In general, don't use JPA for ticket registery it has errors; instead, use
cache based ticket registery(such as, haselcast or me cache) it will
perform well with you
On Fri, Jul 12, 2019, 5:55 PM Ken Hopkins <khopk...@eoriginal.com> wrote:
> I am trying to get a jpa-ticket-registry configured for CAS but I'm
> getting a TransactionRequiredException in CAS when my application tries to
> verify the login token with CAS.
>
> The exception is:
>
> javax.persistence.TransactionRequiredException: Executing an update/delete
> query
> at
> org.hibernate.query.internal.AbstractProducedQuery.executeUpdate(AbstractProducedQuery.java:1496)
> ~[hibernate-core-5.2.17.Final.jar!/:5.2.17.Final]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_192]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_192]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_192]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_192]
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:375)
> ~[spring-orm-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at com.sun.proxy.$Proxy216.executeUpdate(Unknown Source) ~[?:?]
> at
> org.apereo.cas.ticket.registry.JpaTicketRegistry.deleteSingleTicket(JpaTicketRegistry.java:158)
> ~[cas-server-support-jpa-ticket-registry-5.3.11.jar!/:5.3.11]
> at
> org.apereo.cas.ticket.registry.AbstractTicketRegistry.deleteTicket(AbstractTicketRegistry.java:121)
> ~[cas-server-core-tickets-api-5.3.11.jar!/:5.3.11]
> at
> org.apereo.cas.ticket.registry.AbstractTicketRegistry.deleteTicket(AbstractTicketRegistry.java:98)
> ~[cas-server-core-tickets-api-5.3.11.jar!/:5.3.11]
> at
> org.apereo.cas.ticket.registry.AbstractTicketRegistry$$FastClassBySpringCGLIB$$d3c67a11.invoke(<generated>)
> ~[cas-server-core-tickets-api-5.3.11.jar!/:5.3.11]
> at
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> ~[spring-core-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:667)
> ~[spring-aop-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apereo.cas.ticket.registry.JpaTicketRegistry$$EnhancerBySpringCGLIB$$9000de6b.deleteTicket(<generated>)
> ~[cas-server-support-jpa-ticket-registry-5.3.11.jar!/:5.3.11]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_192]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_192]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_192]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_192]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
> ~[spring-core-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
> ~[spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
> ~[spring-aop-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at com.sun.proxy.$Proxy109.deleteTicket(Unknown Source) ~[?:?]
> at
> org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator.generate(OAuth20DefaultTokenGenerator.java:67)
> ~[cas-server-support-oauth-5.3.11.jar!/:5.3.11]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_192]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_192]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_192]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_192]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
> ~[spring-core-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
> ~[spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
> ~[spring-aop-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at com.sun.proxy.$Proxy175.generate(Unknown Source) ~[?:?]
> at
> org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController.handleRequest(OAuth20AccessTokenEndpointController.java:119)
> ~[cas-server-support-oauth-5.3.11.jar!/:5.3.11]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_192]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_192]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_192]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_192]
> at
> org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:849)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:760)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
> ~[spring-webmvc-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> ~[tomcat-embed-websocket-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:30)
> ~[cas-server-core-web-api-5.3.11.jar!/:5.3.11]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261)
> ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:240)
> ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94)
> ~[cas-server-security-filter-2.0.10.4.jar!/:2.0.10.4]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111)
> ~[spring-boot-actuator-1.5.18.RELEASE.jar!/:1.5.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91)
> ~[cas-server-core-logging-5.3.11.jar!/:5.3.11]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:103)
> ~[spring-boot-actuator-1.5.18.RELEASE.jar!/:1.5.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.20.RELEASE.jar!/:4.3.20.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
> ~[inspektr-common-1.8.4.GA.jar!/:1.8.4.GA]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:660)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
> ~[tomcat-embed-core-8.5.41.jar!/:8.5.41]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> ~[?:1.8.0_192]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> ~[?:1.8.0_192]
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> ~[tomcat-util-8.5.41.jar!/:8.5.41]
> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_192]
>
> My application is an
> *org.apereo.cas.support.oauth.services.OAuthRegisteredService*.
