Thanks for reading through such long logs. I appreciate it! I am getting closer. With the one missing service parameter, it is because when the login form submits, it is missing service parameter to begin with. CAS code confirmed the behavior.
the FORM POST did not have service parameter to begin with 127.0.0.1 - - [07/Feb/2019:18:47:09 -0500] "POST /cas5/login HTTP/1.1" 401 18021 <== this happens to my form when I submit login form after entering incorrect credential 127.0.0.1 - - [07/Feb/2019:18:52:43 -0500] "POST /cas5/login?service=https://test.com HTTP/1.1" 401 18184 <== this happens at the simple overlay app Now the question is, how did I get here? I am using essentially the same form, not sure why one appends service parameter but the other does not. <form method="post" id="fm1" *action="login" *class="login__form md-block layout-align-center-center layout-column ng-valid ng-valid-required" _lpchecked="1" > <md-input-container class="md-block layout-fill md-has-icon md-input-has-value" layout-fill=""> <label for="username">Username</label> <input type="text" ng-model="vm.username" required="" name="username" id="username" class="qd-text-input md-input ng-not-empty ng-dirty ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" tabindex="1" value="" aria-invalid="false" style="background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAAAXNSR0IArs4c6QAAAUBJREFUOBGVVE2ORUAQLvIS4gwzEysHkHgnkMiEc4zEJXCMNwtWTmDh3UGcYoaFhZUFCzFVnu4wIaiE+vvq6+6qTgthGH6O4/jA7x1OiCAIPwj7CoLgSXDxSjEVzAt9k01CBKdWfsFf/2WNuEwc2YqigKZpK9glAlVVwTTNbQJZlnlCkiTAZnF/mePB2biRdhwHdF2HJEmgaRrwPA+qqoI4jle5/8XkXzrCFoHg+/5ICdpm13UTho7Q9/0WnsfwiL/ouHwHrJgQR8WEwVG+oXpMPaDAkdzvd7AsC8qyhCiKJjiRnCKwbRsMw9hcQ5zv9maSBeu6hjRNYRgGFuKaCNwjkjzPoSiK1d1gDDecQobOBwswzabD/D3Np7AHOIrvNpHmPI+Kc2RZBm3bcp8wuwSIot7QQ0PznoR6wYSK0Xb/AGVLcWwc7Ng3AAAAAElFTkSuQmCC"); background-repeat: no-repeat; background-attachment: scroll; background-size: 16px 18px; background-position: 98% 50%; cursor: auto;"><div class="md-errors-spacer"></div><md-icon class="icon-user ng-isolate-scope material-icons" aria-hidden="true"></md-icon> </md-input-container> <md-input-container class="md-block layout-fill md-has-icon md-input-has-value" layout-fill=""> <label for="password">Password</label> <input type="password" ng-model="vm.password" required="" name="password" id="password" class="qd-text-input md-input ng-not-empty ng-dirty ng-valid-parse ng-valid ng-valid-required ng-touched" autocomplete="off" tabindex="2" value="" aria-invalid="false" style="background-image: url("data:image/png;base64,iVBORw.........3AAAAAElFTkSuQmCC"); background-repeat: no-repeat; background-attachment: scroll; background-size: 16px 18px; background-position: 98% 50%; cursor: auto;"><div class="md-errors-spacer"></div><md-icon class="icon-lock ng-isolate-scope material-icons" aria-hidden="true"></md-icon> <div class="hint">Password is case-sensitive</div> </md-input-container> <button class="md-raised qd-button login__button md-button md-ink-ripple" type="submit" ng-transclude="" tabindex="6" ng-disabled="!vm.username || !vm.password" aria-label="Login"><span class="ng-scope">Login</span></button> <input type="hidden" name="geolocation"><input type="hidden" name="execution" value="27f6679d-4caf-4671-bf76-..................................."> <input type="hidden" name="_eventId" value="submit"> </form> On Thursday, February 7, 2019 at 5:12:32 PM UTC-5, rbon wrote: > > Yan, > > In the preserved parameter log, checkForPswdResetToken exists between > initializeLoginForm and viewLoginForm. It is missing in yours. > > Ray > > On Thu, 2019-02-07 at 12:04 -0800, Yan Zhou wrote: > > Hi, > > thanks for the help, I have not used the customized webflow class Ray > provided, because I do not know how to yet. I was looking into this by > comparing debug level logging. > > What I did is to compare the two projects, one is a simple cas5.3.x > overlay and the other is mine (after removing any customization of login > flow). Still the simple overlay preserves service parameter, and mine does > not, even after I removed all customization done to the flow (apparently > there must be still some subtle changes to the flow, I just do not know > what it is). > > For some reason, my flowExecutionUrl lost service parameter. > > *This is mine that lost service parameter after incorrect user credential.