date:20190502

Re: [cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

2019-05-02 Thread Yan Zhou


Yes, I know TGC, and it is in the cookie. 

How do two clients (native Mobile Apps) using Open ID Connect  talk to CAS, 
and achieve SSO? Where is TGC stored? There is no cookie in native apps. 

In other words, when user is authenticated in CAS via the first client, and 
he goes to the 2nd client app., what is the protocol look like that SSO is 
achieved?

Yan

On Thursday, May 2, 2019 at 6:54:48 PM UTC-4, rbon wrote:
>
> Yan,
>
> CAS creates a TGC (ticket granting cookie) that it uses to look up the SSO 
> session. It is (typically) not available to client application.
>
> Ray
>
> On Thu, 2019-05-02 at 15:38 -0700, Yan Zhou wrote:
>
> Hello, 
>
> CAS has a nice diagram explains CAS protocol, how it achieves SSO, by 
> using cookie. 
>
> With CAS5, I can achieve SSO with two clients, one speaking CAS protocol, 
> the other speaking OpenID Connect. 
>
> How did CAS do that, is that by the use of cookie as well?  I do not think 
> OpenID Connect itself uses cookie.  Any idea?
>
> Similarly, if two clients both speak OpenID Connect, is cookie support 
> still required for CAS to support SSO between them?
>
> Thx!
> Yan
>
> -- 
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca 
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e1c37a5e-0405-4b60-bacf-0bf892cccfd0%40apereo.org.

Re: [cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

2019-05-02 Thread Ray Bon

Yan,

CAS creates a TGC (ticket granting cookie) that it uses to look up the SSO 
session. It is (typically) not available to client application.

Ray

On Thu, 2019-05-02 at 15:38 -0700, Yan Zhou wrote:
Hello,

CAS has a nice diagram explains CAS protocol, how it achieves SSO, by using 
cookie.

With CAS5, I can achieve SSO with two clients, one speaking CAS protocol, the 
other speaking OpenID Connect.

How did CAS do that, is that by the use of cookie as well?  I do not think 
OpenID Connect itself uses cookie.  Any idea?

Similarly, if two clients both speak OpenID Connect, is cookie support still 
required for CAS to support SSO between them?

Thx!
Yan

--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/04fb4e2e07de1d8ae03590870b973b7a9befa028.camel%40uvic.ca.

[cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

2019-05-02 Thread Yan Zhou

Hello,

CAS has a nice diagram explains CAS protocol, how it achieves SSO, by using 
cookie. 

With CAS5, I can achieve SSO with two clients, one speaking CAS protocol, 
the other speaking OpenID Connect. 

How did CAS do that, is that by the use of cookie as well?  I do not think 
OpenID Connect itself uses cookie.  Any idea?

Similarly, if two clients both speak OpenID Connect, is cookie support 
still required for CAS to support SSO between them?

Thx!
Yan

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a8d538f8-ba2c-4606-bbf8-eb417c3db312%40apereo.org.

[cas-user] Database Audits

2019-05-02 Thread Peyo Tzolov

Hey everyone,

I'm trying to save the cas audits to a postgres database. For whatever 
reason, CAS is trying to use the hsqldb driver, even though I've specified 
the postgres driver. 

I'm using a CAS 6.0.3 docker image built with the cas-overlay-template 
project.

Here is my configuration:

cas.audit.jdbc.driverClass=org.postgresql.Driver
cas.audit.jdbc.url=jdbc:postgresql://postgres:5432/cas_audits
cas.audit.jdbc.dialect=org.hibernate.dialect.PostgresPlusDialect
cas.audit.jdbc.user=someuser
cas.audit.jdbc.password=somepassword


I've included the cas server support for jdbc audits in the grade build 
file.

compile "org.apereo.cas:cas-server-support-audit-jdbc:${casServerVersion}"


Here is the stacktrace:
aod_cas.1.kblf4acydbtx@ptzolov-leader| 2019-05-02 20:54:40,568 WARN 
[com.zaxxer.hikari.util.DriverDataSource] - 
aod_cas.1.kblf4acydbtx@ptzolov-leader| 2019-05-02 20:54:41,127 ERROR 
[org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet]]
 