>
> My jpa configuration:
>
> cas.ticket.registry.jpa.ddlAuto=none
> cas.ticket.registry.jpa.user=***
> cas.ticket.registry.jpa.password=***
> cas.ticket.registry.jpa.driverClass=oracle.jdbc.driver.OracleDriver
> cas.ticket.registry.jpa.url=jdbc:oracle:thin:@***
> cas.ticket.registry.jpa.dialect=org.hibernate.dialect.Oracle10gDialect
>
> To reproduce the error, I'll request a protected resource in my
> application. My application will redirect the user to CAS. The user will
> login to CAS. Login seems to be successful. Then CAS will redirect the
> user to
> /my-app/login?code=OC-1-PCHUeONs6TYsJ2my1qrCJw5pofgZNbqL&state=ZGNbw6 and
> my application will return an http 401. The above stack track will be in
> my cas log. Here's an excerpt of some debugging messages prior to the
> error. Not sure if they are relevant, or if more messages would be helpful:
>
> 2019-07-12 11:12:22,252 DEBUG
> [org.apereo.cas.support.oauth.util.OAuth20Utils] - <Checking grant type
> [authorization_code] against supported grant types [[authorization_code]]>
> 2019-07-12 11:12:22,252 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenAuthorizationCodeGrantRequestExtractor]
> - <OAuth grant type is [authorization_code]>
> 2019-07-12 11:12:22,252 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenAuthorizationCodeGrantRequestExtractor]
> - <Located registered service
> [OAuthRegisteredService(super=AbstractRegisteredService(serviceId=^***,
> name=***, theme=***, informationUrl=***, privacyUrl=null,
> responseType=null, id=1002, description=***,
> expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false,
> notifyWhenDeleted=false, expirationDate=null),
> proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1,
> evaluationOrder=0,
> usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2,
> logoutType=BACK_CHANNEL, requiredHandlers=[],
> attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null,
> principalAttributesRepository=DefaultPrincipalAttributesRepository(),
> consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true,
> excludedAttributes=null, includeOnlyAttributes=null),
> authorizedToReleaseCredentialPassword=false,
> authorizedToReleaseProxyGrantingTicket=false,
> excludeDefaultAttributes=false,
> authorizedToReleaseAuthenticationAttributes=true,
> principalIdAttribute=null)),
> multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[],
> failureMode=NOT_SET, principalAttributeNameTrigger=null,
> principalAttributeValueToMatch=null, bypassEnabled=false), logo=null,
> logoutUrl=null,
> accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0,
> enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null,
> delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]),
> requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={},
> caseInsensitive=false), publicKey=null, properties={}, contacts=[]),
> clientSecret=***, clientId=***, bypassApprovalPrompt=true,
> generateRefreshToken=false, jsonFormat=false,
> supportedGrantTypes=[authorization_code], supportedResponseTypes=[code])]>
> 2019-07-12 11:12:22,269 DEBUG
> [org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController]
> - <Creating access token for
> [AccessTokenRequestDataHolder(service=AbstractWebApplicationService(id=
> https://localhost/ui/login, originalUrl=https://localhost/ui/login,
> artifactId=null, principal=null, source=null, loggedOutAlready=false,
> format=XML, attributes={}),
> authentication=org.apereo.cas.authentication.DefaultAuthentication@28804012,
> token=OC-2-dHSz-1JmScl4VI6W0VTfzW1UUvLDL67g, generateRefreshToken=false,
> registeredService=OAuthRegisteredService(super=AbstractRegisteredService(serviceId=^***,
> name=***, theme=***, informationUrl=***, privacyUrl=null,
> responseType=null, id=1002, description=***,
> expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false,
> notifyWhenDeleted=false, expirationDate=null),
> proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1,
> evaluationOrder=0,
> usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2,
> logoutType=BACK_CHANNEL, requiredHandlers=[],
> attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null,