* > > 2019-02-07 10:42:08,403 DEBUG > [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - > <Resolved single event [authenticationFailure] via > [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] > > for this context> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.InitialAuthenticationAction@1d082ed8; > result = authenticationFailure> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@1c04a306 expression = > authenticationViaFormAction, resultExpression = [null]]; result = > authenticationFailure> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@69b93ff2 on = authenticationFailure, to = > handleAuthenticationFailure]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'realSubmit'> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'handleAuthenticationFailure' of flow 'login'> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@5a7334d4 expression = authenticationExceptionHandler, > resultExpression = [null]]> > 2019-02-07 10:42:08,404 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6> > 2019-02-07 10:42:08,404 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located current event [authenticationFailure]> > 2019-02-07 10:42:08,404 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located error attribute [class > org.apereo.cas.authentication.AuthenticationException] with message [1 > errors, 0 successes] from the current event> > 2019-02-07 10:42:08,406 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Unable to translate handler errors of the authentication exception > [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 > successes]. Returning [UNKNOWN]> > 2019-02-07 10:42:08,409 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Final event id resolved from the error is [UNKNOWN]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@76e88b6; > result = UNKNOWN> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@5a7334d4 expression = > authenticationExceptionHandler, resultExpression = [null]]; result = > UNKNOWN> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@4b9fecdf on = *, to = initializeLoginForm]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'handleAuthenticationFailure'> > > > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'initializeLoginForm' of flow 'login'> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@2b48526a expression = initializeLoginAction, > resultExpression = [null]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Putting action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394> > 2019-02-07 10:42:08,410 INFO > [org.apereo.cas.web.flow.login.InitializeLoginAction] - <Initialized Quest > login sequence, original request URL: http://localhost:8180/cas5/login> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing org.apereo.cas.web.flow.login.InitializeLoginAction@28a78394; > result = success> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@2b48526a expression = initializeLoginAction, > resultExpression = [null]]; result = success> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@75b36a3f on = success, to = viewLoginForm]> > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'initializeLoginForm'> > .............................. > > 2019-02-07 10:42:08,410 DEBUG > [org.springframework.webflow.engine.ViewState] - <Entering state > 'viewLoginForm' of flow 'login'> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key > 2551e999-88a9-4540-b31a..................................> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - <Rendering + > [ServletMvcView@30813248 view = > org.thymeleaf.spring4.view.ThymeleafView@6781c9ef]> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - < Flash scope = > map[[empty]]> > 2019-02-07 10:42:08,415 DEBUG > [org.springframework.webflow.engine.ViewState] - < Messages = > [DefaultMessageContext@54943838 sourceMessages = map[[null] -> > list[[Message@46ab2bcf source = [null], severity = ERROR, text = 'Invalid > credentials.']]]]> > > 2019-02-07 10:42:08,418 DEBUG > [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC > [org.thymeleaf.spring4.view.ThymeleafView@6781c9ef] with model map > [{passwordManagementEnabled=true, viewScope=map[[empty]], > warnCookieValue=false, > org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: > > 1 errors > Error in object 'credential': codes []; arguments []; default message > [Invalid credentials.], staticAuthentication=false, > *flowExecutionUrl=/cas5/login?username=fd&password=f* > &geolocation=&execution=6334l1YjRDZ5X0Qzb21tZ3pKaXRWRmJxSlRB........, > service=AbstractWebApplicationService(id=https://test.com, originalUrl= > https://test.com, artifactId=null, principal=null, source=service, > loggedOutAlready=false, format=XML, > attributes={}), ticketGrantingTicketId=null, > googleAnalyticsTrackingId=null, trackGeoLocation=false, > flashScope=map[[empty]], > registeredService=AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, > description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, > includeOnlyAttributes=null), authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[]), > doChangePassword=false}]> > > ================================================ > > *the following is the one preserved service parameter after incorrect > credential.