- = ? 
ORDER BY AUD_DATE DESC]; nested exception is 
java.sql.SQLSyntaxErrorException: user lacks privilege or object not found: 
COM_AUDIT_TRAIL in statement [SELECT AUD_DATE FROM COM_AUDIT_TRAIL WHERE 
AUD_CLIENT_IP = ? AND AUD_USER = ? AND AUD_ACTION = ? AND APPLIC_CD = ? AND 
AUD_DATE >= ? ORDER BY AUD_DATE DESC]] with root cause>
aod_cas.1.kblf4acydbtx@ptzolov-leader| org.hsqldb.HsqlException: user 
lacks privilege or object not found: COM_AUDIT_TRAIL
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.readTableName(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.readTableOrSubquery(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadTableReference(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadFromClause(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadTableExpression(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadQuerySpecification(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadSimpleTable(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadQueryPrimary(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadQueryTerm(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadQueryExpressionBody(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.XreadQueryExpression(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserDQL.compileCursorSpecification(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserCommand.compilePart(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.ParserCommand.compileStatement(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.Session.compileStatement(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.StatementManager.compile(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.Session.execute(Unknown Source) ~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.jdbc.JDBCPreparedStatement.(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.hsqldb.jdbc.JDBCConnection.prepareStatement(Unknown Source) 
~[hsqldb-2.4.1.jar!/:2.4.1]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
com.zaxxer.hikari.pool.ProxyConnection.prepareStatement(ProxyConnection.java:311)
 
~[HikariCP-3.2.0.jar!/:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
com.zaxxer.hikari.pool.HikariProxyConnection.prepareStatement(HikariProxyConnection.java)
 
~[HikariCP-3.2.0.jar!/:?]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.springframework.jdbc.core.JdbcTemplate$SimplePreparedStatementCreator.createPreparedStatement(JdbcTemplate.java:1557)
 
~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzolov-leader| at 
org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:615) 
~[spring-jdbc-5.1.3.RELEASE.jar!/:5.1.3.RELEASE]
aod_cas.1.kblf4acydbtx@ptzol

Re: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Ray Bon

Hmm, this is confusing.
I added it to my overlay, probably for the errors you are seeing. But I do not 
see a reference to projectlombok in cas master branch (or 6.0.x).
Some IDEs have lombok plugins but that should not be necessary for command line 
build.

Perhaps there is someone with more experience with lombok on the list.

Ray

On Fri, 2019-05-03 at 02:21 +0800, Doug Campbell wrote:
Ray,

That didn’t seem to change anything.  Here is what I have added in the 
dependencies section of build.gradle:

compileOnly group: 'org.projectlombok', name: 'lombok', version: '1.18.2'
compile "com.esotericsoftware:kryo:4.0.2"
compile group: 'com.esotericsoftware', name: 'kryo-shaded', version: '4.0.2'
compile group: 'de.javakaffee', name: 'kryo-serializers', version: '0.42'
compile "org.apereo.cas:cas-server-core-authentication-api:${casServerVersion}"
compile 
"org.apereo.cas:cas-server-core-authentication-attributes:${casServerVersion}"
compile 
"org.apereo.cas:cas-server-core-services-authentication:${casServerVersion}"
compile "org.apereo.cas:cas-server-core-services-api:${casServerVersion}"
compile "org.apereo.cas:cas-server-core-tickets-api:${casServerVersion}"
compile "org.apereo.cas:cas-server-core-util-api:${casServerVersion}"
compile "org.apereo.cas:cas-server-support-memcached-core:${casServerVersion}"

I came up with this based on looking at the error messages I saw and guessing 
what packages were needed.

Doug

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Ray Bon
Sent: Friday, May 3, 2019 2:14 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

val is part of lombok. Try adding this to build.gradle

compileOnly group: 'org.projectlombok', name: 'lombok', version: '1.18.2'

Ray

On Fri, 2019-05-03 at 02:02 +0800, Doug Campbell wrote:
Ray,

That got me a little further along but when I try to build (./gradlew clean 
build) I get a lot of errors.  I have tried adding compile dependencies which 
has reduce the number of errors but now I am stuck.

