Hi,
Your stacktrace is hard to read. I see an "Access is denied" and a
redirection through the authentication entry point, which is pretty normal
when you are not authenticated and try to access a protected page.
The main settings are the urls of the services webapp and entry point ("CAS
URLs" in the wiki page) and the ROLE_ADMIN for the right user.
The blank screen is pretty strange : sure that you don't have any error
logs somewhere ?
Best regards,
Jérôme
2013/10/1 Sébastien Toulmonde <[email protected]>
> Hi CAS gurus,
>
> I'm having the strangest issue right now regarding the services management
> app... It's no more accessible: I get a blank screen (
> https://cas-server:8181/cas/services)
>
> I've tried on several servers, including a separate workstation, and hit
> several DBs - same issue.
>
> I'm using Mysql as a back-end for services management (like in the wiki
> https://wiki.jasig.org/display/CASUM/Configuring)
>
> Lowering the logs to debug/trace, I found this:
>
> 2013-10-01 09:37:28,956 DEBUG
> [org.springframework.security.web.FilterChainProxy] - Converted URL to
> lowercase, from: '/services'; to: '/services' 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - Candidate is:
> '/services'; pattern is /services/loggedout.html; matched=false 2013-10-01
> 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] -
> Converted URL to lowercase, from: '/services'; to: '/services' 2013-10-01
> 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] -
> Candidate is: '/services'; pattern is /**; matched=true 2013-10-01
> 09:37:28,957 DEBUG [org.springframework.security.web.FilterChainProxy] -
> /services at position 1 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.context.SecurityContextPersistenceFilter@461e4b'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
> - HttpSession returned null object for SPRING_SECURITY_CONTEXT 2013-10-01
> 09:37:28,957 DEBUG
> [org.springframework.security.web.context.HttpSessionSecurityContextRepository]
> - No SecurityContext was available from the HttpSession:
> org.apache.catalina.session.StandardSessionFacade@b0ce1f. A new one will
> be created. 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 2 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.authentication.logout.LogoutFilter@e55a5c'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 3 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.cas.web.CasAuthenticationFilter@19a1fd9'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 4 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1dce27e'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 5 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@19cf5f6'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 6 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.authentication.www.BasicAuthenticationFilter@e8bccf'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 7 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.savedrequest.RequestCacheAwareFilter@1b21964'
> 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> pathInfo: both null (property equals) 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> queryString: both null (property equals) 2013-10-01 09:37:28,957 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> requestURI: arg1=/cas/services; arg2=/cas/services (property equals)
> 2013-10-01 09:37:28,958 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> serverPort: arg1=8181; arg2=8181 (property equals) 2013-10-01 09:37:28,958
> DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> requestURL: arg1=https://localhost:8181/cas/services; arg2=
> https://localhost:8181/cas/services (property equals) 2013-10-01
> 09:37:28,958 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> scheme: arg1=https; arg2=https (property equals) 2013-10-01 09:37:28,958
> DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> serverName: arg1=localhost; arg2=localhost (property equals) 2013-10-01
> 09:37:28,958 DEBUG
> [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> contextPath: arg1=/cas; arg2=/cas (property equals) 2013-10-01 09:37:28,958
> DEBUG [org.springframework.security.web.savedrequest.DefaultSavedRequest] -
> servletPath: arg1=/services; arg2=/services (property equals) 2013-10-01
> 09:37:28,958 DEBUG
> [org.springframework.security.web.savedrequest.HttpSessionRequestCache] -
> Removing DefaultSavedRequest from session if present 2013-10-01
> 09:37:28,966 DEBUG [org.springframework.security.web.FilterChainProxy] -
> /services at position 8 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@149e2b7'
> 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 9 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.authentication.AnonymousAuthenticationFilter@a38463'
> 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]
> - Populated SecurityContextHolder with anonymous token:
> 'org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2:
> Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true;
> Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a:
> RemoteIpAddress: 127.0.0.1; SessionId: 2f21e121748cc93b0432261b8990;
