Hi Duane, do you have any updates on this issue? This still seems to be broken in 5.0.9.
Regards, Udo Am Montag, 21. August 2017 23:42:25 UTC+2 schrieb Duane Booher: > > correct to last post: cas/proxy did not work for us on 5.0.6 and 5.0.7, > but does work on 5.0.5 > > On Monday, August 21, 2017 at 2:36:57 PM UTC-7, Duane Booher wrote: >> >> Here is an update on this post. We had too much customization invested in >> 5.0 to consider 5.1, and we found that the cas/proxy was broke on 5.0.5 and >> 5.0.6, but worked in 5.0.5, so we fell back to 5.0.5. I've been too busy to >> formally report this issue to the project and will do so soon. >> >> Duane >> >> On Tuesday, July 25, 2017 at 10:19:10 AM UTC-7, Duane Booher wrote: >>> >>> We have a cas/proxy failure which is blocking our CAS 5.0.6/5.0.7 >>> production deployment. This sequence below works for our existing CAS 4.0.3 >>> system. >>> >>> >>> 1. >>> https://cas-server.nau.edu/cas/login?service=https://my-app.nau.edu/mail/ >>> >>> >>> SUCCESS: >>> https://my-app.nau.edu/mail/?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu >>> >>> >>> >>> 2. >>> https://cas-server.nau.edu/cas/serviceValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/ >>> >>> >>> SUCCESS response. >>> >>> >>> >>> 3. >>> https://cas-server.nau.edu/cas/proxyValidate?ticket=ST-1-idYBys2cQPo9TFrticiH-cas-server.nau.edu&service=https://my-app.nau.edu/mail/&pgtUrl=https://cas-server.nau.edu/callback >>> >>> >>> SUCCESS response: userid >>> PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu >>> >>> false true 2017-07-25T09:41:06.053-07:00[US/Arizona] >>> LdapAuthenticationHandler LdapAuthenticationHandler >>> >>> >>> >>> 4. tail -f localhost_access_log.2017-07-25.txt |grep -i pgtId= >>> >>> >>> "GET /callback?pgtIou= >>> PGTIOU-1-WfzNE715CnLCCAQAaIZQ45rSocWGBFdfVykHNqvbUKdWD6vkwX-cas-server.nau.edu >>> &pgtId= >>> PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu >>> HTTP/1.1" 200 58 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_121)" >>> >>> >>> >>> 5. >>> https://cas-server.nau.edu/cas/proxy?targetService=https://my-app.nau.edu/mail/&pgt=PGT-2-kEYrcBCFfmgqg7bfI0Ag673rEubeGtpjLNyIR3yOHs9dm5Mb7v-cas-server.nau.edu >>> >>> >>> FAILURE: url status code 500 >>> >>> >>> >>> 6. The corresponding catalina-daemon.out shows a null returned from >>> getTargetService(ProxyController.java:102) >>> >>> >>> 2017-07-25 09:43:44,585 DEBUG >>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the >>> received exception due to a type mismatch> >>> >>> java.lang.NullPointerException >>> >>> at >>> org.apereo.cas.web.ProxyController.getTargetService(ProxyController.java:102) >>> >>> ~[cas-server-support-validation-5.0.6.jar:5.0.6] >>> >>> at >>> org.apereo.cas.web.ProxyController.handleRequestInternal(ProxyController.java:78) >>> >>> ~[cas-server-support-validation-5.0.6.jar:5.0.6] >>> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> ~[?:1.8.0_121] >>> >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >>> >>> ~[?:1.8.0_121] >>> >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> >>> ~[?:1.8.0_121] >>> >>> at java.lang.reflect.Method.invoke(Method.java:498) >>> ~[?:1.8.0_121] >>> >>> >>> 7. Line 102 - why is >>> this.webApplicationServiceFactory.createService(request) return null??? >>> >>> >>> private Service getTargetService(final HttpServletRequest request) { >>> >>> return this.webApplicationServiceFactory.createService(request); >>> >>> } >>> >>> >>> 8. Our Service Proxy Authentication: >>> >>> { >>> >>> "@class" : "org.apereo.cas.services.RegexRegisteredService", >>> >>> "serviceId" : ".*", >>> >>> "name" : "allow all", >>> >>> "id" : 10000005, >>> >>> "evaluationOrder" : 5, >>> >>> "evaluationOrder" : 10005 >>> >>> "proxyPolicy" : { >>> >>> "@class" : >>> "org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy", >>> >>> "pattern" : ".*" >>> >>> } >>> >>> } >>> >>> >>> Any ideas on a debug approach is appreciated. >>> >>> >>> -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