This is what I am seeing in terms of errors:

> Task :compileJava FAILED
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:147:
 error: incompatible types: CloseableKryo cannot be converted to val
val kryo = new CloseableKryo(this.kryoPool);
   ^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:148:
 error: cannot find symbol
kryo.setInstantiatorStrategy(new Kryo.DefaultInstantiatorStrategy(new 
StdInstantiatorStrategy()));
 ^
  symbol:   class DefaultInstantiatorStrategy
  location: class Kryo
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:149:
 error: cannot find symbol
kryo.setWarnUnregisteredClasses(this.warnUnregisteredClasses);
^
  symbol:   method setWarnUnregisteredClasses(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:150:
 error: cannot find symbol
kryo.setAutoReset(this.autoReset);
^
  symbol:   method setAutoReset(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:151:
 error: cannot find symbol
kryo.setReferences(this.replaceObjectsByReferences);
^
  symbol:   method setReferences(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:152:
 error: cannot find symbol
kryo.setRegistrationRequired(this.registrationRequired);
^
  symbol:   method setRegistrationRequired(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:154:
 error: cannot find symbol
LOGGER.debug("Constructing a kryo instance with the following 
settings:");
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:155:
 error: cannot find symbol
LOGGER.debug("warnUnregisteredClasses: [{}]", 
this.warnUnregisteredClasses);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:156:
 error: cannot find symbol
LOGGER.debug("autoReset: [{}]", this.autoReset);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:157:
 error: cannot find symbol
LOGGER.debug("replaceObjectsByReferences: [{}]", 
this.replaceObjectsByReferences);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:158:
 error: cannot find symbol

RE: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Doug Campbell

Ray,

 

That didn’t seem to change anything.  Here is what I have added in the 
dependencies section of build.gradle:

 

compileOnly group: 'org.projectlombok', name: 'lombok', version: '1.18.2'

compile "com.esotericsoftware:kryo:4.0.2"

compile group: 'com.esotericsoftware', name: 'kryo-shaded', version: '4.0.2'

compile group: 'de.javakaffee', name: 'kryo-serializers', version: '0.42'

compile "org.apereo.cas:cas-server-core-authentication-api:${casServerVersion}"

compile 
"org.apereo.cas:cas-server-core-authentication-attributes:${casServerVersion}"

compile 
"org.apereo.cas:cas-server-core-services-authentication:${casServerVersion}"

compile "org.apereo.cas:cas-server-core-services-api:${casServerVersion}"

compile "org.apereo.cas:cas-server-core-tickets-api:${casServerVersion}"

compile "org.apereo.cas:cas-server-core-util-api:${casServerVersion}"

compile "org.apereo.cas:cas-server-support-memcached-core:${casServerVersion}"

 

I came up with this based on looking at the error messages I saw and guessing 
what packages were needed.

 

Doug

 

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Ray Bon
Sent: Friday, May 3, 2019 2:14 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

val is part of lombok. Try adding this to build.gradle

 

compileOnly group: 'org.projectlombok', name: 'lombok', version: '1.18.2'

 

Ray

 

On Fri, 2019-05-03 at 02:02 +0800, Doug Campbell wrote:

Ray,

 

That got me a little further along but when I try to build (./gradlew clean 
build) I get a lot of errors.  I have tried adding compile dependencies which 
has reduce the number of errors but now I am stuck.

 

This is what I am seeing in terms of errors:

 

> Task :compileJava FAILED

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:147:
 error: incompatible types: CloseableKryo cannot be converted to val

val kryo = new CloseableKryo(this.kryoPool);

   ^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:148:
 error: cannot find symbol

kryo.setInstantiatorStrategy(new Kryo.DefaultInstantiatorStrategy(new 
StdInstantiatorStrategy()));

 ^

  symbol:   class DefaultInstantiatorStrategy

  location: class Kryo

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:149:
 error: cannot find symbol

kryo.setWarnUnregisteredClasses(this.warnUnregisteredClasses);

^

  symbol:   method setWarnUnregisteredClasses(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:150:
 error: cannot find symbol

kryo.setAutoReset(this.autoReset);

^

  symbol:   method setAutoReset(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:151:
 error: cannot find symbol

kryo.setReferences(this.replaceObjectsByReferences);

^

  symbol:   method setReferences(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:152:
 error: cannot find symbol

kryo.setRegistrationRequired(this.registrationRequired);

^

  symbol:   method setRegistrationRequired(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:154:
 error: cannot find symbol

LOGGER.debug("Constructing a kryo instance with the following 
settings:");

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:155:
 error: cannot find symbol

LOGGER.debug("warnUnregisteredClasses: [{}]", 
this.warnUnregisteredClasses);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:156:
 error: cannot find symbol

LOGGER.debug("autoReset: [{}]", this.autoReset);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:157:
 error: cannot find symbol

