PWM 5063 - A security violation has occurred - When maximum sessions duration time is reached
2,047 views
Skip to first unread message
david...@gmail.com
Jan 6, 2015, 9:02:24 AM1/6/15
to pwm-g...@googlegroups.com, david.bo...@enap.ca
What steps will reproduce the problem?
1. Login via CAS
2. CAS redirect my user to /pwm/private/SetupResponses.
(I have the same problem with all the pages)
3. Wait 300 seconds (My maximum session duration time in security config is 300 seconds.)
4. Save challenges responses.
I see the error PWM 5063 - A security violation has occurred. Please try again later.
I expect that PWM will redirect the user to the logout URL.
My version is PWM 1.7.1
Thanks
David
1. Login via CAS
2. CAS redirect my user to /pwm/private/SetupResponses.
(I have the same problem with all the pages)
3. Wait 300 seconds (My maximum session duration time in security config is 300 seconds.)
4. Save challenges responses.
I see the error PWM 5063 - A security violation has occurred. Please try again later.
I expect that PWM will redirect the user to the logout URL.
My version is PWM 1.7.1
Thanks
David
Jason Rivard
Jan 6, 2015, 6:21:12 PM1/6/15
to pwm-g...@googlegroups.com, david.bo...@enap.ca, david...@gmail.com
The logs (or the error message) will have more detail on what type of security violation occurred. Have you looked at the logs?
david...@gmail.com
Jan 7, 2015, 9:18:28 AM1/7/15
to pwm-g...@googlegroups.com, david.bo...@enap.ca, david...@gmail.com
Here is my logs :
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:2s) is longer than maximum permitted age)
2015-01-07 09:06:25, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:25, DEBUG, util.CommonUtils, safeGetParameter called on a POST HttpServletRequest for LogoutRequest. Cannot complete check safely. Reverting to standard behavior for this Parameter
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, no ticket and no assertion found
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, Constructed service url: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, redirecting to "https://myserver.com/cas2/login?service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses%3FprocessAction%3DvalidateResponses%26responseMode%3Duser%26pwmFormID%3DThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7"
2015-01-07 09:06:25, DEBUG, session.SingleSignOutHandler, Recording session for token ST-12-gonwwdcBX4unYE2sxphc-myserver.com
2015-01-07 09:06:25, DEBUG, session.HashMapBackedSessionMappingStorage, Attempting to remove Session=[D6E0E98FAFCAD0FA315A5A786533246ABC7288D3691492C32AEA75B3A7310DDB2F6A441877A668D7B43F57C51874AA39FA90145866201A8B3775552A4C4A87D5]
2015-01-07 09:06:25, DEBUG, session.HashMapBackedSessionMappingStorage, Found mapping for session. Session Removed.
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Attempting to validate ticket: ST-12-gonwwdcBX4unYE2sxphc-myserver.com
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Placing URL parameters in map.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Calling template URL attribute map.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Loading custom parameters from configuration.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Constructing validation url: https://myserver.com/cas2/serviceValidate?pgtUrl=https%3A%2F%2Fmyserver.com%2Fpwm%2FproxyCallback&ticket=ST-12-gonwwdcBX4unYE2sxphc-myserver.com&service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses%3FprocessAction%3DvalidateResponses%26responseMode%3Duser%26pwmFormID%3DThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Retrieving response from server.
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:25, DEBUG, util.CommonUtils, Received proxyGrantingTicketId [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com] for proxyGrantingTicketIou [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com]
2015-01-07 09:06:25, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Saving ProxyGrantingTicketIOU and ProxyGrantingTicket combo: [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com, TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com]
2015-01-07 09:06:25, DEBUG, util.CommonUtils, Successfully saved proxyGrantingTicketId [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com] for proxyGrantingTicketIou [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com]
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Server response:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>dboudreault</cas:user>
<cas:proxyGrantingTicket>PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com</cas:proxyGrantingTicket>
</cas:authenticationSuccess>
</cas:serviceResponse>
2015-01-07 09:06:25, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Returned ProxyGrantingTicket of [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com]
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Successfully authenticated user: dboudreault
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Redirecting after successful ticket validation.
