Your CAS client is attempting to resuse a service ticket, or it’s submitting the same request twice. It validates ST-4 and about a minute later it attempts to validate it again. That won’t work.
Monitor traffic and see why you have two requests to validate the same ticket. From: Gianluca Diodato [mailto:gianluca.diod...@gmail.com] Sent: Friday, May 15, 2015 4:44 AM To: cas-user@lists.jasig.org Cc: mmoay...@unicon.net; cas-user@lists.jasig.org Subject: Re: [cas-user] Empty Attribute Map Hi Misagh, This is my last test with deployerConfigContext.xml file. Anyway I don't access to any serviceValidate page (Cas2,Cas3,Saml). When I'm trying to acces I have always this answer: 2015-05-15 13:18:23,465 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:18:23,465 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:18:23,465 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:18:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:19:31,657 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org]> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org] found in registry.> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [first_name] in the list of allowed attributes for service [Test CAS]> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Principal id to return for service [Test CAS] is [gianluca.diod...@iit.cnr.it]. The default principal id is [gianluca.diod...@iit.cnr.it].> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org] from registry> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org]> 2015-05-15 13:19:31,658 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org ACTION: SERVICE_TICKET_VALIDATED APPLICATION: CAS WHEN: Fri May 15 13:19:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-15 13:19:31,659 DEBUG [org.jasig.cas.web.ServiceValidateController] - <Successfully validated service ticket ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org for service [http://localhost:8080/Campus/mainpage.jsp]> 2015-05-15 13:20:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:20:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:20:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:20:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:22:23,465 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:22:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:22:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:22:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:24:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:24:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:24:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:24:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:25:08,452 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:25:08,452 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org]> 2015-05-15 13:25:08,453 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceTicket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org] does not exist.> 2015-05-15 13:25:08,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org]> 2015-05-15 13:25:08,453 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Fri May 15 13:25:08 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-15 13:25:08,453 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages_en] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:messages_en] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <Re-caching properties for filename [classpath:messages] - file hasn't been modified> I modified expiredtimeout of ticket from 10 seconds to 600 seconds in ticketExpirationPolicies.xml, but doesn't work. Best Gianluca Il giorno venerdì 15 maggio 2015 11:12:56 UTC+2, Misagh Moayyed ha scritto: Are you allowing attributes for release? Is your client talking to /p3/serviceValidate? From: Gianluca Diodato [mailto:gianluca...@gmail.com <javascript:> ] Sent: Friday, May 15, 2015 1:41 AM To: cas-...@lists.jasig.org <javascript:> Subject: Re:[cas-user] Empty Attribute Map Same problem with Java Cas Client but no answers yet from community.. I'm almost depressed. Gianluca Il giorno giovedì 14 maggio 2015 12:33:26 UTC+2, Luís Lobo ha scritto: Hi! I am using CAS Server version 4.0.1 and I am having trouble with the attributes. The problem is that in the client side (phpCAS) the attribute map is empty. The relevant parts in my deployerConfigContext.xml are: <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager"> <constructor-arg> <map> <entry key-ref="userAuthHandler" value-ref="principalResolver" /> </map> </constructor-arg> <property name="authenticationPolicy"> <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" /> </property> </bean> The principal resolver is declared as: <bean id="personAttributeDao" class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource" /> <constructor-arg index="1" value="${auth.resolverSql}" /> <property name="queryAttributeMapping"> <map> <entry key="username" value="username" /> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="login" value="login" /> <entry key="client_id" value="client_id" /> </map> </property> </bean> <bean id="principalResolver" class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" p:principalAttributeName="username" p:attributeRepository-ref="personAttributeDao" p:returnNullIfNoAttributes="true" /> The relevant log line in the console is: 2015-05-14 11:33:41,370 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated lfl...@gmail.com <javascript:> with credentials [<username>+password].> 2015-05-14 11:33:41,370 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for lfl...@gmail.com <javascript:> : {login=<username>, client_id=123}> (<username> is the user's login) Am I missing something? Regards, LL -- You are currently subscribed to cas-...@lists.jasig.org <javascript:> as: mmoa...@unicon.net <javascript:> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-...@lists.jasig.org <javascript:> as: jasig-cas-user...@googlegroups.com <javascript:> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net <mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
