ERROR integration for : CAS < - > SAML < -> WordPress
547 views
Skip to first unread message
artur miś
Aug 11, 2021, 5:23:28 AM8/11/21
to CAS Community
I have got proplem with cas 6.3.2 dockerized behind apache integration with WP via SAML. ( I didnt use to SAML so , this is my first time )
SP as WP
IdP as CAS with SAML.
Idp: htpps://IDP.example.org/casphp/idp
I have error like this :
--------------------------------
2021-08-11 06:32:50,335 ERROR
[org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/casphp].[dispatcherServlet]]
- <Servlet.service() for servlet [dispatcherServlet] in context with
path [/casphp] threw exception [Request processing failed; nested
exception is java.lang.IllegalArgumentException: SAML request could not
be determined from the authentication request] with root cause>
java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request
java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request
Service json for SAML integration:
kowalski@connect:/cas/cas12t/services$ more prg-3.json
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "https://SP.example.org/.+",
"name" : "SAMLService",
"id" : 3,
"evaluationOrder" : 10,
"metadataLocation" : "/etc/cas/metadata.xml" <- taken from WP SP and uploaded here
}
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "https://SP.example.org/.+",
"name" : "SAMLService",
"id" : 3,
"evaluationOrder" : 10,
"metadataLocation" : "/etc/cas/metadata.xml" <- taken from WP SP and uploaded here
}
build.gradle
implementation "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-metadata:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-web:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-core:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-metadata:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-web:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-saml-idp-core:${project.'cas.version'}"
cas.propierties:
cas.saml-core.ticketid-saml2=false
cas.saml-core.skew-allowance=5
cas.saml-core.issue-length=30
cas.saml-core.attribute-namespace=http://www.ja-sig.org/products/cas/
cas.saml-core.issuer=idp.example.org
cas.authn.saml-idp.entity-id=https://idp.example.org/casphp/idp
cas.authn.saml-idp.replicate-sessions=false
cas.authn.saml-idp.authentication-context-class-mappings[0]=urn:oasis:names:tc:SAML:2.0:ac:classes:SomeClassName->mfa-duo
cas.authn.saml-idp.authentication-context-class-mappings[1]=https://refeds.org/profile/mfa->mfa-gauth
cas.authn.saml-idp.attribute-friendly-names[0]=urn:oid:1.3.6.1.4.1.5923.1.1.1.6->eduPersonPrincipalName
cas.authn.saml-idp.attribute-query-profile-enabled=true
cas.authn.saml-idp.metadata.location=file:/etc/cas/saml
cas.authn.saml-idp.metadata.metadata-backup-location=
cas.authn.saml-idp.metadata.cache-expiration-minutes=30
cas.authn.saml-idp.metadata.fail-fast=true
cas.authn.saml-idp.metadata.private-key-alg-name=RSA
cas.authn.saml-idp.metadata.require-valid-metadata=true
cas.authn.saml-idp.metadata.force-metadata-refresh=true
cas.saml-core.skew-allowance=5
cas.saml-core.issue-length=30
cas.saml-core.attribute-namespace=http://www.ja-sig.org/products/cas/
cas.saml-core.issuer=idp.example.org
cas.authn.saml-idp.entity-id=https://idp.example.org/casphp/idp
cas.authn.saml-idp.replicate-sessions=false
cas.authn.saml-idp.authentication-context-class-mappings[0]=urn:oasis:names:tc:SAML:2.0:ac:classes:SomeClassName->mfa-duo
cas.authn.saml-idp.authentication-context-class-mappings[1]=https://refeds.org/profile/mfa->mfa-gauth
cas.authn.saml-idp.attribute-friendly-names[0]=urn:oid:1.3.6.1.4.1.5923.1.1.1.6->eduPersonPrincipalName
cas.authn.saml-idp.attribute-query-profile-enabled=true
cas.authn.saml-idp.metadata.location=file:/etc/cas/saml
cas.authn.saml-idp.metadata.metadata-backup-location=
cas.authn.saml-idp.metadata.cache-expiration-minutes=30
cas.authn.saml-idp.metadata.fail-fast=true
cas.authn.saml-idp.metadata.private-key-alg-name=RSA
cas.authn.saml-idp.metadata.require-valid-metadata=true
cas.authn.saml-idp.metadata.force-metadata-refresh=true
CAS has got generated metadata file:
<EntityDescriptor entityID="https://IDP.example.org/casphp/idp">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">example.org</shibmd:Scope>
<shibmd:Scope regexp="false">sth.example.org</shibmd:Scope>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">xxxx</mdui:DisplayName>
<mdui:Description xml:lang="en">
xxxx
</mdui:Description>
<mdui:InformationURL xml:lang="en">https://example.org</mdui:InformationURL>
<mdui:DisplayName xml:lang="pl">xxx</mdui:DisplayName>
<mdui:Description xml:lang="pl">
xxx
</mdui:Description>
<mdui:Logo height="auto" width="320px">
https://IDP.example.org/casphp/images/hggg.svg"
</mdui:Logo>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
sthhhhhhhhhhhhhhhhh
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
sthhhhhhhhhhhhh
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST/SLO"/>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST-SimpleSign/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://IDP.example.org/casphp/idp/profile/SAML2/Redirect/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://IDP.example.org/casphp/idp/profile/SAML2/SOAP/ECP"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">xxxx</OrganizationName>
<OrganizationDisplayName xml:lang="en">xxxx</OrganizationDisplayName>
<OrganizationURL xml:lang="en">URL</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
<GivenName>xxxx</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
<ContactPerson contactType="technical">
<GivenName>xxxxx</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
<ContactPerson contactType="support">
<GivenName>IT Services Support</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
</EntityDescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">example.org</shibmd:Scope>
<shibmd:Scope regexp="false">sth.example.org</shibmd:Scope>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">xxxx</mdui:DisplayName>
<mdui:Description xml:lang="en">
xxxx
</mdui:Description>
<mdui:InformationURL xml:lang="en">https://example.org</mdui:InformationURL>
<mdui:DisplayName xml:lang="pl">xxx</mdui:DisplayName>
<mdui:Description xml:lang="pl">
xxx
</mdui:Description>
