Thanks Ray, I owe you a case of what ever your vice is by now.
In retrospect it makes sense now. The service ticket was being searched for
in the requestScope as the log reflects:
2023-08-08 15:25:26,057 DEBUG
[org.apereo.cas.web.flow.GenerateServiceTicketAction] - <Granted service
ticket [ST-2-********9u96HVcbf8-https://localhost:8443] and added it to the
request scope>
Since I was redirecting the user to a view, this triggered a new request
which would lose the request scope including the service ticket.
So, right before I redirect the user to the view, I saved the requestScope
object into flowScope, then after action was taken in the view I triggered
another action that would put the temp requestScope object from the
flowScope back into requestScope and finally removed the temp requestScope
object from flowScope.
-psv
On Wednesday, August 9, 2023 at 9:09:00 PM UTC-5 Ray Bon wrote:
> Pablo,
>
>
> There are a number of maps associated with the web flow.
> You can put to one of the maps, if needed. From your action class you can
> see their contents:
>
> // authn attributes contains encrypted credential
> // LOGGER.debug("auth attribs Map: " +
> WebUtils.getAuthentication(requestContext).getAttributes());
> // printMap("attributes Map", requestContext.getAttributes().asMap());
> // printMap("conversation Map",
> requestContext.getConversationScope().asMap());
> // printMap("flash Map", requestContext.getFlashScope().asMap());
> // printMap("flow scope Map", requestContext.getFlowScope().asMap());
> // printMap("request Map", requestContext.getRequestScope().asMap());
> // printMap("parameter Map",
> requestContext.getRequestParameters().asMap());
>
>
> private void printMap(String identifier, Map<String, Object> mam) {
> LOGGER.trace(identifier + ": [" + mam.keySet().size() + "]:");
> for (String key : mam.keySet()) {
> LOGGER.trace("\t" + key + " : " + mam.get(key));
> }
> }
>
> Ray
>
> On Wed, 2023-08-09 at 17:23 -0700, Pablo Vidaurri wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> It looks like I'm losing the request scope, or at least the service
> ticket:
>
>
> 2023-08-08 15:25:26,057 DEBUG
> [org.apereo.cas.web.flow.GenerateServiceTicketAction] - <Granted service
> ticket [ST-2-********9u96HVcbf8-https://localhost:8443] and added it to
> the request scope>
> 2023-08-08 15:25:26,057 DEBUG [org.apereo.cas.web.flow.MyCustomAction] -
> <Inside myCustomAction doExecute>
> ...
> 2023-08-08 15:25:27,186 DEBUG
> [org.apereo.cas.web.flow.actions.RedirectToServiceAction] - <Located
> service ticket [null] from the context>
>
> Inside MyCustomAction.java, I can confirm I have a requestScope with ST.
> My customAction will trigger a redirect to a view. After my view it seems I
> lose the ST.
>
> Do I need to pass my requestscope or ST along with my form inside my view
> via an input form parameter?
>
> -psv
>
>
> On Wednesday, August 9, 2023 at 2:50:18 PM UTC-5 Pablo Vidaurri wrote:
>
> Hi Ray, looks to be a self inflicted issue.
>
> We have a custom login webflow and have injected as view between
> generateServiceTicket and Redirect action/view states. When I disable this
> custom step all works fine. I haven't been able to trace my issue but it is
> my issue.
>
> -psv
>
> On Thursday, August 3, 2023 at 9:24:17 AM UTC-5 Ray Bon wrote:
>
> Pablo,
>
> What version of Cas is this?
>
> Check your logs. The audit log records the authentication events,
> including ticket creation.
>
> Ray
>
> On Wed, 2023-08-02 at 14:39 -0700, Pablo Vidaurri wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
>
> I am seeing a problem where after a successful login a redirect is happing
> back to the service URL but does not have a ticket=ST-xxxx query parameter.
> This of course means that the service has no ticket to go validate. But if
> I hit the login page again, i get the ticket on the 2nd try.
>
> 1) https://www.xxx.com/cas/login?service=https://myapp.xxx.com/cas/login
> 2) after login redirects to https://myapp.newco.com/cas/login, with no
> ticket
> 3) since no ticket, login to the app fails.
> 4) I go to
> https://www.xxx.com/cas/login?service=https://myapp.xxx.com/cas/login
> again
> 5) immediately redirects back to
> https://myapp.xxx.com/cas/login?ticket=ST-xxxx
> 6) now logged into the app
>
> Why would ticket not be sent the first time?
>
> -psv
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b9a850fb-dd71-48e2-a0d3-7ada7f703911n%40apereo.org.