> principalAttributesRepository=DefaultPrincipalAttributesRepository(),
> consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true,
> excludedAttributes=null, includeOnlyAttributes=null),
> authorizedToReleaseCredentialPassword=false,
> authorizedToReleaseProxyGrantingTicket=false,
> excludeDefaultAttributes=false,
> authorizedToReleaseAuthenticationAttributes=true,
> principalIdAttribute=null)),
> multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[],
> failureMode=NOT_SET, principalAttributeNameTrigger=null,
> principalAttributeValueToMatch=null, bypassEnabled=false), logo=null,
> logoutUrl=null,
> accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0,
> enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null,
> delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]),
> requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={},
> caseInsensitive=false), publicKey=null, properties={}, contacts=[]),
> clientSecret=***, clientId=***, bypassApprovalPrompt=true,
> generateRefreshToken=false, jsonFormat=false,
> supportedGrantTypes=[authorization_code], supportedResponseTypes=[code]),
> ticketGrantingTicket=TGT-1-**********************************************MBrVCBaeHAnWZCS2jCKKY***,
> grantType=AUTHORIZATION_CODE, scopes=[])]>
> 2019-07-12 11:12:22,269 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Creating refresh token for [AbstractWebApplicationService(id=
> https://localhost/ui/login, originalUrl=https://localhost/ui/login,
> artifactId=null, principal=null, source=null, loggedOutAlready=false,
> format=XML, attributes={})]>
> 2019-07-12 11:12:22,270 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationBuilder] - <Recording
> authentication handler result success under key
> [org.pac4j.cas.profile.CasProfile]>
> 2019-07-12 11:12:22,270 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Creating access token for
> [AccessTokenRequestDataHolder(service=AbstractWebApplicationService(id=
> https://localhost/ui/login, originalUrl=https://localhost/ui/login,
> artifactId=null, principal=null, source=null, loggedOutAlready=false,
> format=XML, attributes={}),
> authentication=org.apereo.cas.authentication.DefaultAuthentication@28804012,
> token=OC-2-dHSz-1JmScl4VI6W0VTfzW1UUvLDL67g, generateRefreshToken=false,
> registeredService=OAuthRegisteredService(super=AbstractRegisteredService(serviceId=^***,
> name=***, theme=***, informationUrl=***, privacyUrl=null,
> responseType=null, id=1002, description=***,
> expirationPolicy=DefaultRegisteredServiceExpirationPolicy(deleteWhenExpired=false,
> notifyWhenDeleted=false, expirationDate=null),
> proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1,
> evaluationOrder=0,
> usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@87297e2,
> logoutType=BACK_CHANNEL, requiredHandlers=[],
> attributeReleasePolicy=ReturnAllAttributeReleasePolicy(super=AbstractRegisteredServiceAttributeReleasePolicy(attributeFilter=null,
> principalAttributesRepository=DefaultPrincipalAttributesRepository(),
> consentPolicy=DefaultRegisteredServiceConsentPolicy(enabled=true,
> excludedAttributes=null, includeOnlyAttributes=null),
> authorizedToReleaseCredentialPassword=false,
> authorizedToReleaseProxyGrantingTicket=false,
> excludeDefaultAttributes=false,
> authorizedToReleaseAuthenticationAttributes=true,
> principalIdAttribute=null)),
> multifactorPolicy=DefaultRegisteredServiceMultifactorPolicy(multifactorAuthenticationProviders=[],
> failureMode=NOT_SET, principalAttributeNameTrigger=null,
> principalAttributeValueToMatch=null, bypassEnabled=false), logo=null,
> logoutUrl=null,
> accessStrategy=DefaultRegisteredServiceAccessStrategy(order=0,
> enabled=true, ssoEnabled=true, unauthorizedRedirectUrl=null,
> delegatedAuthenticationPolicy=DefaultRegisteredServiceDelegatedAuthenticationPolicy(allowedProviders=[]),
> requireAllAttributes=true, requiredAttributes={}, rejectedAttributes={},
> caseInsensitive=false), publicKey=null, properties={}, contacts=[]),
> clientSecret=***, clientId=***, bypassApprovalPrompt=true,
> generateRefreshToken=false, jsonFormat=false,
> supportedGrantTypes=[authorization_code], supportedResponseTypes=[code]),