<mdui:Logo height="auto" width="320px">
https://IDP.example.org/casphp/images/hggg.svg"
</mdui:Logo>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
sthhhhhhhhhhhhhhhhh
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
sthhhhhhhhhhhhh
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST/SLO"/>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://IDP.example.org/casphp/idp/profile/SAML2/POST-SimpleSign/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://IDP.example.org/casphp/idp/profile/SAML2/Redirect/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://IDP.example.org/casphp/idp/profile/SAML2/SOAP/ECP"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">xxxx</OrganizationName>
<OrganizationDisplayName xml:lang="en">xxxx</OrganizationDisplayName>
<OrganizationURL xml:lang="en">URL</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
<GivenName>xxxx</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
<ContactPerson contactType="technical">
<GivenName>xxxxx</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
<ContactPerson contactType="support">
<GivenName>IT Services Support</GivenName>
<EmailAddress>xxxx</EmailAddress>
</ContactPerson>
</EntityDescriptor>
kowalski@connect:/cas/logs/cas12t$ tail -f cas.log
2021-08-11 06:04:29,377 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:09:29,377 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:14:29,378 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:19:29,378 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:24:29,378 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:29:29,378 INFO [org.opensaml.saml.common.binding.artifact.impl.BasicSAMLArtifactMap] - <Running cleanup task>
2021-08-11 06:31:26,636 DEBUG [org.opensaml.messaging.decoder.servlet.BaseHttpServletRequestXMLMessageDecoder] - <Beginning to decode message from HttpServletRequest>
2021-08-11 06:31:26,636 DEBUG [org.opensaml.messaging.decoder.servlet.BaseHttpServletRequestXMLMessageDecoder] - <HttpServletRequest indicated Content-Type: null>
2021-08-11 06:31:26,636 DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder] - <Decoded RelayState: https://SP.example.org/>
2021-08-11 06:31:26,636 DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder] - <Base64 decoding and inflating SAML message>
2021-08-11 06:31:26,638 DEBUG [org.opensaml.core.xml.util.XMLObjectSupport] - <Parsing InputStream into DOM document>
2021-08-11 06:31:26,700 DEBUG [org.opensaml.core.xml.util.XMLObjectSupport] - <Unmarshalling DOM parsed from InputStream>
2021-08-11 06:31:26,702 DEBUG [org.opensaml.core.xml.util.XMLObjectSupport] - <InputStream succesfully unmarshalled>
2021-08-11 06:31:26,702 DEBUG [org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder] - <Decoded SAML message>
2021-08-11 06:31:26,702 DEBUG [org.opensaml.core.xml.util.XMLObjectSupport] - <Marshalling XMLObject>
2021-08-11 06:31:26,702 DEBUG [org.opensaml.core.xml.util.XMLObjectSupport] - <XMLObject already had cached DOM, returning that element>
2021-08-11 06:31:26,730 DEBUG [PROTOCOL_MESSAGE] - <
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
AssertionConsumerServiceURL="https://SP.example.org/"
ID="_e30c5e2c9e35f2aaf3781c0c8f36efded1d3e8d8bd"
IssueInstant="2021-08-11T06:31:27Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/</saml:Issuer>
</samlp:AuthnRequest>
>
2021-08-11 06:31:26,730 DEBUG [org.opensaml.messaging.decoder.servlet.BaseHttpServletRequestXMLMessageDecoder] - <Successfully decoded message from HttpServletRequest.>
2021-08-11 06:31:26,737 WARN [org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.BaseSamlRegisteredServiceMetadataResolver] - <No metadata signature location is defined for [/etc/cas/metadata.xml], so SignatureValidationFilter will not be invoked>
2021-08-11 06:31:26,744 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Applying metadata filter>
2021-08-11 06:31:26,744 DEBUG [org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain] - <Applying filter org.opensaml.saml.metadata.resolver.filter.impl.EntityRoleFilter>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Metadata backing store does not contain any EntityDescriptors with the ID: https://SP.example.org/.+>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/.+]>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Candidates iteration was empty, nothing to filter via predicates>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Metadata backing store does not contain any EntityDescriptors with the ID: https://SP.example.org/.+>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 0 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/.+]>
2021-08-11 06:31:26,745 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Candidates iteration was empty, nothing to filter via predicates>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,757 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,780 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,780 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,780 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,793 WARN [javax.persistence.spi] - <javax.persistence.spi::No valid providers found.>
2021-08-11 06:31:26,798 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,798 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,798 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,801 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: [event=success,timestamp=Wed Aug 11 06:31:26 GMT 2021,source=RankedMultifactorAuthenticationProviderWebflowEventResolver]
ACTION: AUTHENTICATION_EVENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 06:31:26 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:31:26,803 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,803 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,803 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,805 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:26,863 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:26,864 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:26,864 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:31:27,868 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:31:27,868 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:31:27,869 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
