.NoOpPasswordEncoder] for [admin-premium5]> [m
Start authenticating admin-premium5 against http://premium-rest.dev.domain.com/rest
[36m2024-06-30 13:07:52,647 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting authentication internally for transformed credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
SUCCESS authenticating admin-premium5
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] successfully authenticated [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:54,371 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]].> [m
[32m2024-06-30 13:07:54,371 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.371325942
WHO: admin-premium5
WHAT: {credential=********, source=null, customFields={})], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], authenticationDate=[1719745674], authenticationMethod=[RestAuthenticationHandler], displayName=[PremiumFive], successfulAuthenticationHandlers=[RestAuthenticationHandler], origin=[tdpremium], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:54,372 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.372221353
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,373 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:54,373 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[32m2024-06-30 13:07:54,373 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.373388595
WHO: admin-premium5
WHAT: {source=String, event=mfa-simple, MultifactorAuthenticationTrigger=GlobalMultifactorAuthenticationTrigger, timestamp=2024-06-30T11:07:54.373}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=null), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [displayName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [email]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [firstName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [lastName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [origin]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [uid]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:54,377 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.377566621
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,377 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.377779279
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,378 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.378011480
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,378 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.378176234
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Created multifactor authentication token [CASMFA-9] for service [AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]})]> [m
[36m2024-06-30 13:07:54,379 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Using token [CASMFA-9] created at [2024-06-30T11:07:54.378871296Z]> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Successfully submitted token via strategy option [[SMS, PHONE, EMAIL, NOTIFICATION]] to [admin-premium5]> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-9] could not be found> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Adding token [CASMFA-9] to registry> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [CASMFA-9] in registry.> [m
[33m2024-06-30 13:07:54,463 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-1][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:08:03,493 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:08:03,493 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@92d9a7e5])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [9] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Received token [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-9, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] and principal id [admin-premium5]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-9, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] from the registry.> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Validated token [9] successfully for [admin-premium5].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [CasSimpleMultifactorAuthenticationHandler] successfully authenticated [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:08:03,498 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[CasSimpleMultifactorTokenCredential()]].> [m
[32m2024-06-30 13:08:03,498 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.498676713
WHO: 9
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,499 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.499036168
WHO: admin-premium5
WHAT: {source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=success, timestamp=2024-06-30T11:08:03.498}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,501 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.501141993
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authnContextClass=[mfa-simple], displayName=[PremiumFive], origin=[tdpremium], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], uid=[admin-premium5], firstName=[Admin], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Ticket-granting ticket expiration policy is based on hard/idle timeouts of [28800]/[7200] seconds> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Final effective time-to-live of ticket-granting ticket expiration policy is [28800] seconds> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-12-********domain.com] in registry.> [m
[32m2024-06-30 13:08:03,502 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.502038082
WHO: admin-premium5
WHAT: TGT-12-********domain.com
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,503 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,505 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.505478933
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.ticket.factory.DefaultServiceTicketFactory] - <Looking up service ticket id generator for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl]> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-12-********domain.com] in registry.> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [ST-12-********domain.com] in registry.> [m
[32m2024-06-30 13:08:03,506 INFO [org.apereo.cas.DefaultCentralAuthenticationService] - <Granted service ticket [ST-12-********domain.com] for service [https://web.dev.domain.com/core/start.html] and principal [admin-premium5]> [m
[32m2024-06-30 13:08:03,506 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.506444352
WHO: admin-premium5
WHAT: {service=https://web.dev.domain.com/core/start.html, ticketId=ST-12-********domain.com}
ACTION: SERVICE_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.authentication.principal.DefaultResponse] - <Final redirect response is [https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A?ticket=ST-12-********domain.com]> [m
[32m2024-06-30 13:08:03,563 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.562875943
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy] - <Decoded urls and comparing [https://web.dev.domain.com/core/start.html] with [https://web.dev.domain.com/core/start.html]> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,566 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,566 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,568 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.568284427
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-12-********domain.com] has expired according to policy [ServiceTicketExpirationPolicy-8ff186e1-d640-4354-aebc-30c112c360fb] after [0] seconds and [1] uses and will be removed from the ticket registry> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Cannot successfully fetch ticket [ST-12-********domain.com]> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-12-********domain.com] could not be fetched from the registry; it may have been expired and deleted.> [m
[32m2024-06-30 13:08:03,568 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.568776266
WHO: admin-premium5
WHAT: {ticket=ST-12-********domain.com, service=https://web.dev.domain.com/core/start.html}
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,569 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.569211464
WHO: admin-premium5
WHAT: {principal=admin-premium5, service=https://web.dev.domain.com/core/start.html, renew=false, gateway=false}
ACTION: PROTOCOL_SPECIFICATION_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{}]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570320175
