Hello, I recently upgraded from CAS 6.2.1 to 6.3.2. I am using the embedded Tomcat server with this version. Occasionally, when users try to sign on to specific Service Providers I see this error :
ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/cas] threw exception [Request processing failed; nested exception is java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request] with root cause> Sometimes this occurs just after the "SERVICE_TICKET_CREATED" event and other times after the "SAML2_RESPONSE_CREATED" event. A few users reported 500 errors on the CAS server after entering their credentials. They would try to access gmail, redirect to the CAS server, enter proper credentials, enter proper MFA prompt, and then see the 500 error page instead of redirecting back to their gmail. One user sent me the error dump after this happened: java.lang.IllegalArgumentException: SAML request could not be determined from the authentication request at org.apereo.cas.support.saml. web.idp.profile.AbstractSamlIdPProfileHandlerController. retrieveSamlAuthenticationRequestFromHttpRequest( AbstractSamlIdPProfileHandlerController.java:155) at org.apereo.cas.support.saml.web.idp.profile.sso. SSOSamlIdPProfileCallbackHandlerController.handleCallbackProfileRequest( SSOSamlIdPProfileCallbackHandlerController.java:88) at jdk.internal.reflect. GeneratedMethodAccessor341.invoke(Unknown Source) at java.base/jdk.internal. reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282) at org.springframework.cloud.context.scope.GenericScope$ LockedScopedProxyFactoryBean.invoke(GenericScope.java:499) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( ReflectiveMethodInvocation.java:186) at org.springframework.aop. framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) at org.springframework.aop.framework.CglibAopProxy$ DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) at org.apereo.cas.support.saml.web.idp.profile.sso. SSOSamlIdPProfileCallbackHandlerController$$EnhancerBySpringCGLIB$$81ad9b89. handleCallbackProfileRequest(<generated>) at jdk.internal.reflect. GeneratedMethodAccessor341.invoke(Unknown Source) at java.base/jdk.internal. reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke( InvocableHandlerMethod.java:190) at org.springframework.web.method.support. InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) at org.springframework.web.servlet.mvc.method.annotation. ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105) at org.springframework.web.servlet.mvc.method.annotation. RequestMappingHandlerAdapter.invokeHandlerMethod( RequestMappingHandlerAdapter.java:878) at org.springframework.web. servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal( RequestMappingHandlerAdapter.java:792) at org.springframework.web. servlet.mvc.method.AbstractHandlerMethodAdapter.handle( AbstractHandlerMethodAdapter.java:87) at org.springframework.web. servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040) at org.springframework.web.servlet.DispatcherServlet. doService(DispatcherServlet.java:943) at org.springframework.web. servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) at org.springframework.web.servlet.FrameworkServlet. doGet(FrameworkServlet.java:898) at javax.servlet.http.HttpServlet.service(HttpServlet.java:645) at org.springframework.web.servlet.FrameworkServlet. service(FrameworkServlet.java:883) at javax.servlet.http. HttpServlet.service(HttpServlet.java:750) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.apereo.cas.web.support. AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter( AuthenticationCredentialsThreadLocalBinderClearingFilter.java:28) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:189) at org.apache.catalina.core. ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apereo.cas.web.support.filters.RequestParameterPolicyEnforcem entFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:401) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:189) at org.apache.catalina.core. ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilt er.doFilter(ResponseHeadersEnforcementFilter.java:200) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:189) at org.apache.catalina.core. ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apereo.cas.web.support.filters.AddResponseHeadersFilter.doFilter( AddResponseHeadersFilter.java:64) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.springframework.security. web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:204) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate( DelegatingFilterProxy.java:358) at org.springframework.web. filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:189) at org.apache.catalina.core. ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) at org.springframework.web.filter.OncePerRequestFilter. doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.springframework.web. filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter. doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.springframework.boot. actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter. doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.apereo.cas.logging.web. ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:99) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:189) at org.apache.catalina.core. ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter( ClientInfoThreadLocalFilter.java:66) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.springframework.web.filter. CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) at org.springframework.web.filter.OncePerRequestFilter. doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core. ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:162) at org.apache.catalina.core. StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.valves.AbstractAccessLogValve.invoke( AbstractAccessLogValve.java:687) at org.apache.catalina.valves. RemoteIpValve.invoke(RemoteIpValve.java:764) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:346) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) at org.apache.coyote.AbstractProcessorLight.process( AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ ConnectionHandler.process(AbstractProtocol.java:887) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1684) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor. runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util. concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) Has anyone seen this error before or have any advice to troubleshoot? Most users can sign into the affected services without any issues but a few saw this error. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/56b65a39-c04a-4c11-97fd-d1479877f99bn%40apereo.org.