Wpisanie chasla w cas....
2021-08-11 06:32:50,054 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,054 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,054 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,096 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,096 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,096 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,245 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,245 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,245 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,272 INFO [org.ldaptive.auth.Authenticator] - <Authentication succeeded for dn: CN=kowalski,OU=War,OU=ECI,OU=ROOT EXAMPLE,DC=example,DC=org>
2021-08-11 06:32:50,274 WARN [org.apereo.cas.authentication.attribute.PrincipalAttributeRepositoryFetcher] - <No person records were fetched from attribute repositories for [{principal=kowalski, mail=[kowa...@example.org], username=kowalski}]>
2021-08-11 06:32:50,275 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,275 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,276 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,277 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,277 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,277 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,279 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,279 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,280 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,281 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,281 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,281 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,282 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: Supplied credentials: [UsernamePasswordCredential(username=kowalski, source=null, customFields={})]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,284 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: [result=Service Access Granted,service=https://IDP.example.org/casphp/idp...,principal=SimplePrincipal(id=kowalski, attributes={mail=[kowa...@example.org]}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,285 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,285 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,286 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,287 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,287 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,287 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,289 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,289 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,289 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,291 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,291 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,291 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,293 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,293 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,293 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,294 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,294 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,294 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,296 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,296 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,296 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,298 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,298 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,299 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,300 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,300 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,300 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,302 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,302 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,302 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,304 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,304 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,304 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,306 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,306 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,306 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,309 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,309 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,309 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,310 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: [result=Service Access Granted,service=https://SP.example.org/wp-content/plu...,principal=SimplePrincipal(id=kowalski, attributes={mail=[kowa...@example.org]}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,311 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,311 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,311 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,312 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: TGT-3-*****a708-cd6Ek-d9b66f41c552
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,317 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,317 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,317 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,319 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,319 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,319 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,320 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: [result=Service Access Granted,service=https://SP.example.org/wp-content/plu...,requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,321 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=https://SP.example.org/wp-content/plugins/miniorange-saml-20-single-sign-on/]>
2021-08-11 06:32:50,321 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
2021-08-11 06:32:50,321 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: After predicate filtering 1 EntityDescriptors remain>
2021-08-11 06:32:50,322 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: ST-3-2PrDPrkkHrTQ8PXLAwFyj6nef4M-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=https%3A%2F%2FSP.example.org%2Fwp-content%2Fplugins%...