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570526200
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570682342
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570825824
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultRequestedAuthenticationContextValidator] - <Multifactor providers eligible for validation are [[AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]]> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested context is [mfa-simple] and available contexts are [[mfa-simple]]> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested authentication context [mfa-simple] is satisfied> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - <[11] encoded attributes are available for release to [HTTPS]: [[credentialType, clientIpAddress, isFromNewLogin, authenticationDate, bypassMultifactorAuthentication, authenticationMethod, authnContextClass, successfulAuthenticationHandlers, serverIpAddress, userAgent, longTermAuthenticationRequestTokenUsed]]> [m
[36m2024-06-30 13:08:03,600 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:08:03,600 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@92d9a7e5])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [9] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-9] could not be found> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [CASMFA-9] with type [CasSimpleMultifactorAuthenticationTicket] cannot be found> [m
[1;31m2024-06-30 13:08:03,605 ERROR [org.apereo.cas.util.function.FunctionUtils] - <INVALID_TICKET
AbstractTicketRegistry.java:getTicket:123
DefaultCasSimpleMultifactorAuthenticationService.java:getMultifactorAuthenticationTicketFor:80
DefaultCasSimpleMultifactorAuthenticationService.java:fetch:61
> [m
[32m2024-06-30 13:08:03,605 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[CasSimpleMultifactorAuthenticationHandler] exception details: [INVALID_TICKET].> [m
[36m2024-06-30 13:08:03,605 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,605 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[32m2024-06-30 13:08:03,608 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.608376191
WHO: 9
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_FAILED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[1;31m2024-06-30 13:08:03,609 ERROR [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <1 errors, 0 successes
DefaultAuthenticationManager.java:evaluateFinalAuthentication:266
DefaultAuthenticationManager.java:authenticateInternal:256
DefaultAuthenticationManager.java:authenticate:72
> [m
[32m2024-06-30 13:08:03,611 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.611407577
WHO: admin-premium5
WHAT: {exception=org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes, source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=error, timestamp=2024-06-30T11:08:03.611}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:08:03,621 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-5][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
=============================================================
WHEN: 2024-06-30T11:07:39.877981593
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:39,880 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:39.880737548
WHO: audit:unknown
WHAT: {source=RankedMultifactorAuthenticationProviderWebflowEventResolver, event=success, url=http://login.dev.domain.com/cas/login?service=https%3A%2F%2Fweb.dev.domain.com%2Fcore%2Fstart.html%3Bjsessionid%3D3EAD5D5681FD9887AA5218224C8BE87A, timestamp=2024-06-30T11:07:39.880}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:07:39,934 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-6][fragments/loginform] Deprecated unwrapped fragment expression "fragments/recaptcha :: recaptchaToken" found in template fragments/loginform, line 65, col 22. Please use the complete syntax of fragment expressions instead ("~{fragments/recaptcha :: recaptchaToken}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <User agent [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36] is authorized to proceed> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <Adaptive authentication policy has authorized client [10.1.116.4] to proceed.> [m
[36m2024-06-30 13:07:52,645 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})], authentications=[])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers produced no candidate authentication handler. Using the default handler resolver instead...> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})].> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [admin-premium5] using [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:52,646 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Transforming credential username via [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler$$Lambda/0x00007efde197f338]> [m
[36m2024-06-30 13:07:52,647 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting to encode credential password via [org.springframework.security.crypto.password.NoOpPasswordEncoder] for [admin-premium5]> [m
Start authenticating admin-premium5 against http://premium-rest.dev.domain.com/rest
[36m2024-06-30 13:07:52,647 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting authentication internally for transformed credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
SUCCESS authenticating admin-premium5
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] successfully authenticated [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:54,368 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:54,369 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:54,370 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:54,371 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]].> [m
[32m2024-06-30 13:07:54,371 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.371325942
WHO: admin-premium5
WHAT: {credential=********, source=null, customFields={})], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:54,371 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], authenticationDate=[1719745674], authenticationMethod=[RestAuthenticationHandler], displayName=[PremiumFive], successfulAuthenticationHandlers=[RestAuthenticationHandler], origin=[tdpremium], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:54,372 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.372221353
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,373 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:54,373 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[32m2024-06-30 13:07:54,373 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.373388595
WHO: admin-premium5
WHAT: {source=String, event=mfa-simple, MultifactorAuthenticationTrigger=GlobalMultifactorAuthenticationTrigger, timestamp=2024-06-30T11:07:54.373}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,376 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=null), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [displayName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [email]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [firstName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [lastName]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [origin]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [uid]> [m
[36m2024-06-30 13:07:54,377 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:54,377 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.377566621
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,377 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.377779279
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,378 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.378011480
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:54,378 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:54.378176234
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:54,378 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Created multifactor authentication token [CASMFA-9] for service [AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]})]> [m
[36m2024-06-30 13:07:54,379 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Using token [CASMFA-9] created at [2024-06-30T11:07:54.378871296Z]> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Successfully submitted token via strategy option [[SMS, PHONE, EMAIL, NOTIFICATION]] to [admin-premium5]> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-9] could not be found> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Adding token [CASMFA-9] to registry> [m