> ticketGrantingTicket=TGT-1-**********************************************MBrVCBaeHAnWZCS2jCKKY***,
> grantType=AUTHORIZATION_CODE, scopes=[])]>
> 2019-07-12 11:12:22,270 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Created access token [AT-2-uyPMzNX6A5dfy6JzORUqw8Urxowa0t4G]>
> 2019-07-12 11:12:22,270 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Adding OAuth ticket [AT-2-uyPMzNX6A5dfy6JzORUqw8Urxowa0t4G] to registry>
> 2019-07-12 11:12:22,287 DEBUG
> [org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Added ticket
> [AT-2-uyPMzNX6A5dfy6JzORUqw8Urxowa0t4G] to registry.>
> 2019-07-12 11:12:22,293 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Updating ticket-granting ticket
> [TGT-1-**********************************************MBrVCBaeHAnWZCS2jCKKY***]>
> 2019-07-12 11:12:22,304 DEBUG
> [org.apereo.cas.ticket.registry.JpaTicketRegistry] - <Updated ticket
> [TGT-1-**********************************************MBrVCBaeHAnWZCS2jCKKY***].>
> 2019-07-12 11:12:22,340 DEBUG
> [org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20DefaultTokenGenerator]
> - <Added access token [AT-2-uyPMzNX6A5dfy6JzORUqw8Urxowa0t4G] to registry>
> 2019-07-12 11:12:22,340 DEBUG
> [org.apereo.cas.ticket.support.MultiTimeUseOrTimeoutExpirationPolicy] -
> <Ticket usage count [1] is greater than or equal to [1]. Ticket has expired>
> 2019-07-12 11:12:22,365 DEBUG
> [org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
> [OC-2-dHSz-1JmScl4VI6W0VTfzW1UUvLDL67g] from the registry.>
> 2019-07-12 11:12:22,365 DEBUG
> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
> received exception due to a type mismatch>
> javax.persistence.TransactionRequiredException: Executing an update/delete
> query
>
> I've reproduced this error against CAS 5.3.9, 5.3.10 and 5.3.11. I
> haven't been able to get 6.x running yet in order to test there, but JDK11
> isn't an option for us immediately anyhow. I haven't tried standing up
> older versions of CAS. I've tried stumbling my way through the source
> code, but I haven't gotten anywhere.
>
> Here's how I'm building the war with maven:
>
> <plugin>
> <groupId>org.apache.maven.plugins</groupId>
> <artifactId>maven-war-plugin</artifactId>
> <version>3.2.2</version>
> <configuration>
> <warName>cas</warName>
> <failOnMissingWebXml>false</failOnMissingWebXml>
> <recompressZippedFiles>false</recompressZippedFiles>
> <archive>
> <compress>false</compress>
> <manifestFile>${manifestFileToUse}</manifestFile>
> </archive>
> <overlays>
> <overlay>
> <groupId>org.apereo.cas</groupId>
> <artifactId>cas-server-webapp${app.server}</artifactId>
> <excludes>
> <exclude>/WEB-INF/classes/services/*</exclude>
> <!-- explicitly excluding spring-security and retrofit
> jars from overlay because cas v5.3.11 includes versions that have
> vulnerabilities -->
> <exclude>/WEB-INF/lib/retrofit-*.jar</exclude>
> <exclude>/WEB-INF/lib/spring-security-*.jar</exclude>
> </excludes>
> </overlay>
> </overlays>
> </configuration>
> </plugin>
>
> I was seeing the same error before we started updating the dependencies in
> the war, so that doesn't seem to be the problem. We are still including
> upgraded versions of retrofit and spring-security. The excludes is just to
> remove the old version from the overlay war.
>
> Any help with this error would be much appreciated.
>
>
> This e-mail contains information from eOriginal, Inc. that may be
> proprietary, confidential and/or subject to a nondisclosure agreement. If
> you are not an intended recipient, please notify the sender immediately and
> delete this e-mail from your computer. To the extent required under any
> applicable nondisclosure agreement, the information contained in this
> e-mail is marked CONFIDENTIAL.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/177b9606-2d0b-92fb-1ecc-886282975767%40eoriginal.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/177b9606-2d0b-92fb-1ecc-886282975767%40eoriginal.com?utm_medium=email&utm_source=footer>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMKQGEawzjOvBq-KrUPv_f1XBh31NF4QwSnq44v-C%3DTsvs%3D2Lg%40mail.gmail.com.