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 06:32:50,335 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/casphp].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/casphp] threw exception [Request processing failed; nested exception is java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request] with root cause>
java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request
at org.apereo.cas.support.saml.web.idp.profile.AbstractSamlIdPProfileHandlerController.retrieveSamlAuthenticationRequestFromHttpRequest(AbstractSamlIdPProfileHandlerController.java:155) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerController.handleCallbackProfileRequest(SSOSamlIdPProfileCallbackHandlerController.java:88) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerController$$EnhancerBySpringCGLIB$$c9e34f25.handleCallbackProfileRequest(<generated>) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:878) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:792) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:645) ~[javax.servlet-api-4.0.1.jar!/:4.0.1]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:750) ~[javax.servlet-api-4.0.1.jar!/:4.0.1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28) ~[cas-server-core-web-api-6.3.2.jar!/:6.3.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:401) ~[cas-server-core-web-api-6.3.2.jar!/:6.3.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:200) ~[cas-server-core-web-api-6.3.2.jar!/:6.3.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:64) ~[cas-server-core-web-api-6.3.2.jar!/:6.3.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:204) ~[spring-security-web-5.4.2.jar!/:5.4.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) ~[spring-security-web-5.4.2.jar!/:5.4.2]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:93) ~[spring-boot-actuator-2.3.7.RELEASE.jar!/:2.3.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99) ~[cas-server-core-logging-6.3.2.jar!/:6.3.2]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) ~[inspektr-common-1.8.10.GA.jar!/:1.8.10.GA]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:764) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:346) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:887) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1684) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.43.jar!/:9.0.43]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) ~[?:?]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util-9.0.43.jar!/:9.0.43]
at java.lang.Thread.run(Unknown Source) [?:?]
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2022-10-28T23:59:59Z" cacheDuration="PT1446808792S" entityID="https://SP.example.org/wp-content/plugins/mini
orange-saml-20-single-sign-on/">
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://SP.example.org/" index="1"/>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en-US">miniOrange</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en-US">miniOrange</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en-US">http://miniorange.com</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>miniOrange</md:GivenName>
<md:EmailAddress>in...@xecurify.com</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:GivenName>miniOrange</md:GivenName>
<md:EmailAddress>in...@xecurify.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
---------------------------------------------
artur miś
Aug 11, 2021, 9:08:50 AM8/11/21
to CAS Community, artur miś
on the other hand i dont know why ST is generated for Idp . In standartd cas protocol i think ST is generated for service SP.example.org..... Why did it hapen that ST is for Idp ? Is it ok ?
=============================================================
WHO: kowalski
WHAT: ST-3-2PrDPrkkHrTQ8PXLAwFyj6nef4M-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=https%3A%2F%2FSP.example.org%2Fwp-content%2Fplugins%...
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
WHO: kowalski
WHAT: ST-3-2PrDPrkkHrTQ8PXLAwFyj6nef4M-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=https%3A%2F%2FSP.example.org%2Fwp-content%2Fplugins%...