[36m2024-06-30 13:07:54,406 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [CASMFA-9] in registry.> [m
[33m2024-06-30 13:07:54,463 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-1][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:08:03,493 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:08:03,493 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@92d9a7e5])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [9] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Received token [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-9, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] and principal id [admin-premium5]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-9, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] from the registry.> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Validated token [9] successfully for [admin-premium5].> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [CasSimpleMultifactorAuthenticationHandler] successfully authenticated [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,494 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,495 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:08:03,496 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,497 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:08:03,498 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:08:03,498 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[CasSimpleMultifactorTokenCredential()]].> [m
[32m2024-06-30 13:08:03,498 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.498676713
WHO: 9
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,499 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.499036168
WHO: admin-premium5
WHAT: {source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=success, timestamp=2024-06-30T11:08:03.498}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745674], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,499 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,500 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,501 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.501141993
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authnContextClass=[mfa-simple], displayName=[PremiumFive], origin=[tdpremium], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], uid=[admin-premium5], firstName=[Admin], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Ticket-granting ticket expiration policy is based on hard/idle timeouts of [28800]/[7200] seconds> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Final effective time-to-live of ticket-granting ticket expiration policy is [28800] seconds> [m
[36m2024-06-30 13:08:03,501 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-12-********domain.com] in registry.> [m
[32m2024-06-30 13:08:03,502 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.502038082
WHO: admin-premium5
WHAT: TGT-12-********domain.com
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,503 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745683], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,504 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,505 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.505478933
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,505 DEBUG [org.apereo.cas.ticket.factory.DefaultServiceTicketFactory] - <Looking up service ticket id generator for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl]> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-12-********domain.com] in registry.> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [ST-12-********domain.com] in registry.> [m
[32m2024-06-30 13:08:03,506 INFO [org.apereo.cas.DefaultCentralAuthenticationService] - <Granted service ticket [ST-12-********domain.com] for service [https://web.dev.domain.com/core/start.html] and principal [admin-premium5]> [m
[32m2024-06-30 13:08:03,506 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.506444352
WHO: admin-premium5
WHAT: {service=https://web.dev.domain.com/core/start.html, ticketId=ST-12-********domain.com}
ACTION: SERVICE_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,506 DEBUG [org.apereo.cas.authentication.principal.DefaultResponse] - <Final redirect response is [https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A?ticket=ST-12-********domain.com]> [m
[32m2024-06-30 13:08:03,563 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.562875943
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy] - <Decoded urls and comparing [https://web.dev.domain.com/core/start.html] with [https://web.dev.domain.com/core/start.html]> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,565 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,566 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,566 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,567 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745683], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:08:03,568 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.568284427
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-12-********domain.com] has expired> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-12-********domain.com] has expired according to policy [ServiceTicketExpirationPolicy-8ff186e1-d640-4354-aebc-30c112c360fb] after [0] seconds and [1] uses and will be removed from the ticket registry> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Cannot successfully fetch ticket [ST-12-********domain.com]> [m
[36m2024-06-30 13:08:03,568 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-12-********domain.com] could not be fetched from the registry; it may have been expired and deleted.> [m
[32m2024-06-30 13:08:03,568 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.568776266
WHO: admin-premium5
WHAT: {ticket=ST-12-********domain.com, service=https://web.dev.domain.com/core/start.html}
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,569 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.569211464
WHO: admin-premium5
WHAT: {principal=admin-premium5, service=https://web.dev.domain.com/core/start.html, renew=false, gateway=false}
ACTION: PROTOCOL_SPECIFICATION_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:08:03,569 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{}]> [m
[36m2024-06-30 13:08:03,570 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570320175
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570526200
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570682342
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:08:03,570 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.570825824
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultRequestedAuthenticationContextValidator] - <Multifactor providers eligible for validation are [[AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]]> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested context is [mfa-simple] and available contexts are [[mfa-simple]]> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested authentication context [mfa-simple] is satisfied> [m
[36m2024-06-30 13:08:03,571 DEBUG [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - <[11] encoded attributes are available for release to [HTTPS]: [[credentialType, clientIpAddress, isFromNewLogin, authenticationDate, bypassMultifactorAuthentication, authenticationMethod, authnContextClass, successfulAuthenticationHandlers, serverIpAddress, userAgent, longTermAuthenticationRequestTokenUsed]]> [m
[36m2024-06-30 13:08:03,600 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:08:03,600 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=3EAD5D5681FD9887AA5218224C8BE87A, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[8d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@92d9a7e5])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [9] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-9] could not be found> [m
[36m2024-06-30 13:08:03,601 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [CASMFA-9] with type [CasSimpleMultifactorAuthenticationTicket] cannot be found> [m
[1;31m2024-06-30 13:08:03,605 ERROR [org.apereo.cas.util.function.FunctionUtils] - <INVALID_TICKET
AbstractTicketRegistry.java:getTicket:123
