[cas-user] When a user mistakenly types a space in front of their username cas throws an unavailable error.

[Rhian Resnick]

Afternoon,

We are receiving an odd error in our 3.5.3 environment. This occurs when users login with a space character in front of there username. It causes a CAS unavailable error instead of being caught and handled in a more user friendly manner. 

Has anyone else seen similar behavior and if so how did you resolve it. Our user data is stored in LDAP and we do have a a few bits of custom code but it is called after this exception. We are also running the lppe. 

Thank you for your input and I would be happy to send more detailed configuration information if requested. 

Feb 29, 2016 2:50:49 PM org.apache.catalina.core.StandardWrapperValve invoke

SEVERE: Servlet.service() for servlet [cas] in context with path [] threw exception [Request processing failed; nested exception is org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@7937eda3 targetAction = [EvaluateAction@46d2a681 expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext), resultExpression = [null]], attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action execution attributes were 'map[[empty]]'] with root cause

org.springframework.dao.IncorrectResultSizeDataAccessException: Incorrect result size: expected 1, actual 2

at org.springframework.dao.support.DataAccessUtils.singleResult(DataAccessUtils.java:53)

at org.jasig.services.persondir.support.AbstractDefaultAttributePersonAttributeDao.getPerson(AbstractDefaultAttributePersonAttributeDao.java:80)

at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal_aroundBody0(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:68)

at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal_aroundBody1$advice(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:57)

at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:1)

at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:118)

at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:57)

at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:57)

at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1)

at sun.reflect.GeneratedMethodAccessor98.invoke(Unknown Source)

Rhian Resnick

Assistant Director Middleware and HPC

Office of Information Technology

Florida Atlantic University

777 Glades Road, CM22, Rm 173B

Boca Raton, FL 33431

Phone 561.297.2647

Fax 561.297.0222

 

--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.

[Misagh Moayyed]

Your logs show CAS is doing something with a RDBMS, possibly to get attributes. Is that the case? 

-- 
Misagh