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 06:32:50 GMT 2021
CLIENT IP ADDRESS: IP_win_PC_clent_webbrowser
SERVER IP ADDRESS: 172.17.0.3
=============================================================
artur miś
Aug 11, 2021, 11:33:52 AM8/11/21
to CAS Community, artur miś
According to NEW SCHOOL i have added 1 backself service :
her@coonect:/cas/cas12t/services$ more prgcallback-5.json
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "https://idp.exampe.orgl/casphp/idp/profile/SAML2/Callback.*",
"name" : "SAML AUTH REQUEST",
"id" : 5,
"evaluationOrder" : 10
}
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "https://idp.exampe.orgl/casphp/idp/profile/SAML2/Callback.*",
"name" : "SAML AUTH REQUEST",
"id" : 5,
"evaluationOrder" : 10
}
and modif SP service
her@connect:/cas/cas12t/services$ more prg-3.json
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "php-saml",
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "php-saml",
"name" : "SAMLService",
"id" : 3,
Result litle bit better but still ST has not been sended back to WP:
2021-08-11 15:12:12,961 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: ST-1-nsNIn4-vkZe-LxO63rM2ybdvw4c-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=php-saml
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:12 GMT 2021
CLIENT IP ADDRESS: WEB_CLINET_FIREFOX
=============================================================
WHO: kowalski
WHAT: ST-1-nsNIn4-vkZe-LxO63rM2ybdvw4c-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=php-saml
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:12 GMT 2021
CLIENT IP ADDRESS: WEB_CLINET_FIREFOX
SERVER IP ADDRESS: 172.17.0.3
=============================================================
2021-08-11 15:12:13,172 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: [result=Service Access Granted,service=php-saml,principal=SimplePrincipal(id=kowalski, attributes={}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: 172.17.0.3
=============================================================
WHO: audit:unknown
WHAT: [result=Service Access Granted,service=php-saml,principal=SimplePrincipal(id=kowalski, attributes={}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: 172.17.0.3
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 15:12:13,177 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: kowalski
WHAT: ST-1-nsNIn4-vkZe-LxO63rM2ybdvw4c-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=php-saml
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: 172.17.0.3
=============================================================
WHO: kowalski
WHAT: ST-1-nsNIn4-vkZe-LxO63rM2ybdvw4c-d9b66f41c552 for https://IDP.example.org/casphp/idp/profile/SAML2/Callback?entityId=php-saml
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: 172.17.0.3
SERVER IP ADDRESS: 172.17.0.3
=============================================================
2021-08-11 15:12:13,808 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: For input string: "auto"
ACTION: SAML2_RESPONSE_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: WEB_CLINET_FIREFOX
=============================================================
WHO: audit:unknown
WHAT: For input string: "auto"
ACTION: SAML2_RESPONSE_CREATED
APPLICATION: CAS
WHEN: Wed Aug 11 15:12:13 GMT 2021
CLIENT IP ADDRESS: WEB_CLINET_FIREFOX
SERVER IP ADDRESS: 172.17.0.3
=============================================================
>
2021-08-11 15:12:13,817 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/casphp].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/casphp] threw exception [Request processing failed; nested exception is java.lang.NumberFormatException: For input string: "auto"] with root cause>
java.lang.NumberFormatException: For input string: "auto"
at java.lang.NumberFormatException.forInputString(Unknown Source) ~[?:?]
at java.lang.Integer.parseInt(Unknown Source) ~[?:?]
at java.lang.Integer.valueOf(Unknown Source) ~[?:?]
2021-08-11 15:17:45,322 WARN [org.apereo.cas.logout.slo.BaseSingleLogoutServiceMessageHandler] - <Logout message is not sent to [AbstractWebApplicationService(id=php-saml, originalUrl=php-saml, artifactId=null, principal=kowalski, source=service, loggedOutAlready=false, format=XML, attributes={entityId=[php-saml]})]; Continuing processing...>
2021-08-11 15:17:45,323 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=php-saml]>
2021-08-11 15:17:45,323 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
Can you help me ?
java.lang.NumberFormatException: For input string: "auto"
at java.lang.NumberFormatException.forInputString(Unknown Source) ~[?:?]
at java.lang.Integer.parseInt(Unknown Source) ~[?:?]
at java.lang.Integer.valueOf(Unknown Source) ~[?:?]