DefaultCasSimpleMultifactorAuthenticationService.java:getMultifactorAuthenticationTicketFor:80
DefaultCasSimpleMultifactorAuthenticationService.java:fetch:61
> [m
[32m2024-06-30 13:08:03,605 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[CasSimpleMultifactorAuthenticationHandler] exception details: [INVALID_TICKET].> [m
[36m2024-06-30 13:08:03,605 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:08:03,605 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[32m2024-06-30 13:08:03,608 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.608376191
WHO: 9
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_FAILED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[1;31m2024-06-30 13:08:03,609 ERROR [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <1 errors, 0 successes
DefaultAuthenticationManager.java:evaluateFinalAuthentication:266
DefaultAuthenticationManager.java:authenticateInternal:256
DefaultAuthenticationManager.java:authenticate:72
> [m
[32m2024-06-30 13:08:03,611 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:08:03.611407577
WHO: admin-premium5
WHAT: {exception=org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes, source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=error, timestamp=2024-06-30T11:08:03.611}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:08:03,621 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-5][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------
And these are logs for successful case:
[32m2024-06-30 13:07:06,838 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:06.838473462
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:06,841 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:06.841626893
WHO: audit:unknown
WHAT: {source=RankedMultifactorAuthenticationProviderWebflowEventResolver, event=success, url=http://login.dev.domain.com/cas/login?service=https%3A%2F%2Fweb.dev.domain.com%2Fcore%2Fstart.html%3Bjsessionid%3DC5399D81E7A77AC31E4C4177089D87AD, timestamp=2024-06-30T11:07:06.841}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:07:06,905 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-10][fragments/loginform] Deprecated unwrapped fragment expression "fragments/recaptcha :: recaptchaToken" found in template fragments/loginform, line 65, col 22. Please use the complete syntax of fragment expressions instead ("~{fragments/recaptcha :: recaptchaToken}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[33m2024-06-30 13:07:10,833 WARN [org.apereo.cas.services.RegexRegisteredService] - <CAS has located a service definition type that is now tagged as [RegexRegisteredService]. This registered service definition type is deprecated and scheduled for removal and should no longer be used for CAS-enabled applications, and MUST be replaced with [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise that you update your service definitions and make the replacement to facilitate future CAS upgrades.> [m
[33m2024-06-30 13:07:10,833 WARN [org.apereo.cas.services.RegexRegisteredService] - <CAS has located a service definition type that is now tagged as [RegexRegisteredService]. This registered service definition type is deprecated and scheduled for removal and should no longer be used for CAS-enabled applications, and MUST be replaced with [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise that you update your service definitions and make the replacement to facilitate future CAS upgrades.> [m
[32m2024-06-30 13:07:10,834 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [2] service(s) from [JsonServiceRegistry].> [m
[36m2024-06-30 13:07:18,413 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <User agent [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36] is authorized to proceed> [m
[36m2024-06-30 13:07:18,413 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <Adaptive authentication policy has authorized client [10.1.116.4] to proceed.> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})], authentications=[])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
Start authenticating admin-premium5 against http://premium-rest.dev.domain.com/rest
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers produced no candidate authentication handler. Using the default handler resolver instead...> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})].> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [admin-premium5] using [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Transforming credential username via [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler$$Lambda/0x00007efde197f338]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting to encode credential password via [org.springframework.security.crypto.password.NoOpPasswordEncoder] for [admin-premium5]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting authentication internally for transformed credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
SUCCESS authenticating admin-premium5
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] successfully authenticated [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:21,023 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]].> [m
[32m2024-06-30 13:07:21,023 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.023577376
WHO: admin-premium5
WHAT: {credential=********, source=null, customFields={})], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:21,024 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:21,024 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], authenticationDate=[1719745641], authenticationMethod=[RestAuthenticationHandler], displayName=[PremiumFive], successfulAuthenticationHandlers=[RestAuthenticationHandler], origin=[tdpremium], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:21,024 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.024583666
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,025 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:21,025 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[32m2024-06-30 13:07:21,025 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.025783058
WHO: admin-premium5
WHAT: {source=String, event=mfa-simple, MultifactorAuthenticationTrigger=GlobalMultifactorAuthenticationTrigger, timestamp=2024-06-30T11:07:21.025}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,029 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,029 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=null), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [displayName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [email]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [firstName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [lastName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [origin]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [uid]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.030952042
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031200758
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031423426
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031600847
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Created multifactor authentication token [CASMFA-8] for service [AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]})]> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Using token [CASMFA-8] created at [2024-06-30T11:07:21.032439730Z]> [m
[36m2024-06-30 13:07:21,060 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Successfully submitted token via strategy option [[SMS, PHONE, EMAIL, NOTIFICATION]] to [admin-premium5]> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-8] could not be found> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Adding token [CASMFA-8] to registry> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [CASMFA-8] in registry.> [m
[33m2024-06-30 13:07:21,132 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-3][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:07:29,709 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@5faf055f])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [8] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Received token [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-8, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] and principal id [admin-premium5]> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-8, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] from the registry.> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Validated token [8] successfully for [admin-premium5].> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [CasSimpleMultifactorAuthenticationHandler] successfully authenticated [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[CasSimpleMultifactorTokenCredential()]].> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.717115961