> Granted Authorities: ROLE_ANONYMOUS' 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 10 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.session.SessionManagementFilter@16fd35b'
> 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 11 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.access.ExceptionTranslationFilter@1d72cee'
> 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.FilterChainProxy] - /services at position
> 12 of 12 in additional filter chain; firing Filter:
> 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor@19900fa'
> 2013-10-01 09:37:28,966 DEBUG
> [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource]
> - Converted URL to lowercase, from: '/services'; to: '/services' 2013-10-01
> 09:37:28,967 DEBUG
> [org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource]
> - Candidate is: '/services'; pattern is /**; matched=true 2013-10-01
> 09:37:28,967 DEBUG
> [org.springframework.security.web.access.intercept.FilterSecurityInterceptor]
> - Secure object: FilterInvocation: URL: /services; Attributes: [ROLE_ADMIN
> ] 2013-10-01 09:37:28,967 DEBUG
> [org.springframework.security.web.access.intercept.FilterSecurityInterceptor]
> - Previously Authenticated:
> org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2:
> Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true;
> Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a:
> RemoteIpAddress: 127.0.0.1; SessionId: 2f21e121748cc93b0432261b8990;
> Granted Authorities: ROLE_ANONYMOUS 2013-10-01 09:37:28,967 DEBUG
> [org.springframework.security.access.vote.AffirmativeBased] - Voter:
> org.springframework.security.access.vote.RoleVoter@1bac611, returned: -1
> 2013-10-01 09:37:28,967 DEBUG
> [org.springframework.security.access.vote.AffirmativeBased] - Voter:
> org.springframework.security.access.vote.AuthenticatedVoter@45f1f2,
> returned: 0 2013-10-01 09:37:28,967 DEBUG
> [org.springframework.security.web.access.ExceptionTranslationFilter] -
> Access is denied (user is anonymous); redirecting to authentication entry
> point org.springframework.security.access.AccessDeniedException: Access is
> denied at
> org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:71)
> at
> org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:203)
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:106)
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:96)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:90)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
> at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
> at
> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
> at
> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
> at
> org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
> at
> com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
> at
> com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
> at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
> at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) at
> com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056) at
> com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
> at
> com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
> at
> com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
> at
> com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
> at
> com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
> at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at
> com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
> at
> com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
> at java.lang.Thread.run(Thread.java:722)
>
>
> I did mapped my user as ROLE_ADMIN:
> <sec:user-service id="userDetailsService">
> <sec:user name="[email protected]"<mailto:
> [email protected]> password="notused"
> authorities="ROLE_ADMIN" />
> </sec:user-service>
>
>
> And as I get a blank screen, I'm a bit stuck... Does someone has a clue on
> what I've done wrong? I've already dropped the tables in Mysql to
> elemininate any thrash there - same issue.
>
> Thanks for your help!
>
>
> --
> ___________________________________________________
>
> SEBASTIEN TOULMONDE
> UNIX System Administrator
> Information Services Department
>
> BISNODE
>
> Direct: +32 2 555 96 86
> Mobile: +32 475 49 81 45
> Office fax: +32 2 521 21 98
> E-mail: [email protected]<mailto:
> [email protected]>
> Address: Researchdreef 65 Allée de la Recherche, 1070 Brussels, Belgium
> www.bisnode.be<http://www.bisnode.be>
> __________________________________________________
>
> **** DISCLAIMER ****
> "This e-mail and any attachments thereto may contain information which is
> confidential and/or protected by intellectual property rights and are
> intended for the sole use of the recipient(s)named above. Any use of the
> information contained herein (including, but not limited to, total or
> partial reproduction, communication or distribution in any form)by persons
> other than the designated recipient(s) is prohibited. If you have received
> this e-mail in error, please notify the sender either by telephone or by
> e-mail and delete the material from any computer. Thank you for your
> cooperation."
>
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