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:2s) is longer than maximum permitted age)
2015-01-07 09:06:25, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:30, DEBUG, util.CommonUtils, safeGetParameter called on a POST HttpServletRequest for LogoutRequest. Cannot complete check safely. Reverting to standard behavior for this Parameter
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, no ticket and no assertion found
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, Constructed service url: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, redirecting to "https://myserver.com/cas2/login?service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses"
2015-01-07 09:06:30, DEBUG, session.SingleSignOutHandler, Recording session for token ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com
2015-01-07 09:06:30, DEBUG, session.HashMapBackedSessionMappingStorage, Attempting to remove Session=[D6E0E98FAFCAD0FA315A5A786533246ABC7288D3691492C32AEA75B3A7310DDB2F6A441877A668D7B43F57C51874AA39FA90145866201A8B3775552A4C4A87D5]
2015-01-07 09:06:30, DEBUG, session.HashMapBackedSessionMappingStorage, Found mapping for session. Session Removed.
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Attempting to validate ticket: ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Placing URL parameters in map.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Calling template URL attribute map.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Loading custom parameters from configuration.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Constructing validation url: https://myserver.com/cas2/serviceValidate?pgtUrl=https%3A%2F%2Fmyserver.com%2Fpwm%2FproxyCallback&ticket=ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com&service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Retrieving response from server.
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:30, DEBUG, util.CommonUtils, Received proxyGrantingTicketId [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com] for proxyGrantingTicketIou [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com]
2015-01-07 09:06:30, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Saving ProxyGrantingTicketIOU and ProxyGrantingTicket combo: [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com, TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com]
2015-01-07 09:06:30, DEBUG, util.CommonUtils, Successfully saved proxyGrantingTicketId [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com] for proxyGrantingTicketIou [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com]
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Server response:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>dboudreault</cas:user>
<cas:proxyGrantingTicket>PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com</cas:proxyGrantingTicket>
</cas:authenticationSuccess>
</cas:serviceResponse>
2015-01-07 09:06:30, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Returned ProxyGrantingTicket of [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com]
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Successfully authenticated user: dboudreault
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Redirecting after successful ticket validation.
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:30, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:6s) is longer than maximum permitted age)
2015-01-07 09:06:30, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/public/rest/app-data/client
2015-01-07 09:06:30, DEBUG, server.RestServerHelper, {9f} REST WebService Request: GET request for: /pwm/public/rest/app-data/client (no params) [172.17.102.191/]
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:2s) is longer than maximum permitted age)
2015-01-07 09:06:25, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:25, DEBUG, util.CommonUtils, safeGetParameter called on a POST HttpServletRequest for LogoutRequest. Cannot complete check safely. Reverting to standard behavior for this Parameter
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, no ticket and no assertion found
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, Constructed service url: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, authentication.AuthenticationFilter, redirecting to "https://myserver.com/cas2/login?service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses%3FprocessAction%3DvalidateResponses%26responseMode%3Duser%26pwmFormID%3DThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7"
2015-01-07 09:06:25, DEBUG, session.SingleSignOutHandler, Recording session for token ST-12-gonwwdcBX4unYE2sxphc-myserver.com
2015-01-07 09:06:25, DEBUG, session.HashMapBackedSessionMappingStorage, Attempting to remove Session=[D6E0E98FAFCAD0FA315A5A786533246ABC7288D3691492C32AEA75B3A7310DDB2F6A441877A668D7B43F57C51874AA39FA90145866201A8B3775552A4C4A87D5]
2015-01-07 09:06:25, DEBUG, session.HashMapBackedSessionMappingStorage, Found mapping for session. Session Removed.
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Attempting to validate ticket: ST-12-gonwwdcBX4unYE2sxphc-myserver.com
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Placing URL parameters in map.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Calling template URL attribute map.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Loading custom parameters from configuration.
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Constructing validation url: https://myserver.com/cas2/serviceValidate?pgtUrl=https%3A%2F%2Fmyserver.com%2Fpwm%2FproxyCallback&ticket=ST-12-gonwwdcBX4unYE2sxphc-myserver.com&service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses%3FprocessAction%3DvalidateResponses%26responseMode%3Duser%26pwmFormID%3DThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Retrieving response from server.
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:25, DEBUG, util.CommonUtils, Received proxyGrantingTicketId [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com] for proxyGrantingTicketIou [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com]
2015-01-07 09:06:25, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Saving ProxyGrantingTicketIOU and ProxyGrantingTicket combo: [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com, TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com]
2015-01-07 09:06:25, DEBUG, util.CommonUtils, Successfully saved proxyGrantingTicketId [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com] for proxyGrantingTicketIou [PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com]
2015-01-07 09:06:25, DEBUG, validation.Cas20ServiceTicketValidator, Server response:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>dboudreault</cas:user>
<cas:proxyGrantingTicket>PGTIOU-7-Nodxe3XiVmeNnws0BBVm-myserver.com</cas:proxyGrantingTicket>
</cas:authenticationSuccess>
</cas:serviceResponse>
2015-01-07 09:06:25, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Returned ProxyGrantingTicket of [TGT-10-QMS7lfG4ybxCr7yyigSYr6vB1DBGAdVFt4P2HrXLNje4bfFfEb-myserver.com]
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Successfully authenticated user: dboudreault
2015-01-07 09:06:25, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Redirecting after successful ticket validation.