WHO: 8
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.717387888
WHO: admin-premium5
WHAT: {source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=success, timestamp=2024-06-30T11:07:29.717}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,719 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.719111389
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authnContextClass=[mfa-simple], displayName=[PremiumFive], origin=[tdpremium], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], uid=[admin-premium5], firstName=[Admin], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Ticket-granting ticket expiration policy is based on hard/idle timeouts of [28800]/[7200] seconds> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Final effective time-to-live of ticket-granting ticket expiration policy is [28800] seconds> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-11-********domain.com] in registry.> [m
[32m2024-06-30 13:07:29,719 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.719863533
WHO: admin-premium5
WHAT: TGT-11-********domain.com
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.722971446
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.factory.DefaultServiceTicketFactory] - <Looking up service ticket id generator for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl]> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-11-********domain.com] in registry.> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [ST-11-********domain.com] in registry.> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.cas.DefaultCentralAuthenticationService] - <Granted service ticket [ST-11-********domain.com] for service [https://web.dev.domain.com/core/start.html] and principal [admin-premium5]> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.723676259
WHO: admin-premium5
WHAT: {service=https://web.dev.domain.com/core/start.html, ticketId=ST-11-********domain.com}
ACTION: SERVICE_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,724 DEBUG [org.apereo.cas.authentication.principal.DefaultResponse] - <Final redirect response is [https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD?ticket=ST-11-********domain.com]> [m
[32m2024-06-30 13:07:29,768 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.768060704
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy] - <Decoded urls and comparing [https://web.dev.domain.com/core/start.html] with [https://web.dev.domain.com/core/start.html]> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,771 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771101864
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-11-********domain.com] has expired according to policy [ServiceTicketExpirationPolicy-52e75b3f-b8a8-4bf4-9a7b-ab9f5ea12800] after [0] seconds and [1] uses and will be removed from the ticket registry> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Cannot successfully fetch ticket [ST-11-********domain.com]> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-11-********domain.com] could not be fetched from the registry; it may have been expired and deleted.> [m
[32m2024-06-30 13:07:29,771 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771568249
WHO: admin-premium5
WHAT: {ticket=ST-11-********domain.com, service=https://web.dev.domain.com/core/start.html}
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,772 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771999763
WHO: admin-premium5
WHAT: {principal=admin-premium5, service=https://web.dev.domain.com/core/start.html, renew=false, gateway=false}
ACTION: PROTOCOL_SPECIFICATION_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:29,773 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{}]> [m
[36m2024-06-30 13:07:29,773 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773154501
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773375161
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773594776
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773804279
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultRequestedAuthenticationContextValidator] - <Multifactor providers eligible for validation are [[AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]]> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested context is [mfa-simple] and available contexts are [[mfa-simple]]> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested authentication context [mfa-simple] is satisfied> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - <[11] encoded attributes are available for release to [HTTPS]: [[credentialType, clientIpAddress, isFromNewLogin, authenticationDate, bypassMultifactorAuthentication, authenticationMethod, authnContextClass, successfulAuthenticationHandlers, serverIpAddress, userAgent, longTermAuthenticationRequestTokenUsed]]> [m
=============================================================
WHEN: 2024-06-30T11:07:06.838473462
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:06,841 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:06.841626893
WHO: audit:unknown
WHAT: {source=RankedMultifactorAuthenticationProviderWebflowEventResolver, event=success, url=http://login.dev.domain.com/cas/login?service=https%3A%2F%2Fweb.dev.domain.com%2Fcore%2Fstart.html%3Bjsessionid%3DC5399D81E7A77AC31E4C4177089D87AD, timestamp=2024-06-30T11:07:06.841}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[33m2024-06-30 13:07:06,905 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-10][fragments/loginform] Deprecated unwrapped fragment expression "fragments/recaptcha :: recaptchaToken" found in template fragments/loginform, line 65, col 22. Please use the complete syntax of fragment expressions instead ("~{fragments/recaptcha :: recaptchaToken}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[33m2024-06-30 13:07:10,833 WARN [org.apereo.cas.services.RegexRegisteredService] - <CAS has located a service definition type that is now tagged as [RegexRegisteredService]. This registered service definition type is deprecated and scheduled for removal and should no longer be used for CAS-enabled applications, and MUST be replaced with [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise that you update your service definitions and make the replacement to facilitate future CAS upgrades.> [m
[33m2024-06-30 13:07:10,833 WARN [org.apereo.cas.services.RegexRegisteredService] - <CAS has located a service definition type that is now tagged as [RegexRegisteredService]. This registered service definition type is deprecated and scheduled for removal and should no longer be used for CAS-enabled applications, and MUST be replaced with [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise that you update your service definitions and make the replacement to facilitate future CAS upgrades.> [m
[32m2024-06-30 13:07:10,834 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [2] service(s) from [JsonServiceRegistry].> [m
[36m2024-06-30 13:07:18,413 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <User agent [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36] is authorized to proceed> [m
[36m2024-06-30 13:07:18,413 DEBUG [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy] - <Adaptive authentication policy has authorized client [10.1.116.4] to proceed.> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})], authentications=[])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
Start authenticating admin-premium5 against http://premium-rest.dev.domain.com/rest
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers produced no candidate authentication handler. Using the default handler resolver instead...> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})].> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,414 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [admin-premium5] using [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Transforming credential username via [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler$$Lambda/0x00007efde197f338]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting to encode credential password via [org.springframework.security.crypto.password.NoOpPasswordEncoder] for [admin-premium5]> [m
