After upgrading from 6.6 to 7.2, my users are occasionally getting an error screen saying "Unauthorized Access" and listing "screen.pac4j.authn.AuthenticationException" as the cause.
When I look at the CAS log, I'm seeing the error as listed above, with two full IP addresses with ports. The ip addresses match, but the ports don't. It looks like for some reason, CAS is expecting the same port to be used for the initial request and the authentication request, but the client is changing the port they are talking on. Is there an easy way to either disable this check or set it to only check the ip address and not the port, or do I have to override the obtainValueFromCompoundCookie() method from DefaultCasCookieValueManager, which is where the error appears to be coming from? It looks like I could disable the ip address check completely if I can set the cookieProperties.isGeoLoateClientSession() value to false, but I'm not sure how to do that. I tried setting cas.tgc.geo-locate-client-session to false in my cas.properties file, but I'm not sure if that will work or not and don't have a way to test it. Thank you, -- Aaron Chantrill ID: 000490892 BS Computer Science (1/1/2019) Tom Grant c 304-445-5230 US Eastern Time [email protected] -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAJt4T%3DtcTUvzXMOKoZDj%3DDaXsEA9Pso-3A0MK%3DXL3UM21FxQaw%40mail.gmail.com.