2021-08-11 15:17:45,322 WARN [org.apereo.cas.logout.slo.BaseSingleLogoutServiceMessageHandler] - <Logout message is not sent to [AbstractWebApplicationService(id=php-saml, originalUrl=php-saml, artifactId=null, principal=kowalski, source=service, loggedOutAlready=false, format=XML, attributes={entityId=[php-saml]})]; Continuing processing...>
2021-08-11 15:17:45,323 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Resolved 1 candidates via EntityIdCriterion: EntityIdCriterion [id=php-saml]>
2021-08-11 15:17:45,323 DEBUG [org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver] - <Metadata Resolver InMemoryResourceMetadataResolver org.apereo.cas.support.saml.InMemoryResourceMetadataResolver: Attempting to filter candidate EntityDescriptors via resolved Predicates>
Can you help me ?
artur miś
Aug 12, 2021, 10:53:22 AM8/12/21
to CAS Community, artur miś
ERRORs upadate: ( i will give up i will focus in Shibbo app to support SAML ) I dont undestand this logs
021-08-12 14:05:51,400 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: For input string: "auto"
ACTION: SAML2_RESPONSE_CREATED
APPLICATION: CAS
WHEN: Thu Aug 12 14:05:51 GMT 2021WHO: audit:unknown
WHAT: For input string: "auto"
ACTION: SAML2_RESPONSE_CREATED
APPLICATION: CAS
CLIENT IP ADDRESS: windows_browser_client
SERVER IP ADDRESS: 172.17.0.3 <-docker idp container
=============================================================
>
2021-08-12 14:05:51,401 DEBUG [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the received exception [java.lang.NumberFormatException: For input string: "auto"] due to a type mismatch with handler [org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerController#handleCallbackProfileRequest(HttpServletResponse, HttpServletRequest)]>
2021-08-12 14:05:51,401 DEBUG [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the received exception [java.lang.NumberFormatException: For input string: "auto"] due to a type mismatch with handler [org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerController#handleCallbackProfileRequest(HttpServletResponse, HttpServletRequest)]>
2021-08-12 14:05:51,404 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/casphp].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/casphp] threw exception [Request processing failed; nested exception is java.lang.NumberFormatException: For input string: "auto"] with root cause>
java.lang.NumberFormatException: For input string: "auto"
at java.lang.NumberFormatException.forInputString(Unknown Source) ~[?:?]
at java.lang.Integer.parseInt(Unknown Source) ~[?:?]
at java.lang.Integer.valueOf(Unknown Source) ~[?:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshallAttribute(AbstractXMLObjectUnmarshaller.java:224) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:116) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:337) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:128) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:337) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:128) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:337) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:128) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:337) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:128) ~[opensaml-core-4.0.1.jar!/:?]
at org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver.initMetadataResolver(DOMMetadataResolver.java:68) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver.initMetadataResolver(SamlIdPMetadataResolver.java:64) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver.doInitialize(AbstractMetadataResolver.java:289) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at net.shibboleth.utilities.java.support.component.AbstractInitializableComponent.initialize(AbstractInitializableComponent.java:65) ~[java-support-8.1.0.jar!/:?]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver.resolveMetadata(SamlIdPMetadataResolver.java:82) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver.lambda$resolve$0(SamlIdPMetadataResolver.java:55) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.jooq.lambda.Unchecked.lambda$function$21(Unchecked.java:878) ~[jool-0.9.14.jar!/:?]
at java.util.stream.ReferencePipeline$3$1.accept(Unknown Source) ~[?:?]
at java.util.ArrayList$ArrayListSpliterator.tryAdvance(Unknown Source) ~[?:?]
at java.util.stream.ReferencePipeline.forEachWithCancel(Unknown Source) ~[?:?]
at java.util.stream.AbstractPipeline.copyIntoWithCancel(Unknown Source) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(Unknown Source) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source) ~[?:?]
at java.util.stream.FindOps$FindOp.evaluateSequential(Unknown Source) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(Unknown Source) ~[?:?]
at java.util.stream.ReferencePipeline.findFirst(Unknown Source) ~[?:?]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver.resolve(SamlIdPMetadataResolver.java:57) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver.resolve(SamlIdPMetadataResolver.java:33) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataResolver$$FastClassBySpringCGLIB$$f117f08a.invoke(<generated>) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.retry.support.RetryTemplate.doExecute(RetryTemplate.java:329) ~[spring-retry-1.3.0.jar!/:?]