[36m2024-06-30 13:07:18,415 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting authentication internally for transformed credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
SUCCESS authenticating admin-premium5
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] successfully authenticated [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:21,020 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:21,021 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{}]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Examining credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility for authentication handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential [UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})] eligibility is [RestAuthenticationHandler] for authentication handler [true]> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:21,022 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:21,023 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[UsernamePasswordCredential(username=admin-premium5, source=null, customFields={})]].> [m
[32m2024-06-30 13:07:21,023 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.023577376
WHO: admin-premium5
WHAT: {credential=********, source=null, customFields={})], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,023 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:21,024 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:21,024 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], authenticationDate=[1719745641], authenticationMethod=[RestAuthenticationHandler], displayName=[PremiumFive], successfulAuthenticationHandlers=[RestAuthenticationHandler], origin=[tdpremium], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:21,024 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.024583666
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,025 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:21,025 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[32m2024-06-30 13:07:21,025 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.025783058
WHO: admin-premium5
WHAT: {source=String, event=mfa-simple, MultifactorAuthenticationTrigger=GlobalMultifactorAuthenticationTrigger, timestamp=2024-06-30T11:07:21.025}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,029 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,029 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=null), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [displayName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [email]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [firstName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [lastName]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [origin]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Attempting to match [bypass] against [uid]> [m
[36m2024-06-30 13:07:21,030 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.030952042
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031200758
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031423426
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:21,031 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:21.031600847
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Created multifactor authentication token [CASMFA-8] for service [AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]})]> [m
[36m2024-06-30 13:07:21,032 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Using token [CASMFA-8] created at [2024-06-30T11:07:21.032439730Z]> [m
[36m2024-06-30 13:07:21,060 DEBUG [org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] - <Successfully submitted token via strategy option [[SMS, PHONE, EMAIL, NOTIFICATION]] to [admin-premium5]> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Ticket [CASMFA-8] could not be found> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Adding token [CASMFA-8] to registry> [m
[36m2024-06-30 13:07:21,061 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [CASMFA-8] in registry.> [m
[33m2024-06-30 13:07:21,132 WARN [org.thymeleaf.standard.processor.AbstractStandardFragmentInsertionTagProcessor] - <[THYMELEAF][http-nio-8080-exec-3][simple-mfa/casSimpleMfaLoginView] Deprecated unwrapped fragment expression "fragments/mfaCodeForm :: mfaCodeForm" found in template simple-mfa/casSimpleMfaLoginView, line 44, col 26. Please use the complete syntax of fragment expressions instead ("~{fragments/mfaCodeForm :: mfaCodeForm}"). The old, unwrapped syntax for fragment expressions will be removed in future versions of Thymeleaf.> [m
[36m2024-06-30 13:07:29,709 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication credentials provided for this transaction are [[CasSimpleMultifactorTokenCredential()]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction [DefaultAuthenticationTransaction(service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), registeredService=BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[]), credentials=[CasSimpleMultifactorTokenCredential()], authentications=[org.apereo.cas.authentication.DefaultAuthentication@5faf055f])] are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,RestAuthenticationHandler,CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.AuthenticationHandlerResolver$1@76dce1f5, org.apereo.cas.authentication.AuthenticationHandlerResolver$1@51f1d486, org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver@1bfede64, org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@55d2a1b4]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@9f9c04d5, td.sso.cas.plugin.RestAuthenticationHandler@a8d05285, org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287]]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting to authenticate credential [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [RestAuthenticationHandler] does not support the credential type [CasSimpleMultifactorTokenCredential()].> [m
[36m2024-06-30 13:07:29,710 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Attempting authentication of [8] using [CasSimpleMultifactorAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Received token [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-8, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] and principal id [admin-premium5]> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket [CasSimpleMultifactorAuthenticationTicketImpl(super=CASMFA-8, service=AbstractWebApplicationService(id=https://web.dev.domain.com/core/start.html, originalUrl=https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={jakarta.servlet.http.HttpServletRequest.header-purpose=[prefetch], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-mobile=[?0], jakarta.servlet.http.HttpServletRequest.header-accept-encoding=[gzip, deflate, br, zstd], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-for=[10.1.116.4], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-site=[none], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-user=[?1], jakarta.servlet.http.HttpServletRequest.header-upgrade-insecure-requests=[1], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua-platform=["Windows"], jakarta.servlet.http.HttpServletRequest.header-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.header-priority=[u=0, i], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-proto=[https], jakarta.servlet.http.HttpServletRequest.header-accept=[text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7], jakarta.servlet.http.HttpServletRequest.localeName=[login1.dev2.dc3.domain.com], jakarta.servlet.http.HttpServletRequest.header-x-forwarded-host=[login.dev.domain.com], jakarta.servlet.http.HttpServletRequest.requestURL=[http://login.dev.domain.com/cas/login], jakarta.servlet.http.HttpServletRequest.header-accept-language=[de], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-dest=[document], jakarta.servlet.http.HttpServletRequest.header-sec-ch-ua=["Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"], jakarta.servlet.http.HttpServletRequest.requestURI=[/cas/login], service=[https://web.dev.domain.com/core/start.html], jakarta.servlet.http.HttpServletRequest.requestId=[7d], jakarta.servlet.http.HttpServletRequest.contextPath=[/cas], jakarta.servlet.http.HttpServletRequest.header-sec-purpose=[prefetch;prerender], jakarta.servlet.http.HttpServletRequest.header-user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], jakarta.servlet.http.HttpServletRequest.header-sec-fetch-mode=[navigate], jakarta.servlet.http.HttpServletRequest.httpMethod=[GET]}), properties={principal=SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})})] from the registry.> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService] - <Validated token [8] successfully for [admin-premium5].> [m
