[cas-user] CAS 6.4 DelegatedAuthentication Loigout error
19 views
Skip to first unread message
Juan Manuel Díaz Nevado
Aug 25, 2021, 4:24:47 AM8/25/21
to CAS Community
hi,
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/86d1928c-b794-4ae1-91a4-1055c3ca74cfn%40apereo.org.
I'm update from CAS 6.3 to 6.4 yesterday, not much changes in config and all work nice, but logout when user is auth through Azure oidc delegate auth show java exception:
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.DelegatedAuthenticationClientLogoutAction@d827673 in state 'terminateSession' of flow 'logout' -- action execution attributes were 'map[[empty]]'
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:62)
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
at org.springframework.webflow.engine.ActionList.execute(ActionList.java:154)
at org.springframework.webflow.engine.State.enter(State.java:193)
at org.springframework.webflow.engine.Flow.start(Flow.java:527)
....
....
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.ClassCastException: class java.lang.String cannot be cast to class org.pac4j.core.profile.UserProfile (java.lang.String is in module java.base of loader 'bootstrap'; org.pac4j.core.profile.UserProfile is in unnamed module of loader org.springframework.boot.loader.LaunchedURLClassLoader @25f38edc)
at org.pac4j.core.profile.ProfileManager.removeOrRenewExpiredProfiles(ProfileManager.java:90)
at org.pac4j.core.profile.ProfileManager.retrieveAll(ProfileManager.java:81)
at org.pac4j.core.profile.ProfileManager.getProfile(ProfileManager.java:48)
at org.apereo.cas.web.flow.DelegatedAuthenticationClientLogoutAction.findCurrentProfile(DelegatedAuthenticationClientLogoutAction.java:100)
at org.apereo.cas.web.flow.DelegatedAuthenticationClientLogoutAction.doPreExecute(DelegatedAuthenticationClientLogoutAction.java:49)
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:186)
at jdk.internal.reflect.GeneratedMethodAccessor149.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282)
at org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:485)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
at com.sun.proxy.$Proxy292.execute(Unknown Source)
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
... 92 more
Any thoughts are welcome, thx.
-- - Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/86d1928c-b794-4ae1-91a4-1055c3ca74cfn%40apereo.org.
Juan Manuel Díaz Nevado
Aug 26, 2021, 6:31:41 AM8/26/21
to CAS Community, Juan Manuel Díaz Nevado
Hi, in my test i realize that there is some interaction with mongo registry tickets. When I set default tickets registry or now redis ticket registry there is no problem in logout, but mongo log is set in debug and no messages are displayed.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f408792a-9a28-49e4-a8e6-993ebe2fad6en%40apereo.org.
Maybe i need to put on debug some other module than mongo, I thoght that something is broken when somethis is search for user profile.
flo13270
Mar 29, 2023, 10:15:01 AM3/29/23
to CAS Community, jdne...@gmail.com
Hi,
We encounter a similar problem.
Migration from CAS 5.3 (with Redis) to CAS 6.6 (with Mongo) broke the logout of users authenticated through OIDC.
("class java.lang.String cannot be cast to class org.pac4j.core.profile.UserProfile")
Did you finally succeed in fixing it while still using Mongo?
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/286a9aed-ac7c-4122-beb9-5e0fb80e9bf9n%40apereo.org.
We encounter a similar problem.
Migration from CAS 5.3 (with Redis) to CAS 6.6 (with Mongo) broke the logout of users authenticated through OIDC.
("class java.lang.String cannot be cast to class org.pac4j.core.profile.UserProfile")
Did you finally succeed in fixing it while still using Mongo?
Thanks,
Florian Nari,
Software developer at Paris 1 Panthéon-Sorbonne University
Juan Manuel Díaz Nevado
Mar 30, 2023, 12:05:29 PM3/30/23
to CAS Community, floria...@gmail.com, Juan Manuel Díaz Nevado
hi,
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e6496386-4314-41c2-bdbd-2a1ff6c9c43en%40apereo.org.
nope, we continue using redis for tickets registry and move to cas 6.6 now, but not try again with mongo due to we are happy with redis performance.
Cheers.
Pablo Vidaurri
Apr 18, 2024, 12:43:45 AMApr 18
to CAS Community, flo13270, jdne...@gmail.com
Did you get around this issue. Facing the same problem with Azure AD delegation but I'm using Postgres not Mongo.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/09a80b9f-1f80-47ed-b7f9-94a4d91813adn%40apereo.org.
Looks like perhaps when user profile is being saved to the session it may end up getting encrypted. On the saveAll, I see user profile in logs as plain text. But when reading user profile from session, debugger looks like it is trying to cast an encrypted string to a UserProfile object.
-psv
Pablo Vidaurri
Apr 26, 2024, 2:53:35 PMApr 26
to CAS Community, flo13270, Pablo Vidaurri, jdne...@gmail.com
Thank you for the link. I have reviewed, made slight modification to use AzureAdProfile.class instead of OidcProfile.class.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/89bcba90-9dd5-4b99-9a92-91562993ad9cn%40apereo.org.
So far looking much better.
I appreciate the assist!
-psv
On Thursday, April 25, 2024 at 6:08:58 AM UTC-5 flo13270 wrote:
Hello,
Yes, I solved the problem by modifying the file support/cas-server-support-pac4j-core-clients/src/main/java/org/apereo/cas/support/pac4j/serialization/DelegatedClientJacksonModule.java
Hope it works for you too
Reply all
Reply to author
Forward
0 new messages