Here is an update on this post. We had too much customization invested in 5.0 to consider 5.1, and we found that the cas/proxy was broke on 5.0.5 and 5.0.6, but worked in 5.0.5, so we fell back to 5.0.5. I've been too busy to formally report this issue to the project and will do so soon.
Duane On Tuesday, July 25, 2017 at 10:19:10 AM UTC-7, Duane Booher wrote: > > We have a cas/proxy failure which is blocking our CAS 5.0.6/5.0.7 > production deployment. This sequence below works for our existing CAS 4.0.3 > system. > > > 1. > https://cas-server.nau.edu/cas/login?service=https://my-app.nau.edu/mail/ > > > SUCCESS: > https://my-app.nau.edu/mail/?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu > > > > 2. > https://cas-server.nau.edu/cas/serviceValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/ > > > SUCCESS response. > > > > 3. > https://cas-server.nau.edu/cas/proxyValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/&pgtUrl=https://cas-server.nau.edu/callback > > > SUCCESS response: userid > PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu > > false true 2017-07-25T09:41:06.053-07:00[US/Arizona] > LdapAuthenticationHandler LdapAuthenticationHandler > > > > 4. tail -f localhost_access_log.2017-07-25.txt |grep -i pgtId= > > > "GET /callback?pgtIou= > PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu > &pgtId= > PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu > HTTP/1.1" 200 58 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_121)" > > > > 5. > https://cas-server.nau.edu/cas/proxy?targetService=https://my-app.nau.edu/mail/&pgt=PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu > > > FAILURE: url status code 500 > > > > 6. The corresponding catalina-daemon.out shows a null returned from > getTargetService(ProxyController.java:102) > > > 2017-07-25 09:43:44,585 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the > received exception due to a type mismatch> > > java.lang.NullPointerException > > at > org.apereo.cas.web.ProxyController.getTargetService(ProxyController.java:102) > ~[cas-server-support-validation-5.0.6.jar:5.0.6] > > at > org.apereo.cas.web.ProxyController.handleRequestInternal(ProxyController.java:78) > > ~[cas-server-support-validation-5.0.6.jar:5.0.6] > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_121] > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_121] > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > ~[?:1.8.0_121] > > at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] > > > 7. Line 102 - why is > this.webApplicationServiceFactory.createService(request) return null??? > > > private Service getTargetService(final HttpServletRequest request) { > > return this.webApplicationServiceFactory.createService(request); > > } > > > 8. Our Service Proxy Authentication: > > { > > "@class" : "org.apereo.cas.services.RegexRegisteredService", > > "serviceId" : ".*", > > "name" : "allow all", > > "id" : 10000005, > > "evaluationOrder" : 5, > > "evaluationOrder" : 10005 > > "proxyPolicy" : { > > "@class" : > "org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy", > > "pattern" : ".*" > > } > > } > > > Any ideas on a debug approach is appreciated. > > > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