at org.springframework.retry.support.RetryTemplate.execute(RetryTemplate.java:209) ~[spring-retry-1.3.0.jar!/:?]
at org.springframework.retry.interceptor.RetryOperationsInterceptor.invoke(RetryOperationsInterceptor.java:119) ~[spring-retry-1.3.0.jar!/:?]
at org.springframework.retry.annotation.AnnotationAwareRetryOperationsInterceptor.invoke(AnnotationAwareRetryOperationsInterceptor.java:163) ~[spring-retry-1.3.0.jar!/:?]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver.resolve(PredicateRoleDescriptorResolver.java:260) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver.resolve(PredicateRoleDescriptorResolver.java:73) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataCredentialResolver.getRoleDescriptors(SamlIdPMetadataCredentialResolver.java:29) ~[cas-server-support-saml-idp-core-6.3.2.jar!/:6.3.2]
at org.opensaml.saml.security.impl.MetadataCredentialResolver.resolveFromMetadata(MetadataCredentialResolver.java:289) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at org.opensaml.saml.security.impl.MetadataCredentialResolver.resolveFromSource(MetadataCredentialResolver.java:214) ~[opensaml-saml-impl-4.0.1.jar!/:?]
at org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver.resolve(AbstractCriteriaFilteringCredentialResolver.java:62) ~[opensaml-security-impl-4.0.1.jar!/:?]
at org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.getSignatureSigningConfiguration(SamlIdPObjectSigner.java:258) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.buildSignatureSigningParameters(SamlIdPObjectSigner.java:201) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.prepareSecurityParametersContext(SamlIdPObjectSigner.java:164) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.encode(SamlIdPObjectSigner.java:103) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:95) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:38) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder.build(BaseSamlProfileSamlResponseBuilder.java:64) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder$$FastClassBySpringCGLIB$$f1322d9c.invoke(<generated>) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:135) ~[inspektr-audit-1.8.10.GA.jar!/:1.8.10.GA]
at jdk.internal.reflect.GeneratedMethodAccessor126.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:633) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:175) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at com.sun.proxy.$Proxy222.build(Unknown Source) ~[?:?]
at org.apereo.cas.support.saml.web.idp.profile.AbstractSamlIdPProfileHandlerController.buildSamlResponse(AbstractSamlIdPProfileHandlerController.java:436) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerController.handleCallbackProfileRequest(SSOSamlIdPProfileCallbackHandlerController.java:108) ~[cas-server-support-saml-idp-web-6.3.2.jar!/:6.3.2]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) ~[spring-cloud-context-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:78) ~[spring-security-web-5.4.2.jar!/:5.4.2]
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:67) ~[spring-security-web-5.4.2.jar!/:5.4.2]
artur miś
Aug 12, 2021, 12:29:43 PM8/12/21
to CAS Community, artur miś
I have add like Mr Andy Ng has mensioned in other post, one option to services : "signResponses": false, and SP redirected me like before to IDP but after appiled credential in CAS IdP i was redirected to WP (no errors in web IDP login page) , but in WP i can see:
"No Signature found. SAML Response rejected
There was at least one error processing the SAML Response: invalid_response
Contact the administrator"
There was at least one error processing the SAML Response: invalid_response
Contact the administrator"
I have to mension also the if error ocured ( before i had added
signResponses": false
) i was logged too but not redirected to SP i had chcecked by going directy to cas/login without services.
So what must i do to solve this issue ? What does it mean ? ( i'm litle bit finished. )
I can see also that after same time in debug mode:
2021-08-12 16:02:52,514 ERROR [org.apereo.cas.logout.slo.BaseSingleLogoutServiceMessageHandler] - <For input string: "auto">
Ray Bon
Aug 26, 2021, 4:26:12 PM8/26/21
to cas-...@apereo.org, artur...@gmail.com
Artur,
When cas returns a protocol other than the CAS protocol, it logs into itself first, then prepares the external protocol (in your case, saml).
Ray
On Wed, 2021-08-11 at 06:08 -0700, artur miś wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
Reply all
Reply to author
Forward
0 new messages