[36m2024-06-30 13:07:29,711 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authentication handler [CasSimpleMultifactorAuthenticationHandler] successfully authenticated [CasSimpleMultifactorTokenCredential()]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Final principal resolved for this authentication event is [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,712 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,713 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers for this transaction are [[org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver@2afb49da]]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication policy resolvers produced no candidate authentication policy. Using default policies> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,714 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,715 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Executing authentication policy [AtLeastOneCredentialValidatedAuthenticationPolicy]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Credential is not one of username/password and is not accepted by handler [RestAuthenticationHandler]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication metadata populators for authentication transaction> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Sorted and registered metadata populators for this transaction are [[SuccessfulHandlerMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), RememberMeAuthenticationMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), properties=org.apereo.cas.configuration.model.core.ticket.RememberMeAuthenticationProperties@17937062), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationDateAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), CredentialCustomFieldsAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648)), BaseAuthenticationMetaDataPopulator(order=-2147483648), AuthenticationContextAttributeMetaDataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, authenticationHandler=org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler@81f7b287, authenticationContextAttributeValue=mfa-simple), MultifactorAuthenticationProviderMetadataPopulator(super=BaseAuthenticationMetaDataPopulator(order=-2147483648), authenticationContextAttribute=authnContextClass, provider=org.springframework.beans.factory.support.DefaultListableBeanFactory$DependencyObjectProvider@3792bcb6, servicesManager=org.apereo.cas.services.mgmt.DefaultChainingServicesManager@2ea8f761)]]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Setting failure mode to [CLOSED] based on global policy> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator] - <Provider [mfa-simple] with failure mode [CLOSED] is overriding global mode [CLOSED]> [m
[36m2024-06-30 13:07:29,716 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Invoking authentication post processors for authentication transaction> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <Authenticated principal [admin-premium5] with attributes [{displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]}] via credentials [[CasSimpleMultifactorTokenCredential()]].> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.717115961
WHO: 8
WHAT: {credential=********()], registeredServiceId=^(https|imaps)://.*, registeredServiceName=HTTPS, service=https://web.dev.domain.com/core/start.html}
ACTION: AUTHENTICATION_SUCCESS
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,717 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.717387888
WHO: admin-premium5
WHAT: {source=FinalMultifactorAuthenticationTransactionWebflowEventResolver, event=success, timestamp=2024-06-30T11:07:29.717}
ACTION: AUTHENTICATION_EVENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[UsernamePasswordCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745641], bypassMultifactorAuthentication=[false], authenticationMethod=[RestAuthenticationHandler], successfulAuthenticationHandlers=[RestAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,717 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,718 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,719 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.719111389
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authnContextClass=[mfa-simple], displayName=[PremiumFive], origin=[tdpremium], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], uid=[admin-premium5], firstName=[Admin], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Ticket-granting ticket expiration policy is based on hard/idle timeouts of [28800]/[7200] seconds> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.expiration.builder.TicketGrantingTicketExpirationPolicyBuilder] - <Final effective time-to-live of ticket-granting ticket expiration policy is [28800] seconds> [m
[36m2024-06-30 13:07:29,719 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-11-********domain.com] in registry.> [m
[32m2024-06-30 13:07:29,719 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.719863533
WHO: admin-premium5
WHAT: TGT-11-********domain.com
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Evaluating authentication principal [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] for inclusion in result> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Collected principal attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], email=[vit...@domain.com], origin=[tdpremium]}] for inclusion in this result for principal [admin-premium5]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}]> [m
[36m2024-06-30 13:07:29,721 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Finalized authentication attributes [{credentialType=[CasSimpleMultifactorTokenCredential], clientIpAddress=[10.1.116.4], authenticationDate=[1719745649], bypassMultifactorAuthentication=[false], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], authnContextClass=[mfa-simple], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36]}] for inclusion in this authentication result> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy] - <Nominated [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})] as the primary principal> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] - <Determined primary authentication principal to be [SimplePrincipal(id=admin-premium5, attributes={displayName=[PremiumFive], email=[vit...@domain.com], firstName=[Admin], lastName=[PremiumFive], origin=[tdpremium], uid=[admin-premium5]})]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,722 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.722971446
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.factory.DefaultServiceTicketFactory] - <Looking up service ticket id generator for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl]> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [TGT-11-********domain.com] in registry.> [m
[36m2024-06-30 13:07:29,723 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Putting ticket [ST-11-********domain.com] in registry.> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.cas.DefaultCentralAuthenticationService] - <Granted service ticket [ST-11-********domain.com] for service [https://web.dev.domain.com/core/start.html] and principal [admin-premium5]> [m
[32m2024-06-30 13:07:29,723 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.723676259
WHO: admin-premium5
WHAT: {service=https://web.dev.domain.com/core/start.html, ticketId=ST-11-********domain.com}
ACTION: SERVICE_TICKET_CREATED
CLIENT IP ADDRESS: 10.1.116.4
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,724 DEBUG [org.apereo.cas.authentication.principal.DefaultResponse] - <Final redirect response is [https://web.dev.domain.com/core/start.html;jsessionid=C5399D81E7A77AC31E4C4177089D87AD?ticket=ST-11-********domain.com]> [m
