correct to last post: cas/proxy did not work for us on 5.0.6 and 5.0.7, but does work on 5.0.5
On Monday, August 21, 2017 at 2:36:57 PM UTC-7, Duane Booher wrote: > > Here is an update on this post. We had too much customization invested in > 5.0 to consider 5.1, and we found that the cas/proxy was broke on 5.0.5 and > 5.0.6, but worked in 5.0.5, so we fell back to 5.0.5. I've been too busy to > formally report this issue to the project and will do so soon. > > Duane > > On Tuesday, July 25, 2017 at 10:19:10 AM UTC-7, Duane Booher wrote: >> >> We have a cas/proxy failure which is blocking our CAS 5.0.6/5.0.7 >> production deployment. This sequence below works for our existing CAS 4.0.3 >> system. >> >> >> 1. >> https://cas-server.nau.edu/cas/login?service=https://my-app.nau.edu/mail/ >> >> >> SUCCESS: >> https://my-app.nau.edu/mail/?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu >> >> >> >> 2. >> https://cas-server.nau.edu/cas/serviceValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/ >> >> >> SUCCESS response. >> >> >> >> 3. >> https://cas-server.nau.edu/cas/proxyValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/&pgtUrl=https://cas-server.nau.edu/callback >> >> >> SUCCESS response: userid >> PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu >> >> false true 2017-07-25T09:41:06.053-07:00[US/Arizona] >> LdapAuthenticationHandler LdapAuthenticationHandler >> >> >> >> 4. tail -f localhost_access_log.2017-07-25.txt |grep -i pgtId= >> >> >> "GET /callback?pgtIou= >> PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu >> &pgtId= >> PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu >> HTTP/1.1" 200 58 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_121)" >> >> >> >> 5. >> https://cas-server.nau.edu/cas/proxy?targetService=https://my-app.nau.edu/mail/&pgt=PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu >> >> >> FAILURE: url status code 500 >> >> >> >> 6. The corresponding catalina-daemon.out shows a null returned from >> getTargetService(ProxyController.java:102) >> >> >> 2017-07-25 09:43:44,585 DEBUG >> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the >> received exception due to a type mismatch> >> >> java.lang.NullPointerException >> >> at >> org.apereo.cas.web.ProxyController.getTargetService(ProxyController.java:102) >> >> ~[cas-server-support-validation-5.0.6.jar:5.0.6] >> >> at >> org.apereo.cas.web.ProxyController.handleRequestInternal(ProxyController.java:78) >> >> ~[cas-server-support-validation-5.0.6.jar:5.0.6] >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_121] >> >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_121] >> >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_121] >> >> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] >> >> >> 7. Line 102 - why is >> this.webApplicationServiceFactory.createService(request) return null??? >> >> >> private Service getTargetService(final HttpServletRequest request) { >> >> return this.webApplicationServiceFactory.createService(request); >> >> } >> >> >> 8. Our Service Proxy Authentication: >> >> { >> >> "@class" : "org.apereo.cas.services.RegexRegisteredService", >> >> "serviceId" : ".*", >> >> "name" : "allow all", >> >> "id" : 10000005, >> >> "evaluationOrder" : 5, >> >> "evaluationOrder" : 10005 >> >> "proxyPolicy" : { >> >> "@class" : >> "org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy", >> >> "pattern" : ".*" >> >> } >> >> } >> >> >> Any ideas on a debug approach is appreciated. >> >> >> -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