* > > 2019-02-07 09:27:55,199 DEBUG > [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - > <Resolved single event [authenticationFailure] via > [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] > > for this context> > 2019-02-07 09:27:55,199 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.InitialAuthenticationAction@723fc09a; > result = authenticationFailure> > 2019-02-07 09:27:55,199 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@1c4ec4ac expression = > authenticationViaFormAction, resultExpression = [null]]; result = > authenticationFailure> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@7919640a on = authenticationFailure, to = > handleAuthenticationFailure]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'realSubmit'> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'handleAuthenticationFailure' of flow 'login'> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@522dccba expression = authenticationExceptionHandler, > resultExpression = [null]]> > 2019-02-07 09:27:55,200 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4> > 2019-02-07 09:27:55,200 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located current event [authenticationFailure]> > 2019-02-07 09:27:55,200 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Located error attribute [class > org.apereo.cas.authentication.AuthenticationException] with message [0 > errors, 0 successes] from the current event> > 2019-02-07 09:27:55,202 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Unable to translate handler errors of the authentication exception > [org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 > successes]. Returning [UNKNOWN]> > 2019-02-07 09:27:55,205 DEBUG > [org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction] - > <Final event id resolved from the error is [UNKNOWN]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing > org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction@575a46b4; > > result = UNKNOWN> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@522dccba expression = > authenticationExceptionHandler, resultExpression = [null]]; result = > UNKNOWN> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@51381f10 on = *, to = initializeLoginForm]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'handleAuthenticationFailure'> > > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.ActionState] - <Entering state > 'initializeLoginForm' of flow 'login'> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > [EvaluateAction@2d85dcb3 expression = initializeLoginAction, > resultExpression = [null]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Putting action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Executing > org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing org.apereo.cas.web.flow.login.InitializeLoginAction@5c33f8b7; > result = success> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action > execution attributes map[[empty]]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.execution.ActionExecutor] - <Finished > executing [EvaluateAction@2d85dcb3 expression = initializeLoginAction, > resultExpression = [null]]; result = success> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@3965ba70 on = success, to = checkForPswdResetToken]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'initializeLoginForm'> > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.DecisionState] - <Entering state > 'checkForPswdResetToken' of flow 'login'> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Executing > [Transition@6fccb97d on = *, to = viewLoginForm]> > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.Transition] - <Exiting state > 'checkForPswdResetToken'> > > > 2019-02-07 09:27:55,206 DEBUG > [org.springframework.webflow.engine.ViewState] - <Entering state > 'viewLoginForm' of flow 'login'> > 2019-02-07 09:27:55,212 DEBUG > [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Assigned key > 5a4a05e9-4f13-41e8-859a-........................................> > 2019-02-07 09:27:55,212 WARN > [org.apereo.cas.services.web.RegisteredServiceThemeResolver] - <Custom > theme [hcp] for service [AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, includeOnlyAttributes=null), > authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[])] cannot > be located. Falling back to default theme...> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - <Rendering + > [ServletMvcView@2fa3b937 view = > org.thymeleaf.spring4.view.ThymeleafView@16f0e998]> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - < Flash scope = > map[[empty]]> > 2019-02-07 09:27:55,213 DEBUG > [org.springframework.webflow.engine.ViewState] - < Messages = > [DefaultMessageContext@133c6c9b sourceMessages = map[[null] -> > list[[Message@728eb6f7 source = [null], severity = ERROR, text = 'Invalid > credentials.']]]]> > > 2019-02-07 09:27:55,216 DEBUG > [org.springframework.webflow.mvc.view.AbstractMvcView] - <Rendering MVC > [org.thymeleaf.spring4.view.ThymeleafView@16f0e998] with model map > [{passwordManagementEnabled=true, viewScope=map[[empty]], > warnCookieValue=false, > org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel: > > 1 errors > Error in object 'credential': codes []; arguments []; default message > [Invalid credentials.], staticAuthentication=false, > *flowExecutionUrl=/cas5/login?service=https%3A%2F%2Ftest.com* > &username=d&password=dd&geolocation=&execution=3594802e-...................VR, > > service=AbstractWebApplicationService(id=https://test.com, originalUrl= > https://test.com, artifactId=null, principal=null, source=service, > loggedOutAlready=false, format=XML, > attributes={}), ticketGrantingTicketId=null, > googleAnalyticsTrackingId=null, trackGeoLocation=false, > flashScope=map[[empty]], > registeredService=AbstractRegisteredService(serviceId=^https?://.*, > name=CAS-Management3, theme=hcp, informationUrl=null, privacyUrl=null, > responseType=null, id=1, > description=Management3, > expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false, > > notifyWhenDeleted=false, expirationDate=null), > proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1, > evaluationOrder=1, > usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2, > > logoutType=BACK_CHANNEL, requiredHandlers=[], > > attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null, > > principalAttributesRepository=DefaultPrincipalAttributesRepository(), > consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true, > excludedAttributes=null, includeOnlyAttributes=null), > authorizedToReleaseCredentialPassword=false, > authorizedToReleaseProxyGrantingTicket=false, > excludeDefaultAttributes=false, > authorizedToReleaseAuthenticationAttributes=true, > principalIdAttribute=null)), > multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[], > > failureMode=NOT_SET, principalAttributeNameTrigger=null, > principalAttributeValueToMatch=null, bypassEnabled=false), logo=null, > logoutUrl=https://localhost:8543/ssvenroll/logout, > accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0, > enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null, > delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]), > > requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={}, > caseInsensitive=false), publicKey=null, properties={}, contacts=[]), > doChangePassword=false}]> > > > > > On Wednesday, February 6, 2019 at 6:12:52 PM UTC-5, Colin Wilkinson wrote: > > Hi Yan, > > As Ray correct pointed out the XML webflow defined is a basic starting > point, if search through the you find alot of class extending > Cas*Webflow*Configurer > this include the DefaultLoginWebflowConfigurer. > > During our upgrade from I noticed the same issue that at times the service > parameter was going missing, but the page worked fine as long as I did NOT > do a refresh. From my investigation the service parameter is stored upon > entry into CAS and as long as the page is not force refresh from the user > without the service parameter then CAS should work fine. > > During my investigation I found the following redirect, > <end-state id="redirectView" view="externalRedirect:#{requestScope.url}"/> > > They redirect without the query parameters. There is also a > redirectToLogin as well. > <end-state id="redirectToLogin" view="externalRedirect:#{'login'}"/> > > Given that you have started invalid credentials then its more than likely > going down the "<transition on="authenticationFailure" > to="handleAuthenticationFailure"/>" code and not even hitting your code. > > > Regards, > Colin > > On Thursday, 7 February 2019 05:00:05 UTC+11, Yan Zhou wrote: > > Hi there, > > I extended CAS 5.3.4. The app. redirects to CAS login page with service > parameter. > > When I type incorrect credential, I saw the invalid credential message, > but I lost service parameter, the screen refreshes to have only the CAS url. > > What could be missing in my code? > > Thx! > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | rb...@uvic.ca <javascript:> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0f59404-760c-415b-88c6-0e01d97d9288%40apereo.org.