2015-01-07 09:06:25, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses?processAction=validateResponses&responseMode=user&pwmFormID=ThvqeAjH2rlEZvWK6d1HtfzWAWtzDXOm14ac4b25c829x7wp7
2015-01-07 09:06:25, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:25, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:2s) is longer than maximum permitted age)
2015-01-07 09:06:25, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:30, DEBUG, util.CommonUtils, safeGetParameter called on a POST HttpServletRequest for LogoutRequest. Cannot complete check safely. Reverting to standard behavior for this Parameter
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, no ticket and no assertion found
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, Constructed service url: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, authentication.AuthenticationFilter, redirecting to "https://myserver.com/cas2/login?service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses"
2015-01-07 09:06:30, DEBUG, session.SingleSignOutHandler, Recording session for token ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com
2015-01-07 09:06:30, DEBUG, session.HashMapBackedSessionMappingStorage, Attempting to remove Session=[D6E0E98FAFCAD0FA315A5A786533246ABC7288D3691492C32AEA75B3A7310DDB2F6A441877A668D7B43F57C51874AA39FA90145866201A8B3775552A4C4A87D5]
2015-01-07 09:06:30, DEBUG, session.HashMapBackedSessionMappingStorage, Found mapping for session. Session Removed.
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Attempting to validate ticket: ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Placing URL parameters in map.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Calling template URL attribute map.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Loading custom parameters from configuration.
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Constructing validation url: https://myserver.com/cas2/serviceValidate?pgtUrl=https%3A%2F%2Fmyserver.com%2Fpwm%2FproxyCallback&ticket=ST-13-OqXPH5M5EthQSAroS9HQ-myserver.com&service=https%3A%2F%2Fmyserver.com%2Fpwm%2Fprivate%2FSetupResponses
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Retrieving response from server.
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/proxyCallback
2015-01-07 09:06:30, DEBUG, util.CommonUtils, Received proxyGrantingTicketId [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com] for proxyGrantingTicketIou [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com]
2015-01-07 09:06:30, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Saving ProxyGrantingTicketIOU and ProxyGrantingTicket combo: [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com, TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com]
2015-01-07 09:06:30, DEBUG, util.CommonUtils, Successfully saved proxyGrantingTicketId [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com] for proxyGrantingTicketIou [PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com]
2015-01-07 09:06:30, DEBUG, validation.Cas20ServiceTicketValidator, Server response:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>dboudreault</cas:user>
<cas:proxyGrantingTicket>PGTIOU-8-bDwcUip7Rix29yghNv0v-myserver.com</cas:proxyGrantingTicket>
</cas:authenticationSuccess>
</cas:serviceResponse>
2015-01-07 09:06:30, DEBUG, proxy.ProxyGrantingTicketStorageImpl, Returned ProxyGrantingTicket of [TGT-11-rBxMufV7vQeXbm2QsjviufSxXVCaY3X2ktU6lbnsOLLiIx5lxI-myserver.com]
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Successfully authenticated user: dboudreault
2015-01-07 09:06:30, DEBUG, validation.Cas20ProxyReceivingTicketValidationFilter, Redirecting after successful ticket validation.
2015-01-07 09:06:30, DEBUG, util.CommonUtils, serviceUrl generated: https://myserver.com/pwm/private/SetupResponses
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/private/SetupResponses
2015-01-07 09:06:30, ERROR, pwm.SessionFilter, 5063 ERROR_SECURITY_VIOLATION (session age (6m:6s) is longer than maximum permitted age)
2015-01-07 09:06:30, DEBUG, pwm.PwmSession, CAS assertion removed
2015-01-07 09:06:30, TRACE, session.SingleSignOutFilter, Ignoring URI /pwm/public/rest/app-data/client
2015-01-07 09:06:30, DEBUG, server.RestServerHelper, {9f} REST WebService Request: GET request for: /pwm/public/rest/app-data/client (no params) [172.17.102.191/]
Jason Rivard
Jan 12, 2015, 5:40:05 PM1/12/15
to pwm-g...@googlegroups.com, david.bo...@enap.ca, david...@gmail.com
Is this happening after 6 minutes? If so the error message is correct. I'm guessing your confusing the setting "maximum session duration" with "idle timeout" settings.
Reply all
Reply to author
Forward
0 new messages