[32m2024-06-30 13:07:29,768 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.768060704
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy] - <Decoded urls and comparing [https://web.dev.domain.com/core/start.html] with [https://web.dev.domain.com/core/start.html]> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,769 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.principal.RegisteredServicePrincipalAttributesRepository] - <Using [admin-premium5], no caching/update takes place for [DefaultPrincipalAttributesRepository] to add attributes [{firstName=[Admin], lastName=[PremiumFive], uid=[admin-premium5], displayName=[PremiumFive], origin=[tdpremium], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[36m2024-06-30 13:07:29,770 DEBUG [org.apereo.cas.authentication.CoreAuthenticationUtils] - <Merged attributes with the final result as [{clientIpAddress=[10.1.116.4], lastName=[PremiumFive], isFromNewLogin=[true], bypassMultifactorAuthentication=[false], authenticationDate=[1719745649], authnContextClass=[mfa-simple], displayName=[PremiumFive], successfulAuthenticationHandlers=[CasSimpleMultifactorAuthenticationHandler], origin=[tdpremium], userAgent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36], credentialType=[CasSimpleMultifactorTokenCredential], firstName=[Admin], uid=[admin-premium5], authenticationMethod=[CasSimpleMultifactorAuthenticationHandler], serverIpAddress=[192.168.201.6], longTermAuthenticationRequestTokenUsed=[false], email=[vit...@domain.com]}]> [m
[32m2024-06-30 13:07:29,771 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771101864
WHO: admin-premium5
WHAT: {result=Service Access Granted, service=https://web.dev.domain.com/core/start.html, requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] - <Ticket usage count [1] is greater than or equal to [1]. Ticket [ST-11-********domain.com] has expired> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-11-********domain.com] has expired according to policy [ServiceTicketExpirationPolicy-52e75b3f-b8a8-4bf4-9a7b-ab9f5ea12800] after [0] seconds and [1] uses and will be removed from the ticket registry> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractMapBasedTicketRegistry] - <Cannot successfully fetch ticket [ST-11-********domain.com]> [m
[36m2024-06-30 13:07:29,771 DEBUG [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Ticket [ST-11-********domain.com] could not be fetched from the registry; it may have been expired and deleted.> [m
[32m2024-06-30 13:07:29,771 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771568249
WHO: admin-premium5
WHAT: {ticket=ST-11-********domain.com, service=https://web.dev.domain.com/core/start.html}
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,772 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.771999763
WHO: admin-premium5
WHAT: {principal=admin-premium5, service=https://web.dev.domain.com/core/start.html, renew=false, gateway=false}
ACTION: PROTOCOL_SPECIFICATION_VALIDATE_SUCCESS
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.policy.AtLeastOneCredentialValidatedAuthenticationPolicy] - <Authentication policy is satisfied having found at least one authentication transactions> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Attempting to globally activate [mfa-simple]> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.mfa.trigger.GlobalMultifactorAuthenticationTrigger] - <Resolved single multifactor provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:29,772 DEBUG [org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypassEvaluator] - <Evaluating multifactor authentication bypass properties for principal [admin-premium5], service [BaseRegisteredService(serviceId=^(https|imaps)://.*, name=HTTPS, theme=null, locale=null, informationUrl=null, privacyUrl=null, templateName=null, id=10000001, description=null, expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, notifyWhenDeleted=false, notifyWhenExpired=false, expirationDate=null), ticketGrantingTicketExpirationPolicy=null, evaluationOrder=11, usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@f44eb360, logoutType=BACK_CHANNEL, environments=[], attributeReleasePolicy=ReturnAllowedAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, principalAttributesRepository=DefaultPrincipalAttributesRepository(), consentPolicy=DefaultRegisteredServiceConsentPolicy(status=UNDEFINED, excludedAttributes=null, includeOnlyAttributes=null, order=0, excludedServices=null), authorizedToReleaseCredentialPassword=false, authorizedToReleaseProxyGrantingTicket=false, excludeDefaultAttributes=false, authorizedToReleaseAuthenticationAttributes=true, principalIdAttribute=null, order=0, canonicalizationMode=NONE), allowedAttributes=[]), multifactorAuthenticationPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], failureMode=UNDEFINED, principalAttributeNameTrigger=null, principalAttributeValueToMatch=null, bypassEnabled=false, forceExecution=false, bypassTrustedDeviceEnabled=false, bypassPrincipalAttributeName=null, bypassPrincipalAttributeValue=null, script=null, bypassIfMissingPrincipalAttribute=false), publicKey=null, matchingStrategy=FullRegexRegisteredServiceMatchingStrategy(servicePattern=^(https|imaps)://.*), logo=null, logoutUrl=null, accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, caseInsensitive=false, activationCriteria=null), authenticationPolicy=DefaultRegisteredServiceAuthenticationPolicy(requiredAuthenticationHandlers=[], excludedAuthenticationHandlers=[], criteria=null), properties={}, contacts=[])] and provider [AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]> [m
[36m2024-06-30 13:07:29,773 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Locating matching attribute [bypass] with value [[^bypassAllowed$]] amongst the attribute collection [{}]> [m
[36m2024-06-30 13:07:29,773 DEBUG [org.apereo.cas.authentication.bypass.BaseMultifactorAuthenticationProviderBypassEvaluator] - <Found [0] attributes relevant for multifactor authentication bypass> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773154501
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=PrincipalMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773375161
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServiceMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773594776
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=RegisteredServicePrincipalAttributeMultifactorAuthenticationProviderBypassEvaluator}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[32m2024-06-30 13:07:29,773 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-06-30T11:07:29.773804279
WHO: admin-premium5
WHAT: {principal=admin-premium5, provider=mfa-simple, bypassed=true, source=DefaultChainingMultifactorAuthenticationBypassProvider}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS_EVALUATION
CLIENT IP ADDRESS: 192.168.201.33
SERVER IP ADDRESS: 192.168.201.6
=============================================================
> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultRequestedAuthenticationContextValidator] - <Multifactor providers eligible for validation are [[AbstractMultifactorAuthenticationProvider(bypassEvaluator=org.apereo.cas.authentication.bypass.DefaultChainingMultifactorAuthenticationBypassProvider@2fefc0a8, failureModeEvaluator=org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator@5f3bdf24, failureMode=CLOSED, id=mfa-simple, order=0)]]> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested context is [mfa-simple] and available contexts are [[mfa-simple]]> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator] - <Requested authentication context [mfa-simple] is satisfied> [m
[36m2024-06-30 13:07:29,774 DEBUG [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - <[11] encoded attributes are available for release to [HTTPS]: [[credentialType, clientIpAddress, isFromNewLogin, authenticationDate, bypassMultifactorAuthentication, authenticationMethod, authnContextClass, successfulAuthenticationHandlers, serverIpAddress, userAgent, longTermAuthenticationRequestTokenUsed]]> [m
It looks very strange for our users, when system doesn't accept correct second step authentication code. Any ideas why it could happen?
Thanks a lot in advance.
Thanks a lot in advance.
Regards
Vitalii
Reply all
Reply to author
Forward
0 new messages