LOGGER.debug("replaceObjectsByReferences: [{}]", 
this.replaceObjectsByReferences);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:158:
 error: cannot find symbol

LOGGER.debug("registrationRequired: [{}]", this.registrationRequired);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:160:
 error: incompatible types: val cannot be conve

Re: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Ray Bon

val is part of lombok. Try adding this to build.gradle

compileOnly group: 'org.projectlombok', name: 'lombok', version: '1.18.2'

Ray

On Fri, 2019-05-03 at 02:02 +0800, Doug Campbell wrote:
Ray,

That got me a little further along but when I try to build (./gradlew clean 
build) I get a lot of errors.  I have tried adding compile dependencies which 
has reduce the number of errors but now I am stuck.

This is what I am seeing in terms of errors:

> Task :compileJava FAILED
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:147:
 error: incompatible types: CloseableKryo cannot be converted to val
val kryo = new CloseableKryo(this.kryoPool);
   ^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:148:
 error: cannot find symbol
kryo.setInstantiatorStrategy(new Kryo.DefaultInstantiatorStrategy(new 
StdInstantiatorStrategy()));
 ^
  symbol:   class DefaultInstantiatorStrategy
  location: class Kryo
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:149:
 error: cannot find symbol
kryo.setWarnUnregisteredClasses(this.warnUnregisteredClasses);
^
  symbol:   method setWarnUnregisteredClasses(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:150:
 error: cannot find symbol
kryo.setAutoReset(this.autoReset);
^
  symbol:   method setAutoReset(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:151:
 error: cannot find symbol
kryo.setReferences(this.replaceObjectsByReferences);
^
  symbol:   method setReferences(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:152:
 error: cannot find symbol
kryo.setRegistrationRequired(this.registrationRequired);
^
  symbol:   method setRegistrationRequired(boolean)
  location: variable kryo of type val
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:154:
 error: cannot find symbol
LOGGER.debug("Constructing a kryo instance with the following 
settings:");
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:155:
 error: cannot find symbol
LOGGER.debug("warnUnregisteredClasses: [{}]", 
this.warnUnregisteredClasses);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:156:
 error: cannot find symbol
LOGGER.debug("autoReset: [{}]", this.autoReset);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:157:
 error: cannot find symbol
LOGGER.debug("replaceObjectsByReferences: [{}]", 
this.replaceObjectsByReferences);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:158:
 error: cannot find symbol
LOGGER.debug("registrationRequired: [{}]", this.registrationRequired);
^
  symbol:   variable LOGGER
  location: class CloseableKryoFactory
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:160:
 error: incompatible types: val cannot be converted to Kryo
registerCasAuthenticationWithKryo(kryo);
  ^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:161:
 error: incompatible types: val cannot be converted to Kryo
registerExpirationPoliciesWithKryo(kryo);
   ^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:162:
 error: incompatible types: val cannot be converted to Kryo
registerCasTicketsWithKryo(kryo);
   ^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:163:
 error: incompatible types: val cannot be converted to Kryo
registerNativeJdkComponentsWithKryo(kryo);
^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:164:
 error: incompatible types: val cannot be converted to Kryo
registerCasServicesWithKryo(kryo);
^
/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:165:
 error: incompatible types: val cannot be converted to Kryo
registerImmutableOrEmptyCollectionsWithKryo(kryo);
^
/cas-overlay/src/main/java/org/apereo/cas/m

[cas-user] Re: CAS 6.0.3 - The request was rejected because the URL was not normalized.

2019-05-02 Thread Christian Poirier

I also tried these things:

   - Add a rewriter valve to change the request URL to remove the 
   ;jsessionid=... in the URL but the spring firewall intercept this before
   - Add these properties in my cas.properties
  - spring.resources.chain.strategy.fixed.enabled=true
  
  
spring.resources.chain.strategy.fixed.paths=/webjars/,/js/,/images/,/sass/,/themes/
  spring.resources.chain.strategy.fixed.version=v5-3-11
   
Finally, I found a way, not pretty, but it works, I remove the rendered 
jsessionid:

   - I change the html attributes href, src, data-ref using this regex:
  - search = th:(href|src|data-ref)="(@[^"]+)"
  - replace = th:with="url=$2" 
  th:$1="url.replaceFirst\(';jsessionid=.+',''\)"
  


Le mercredi 1 mai 2019 12:12:26 UTC-4, Christian Poirier a écrit :
>
> I have the same problem but in the 5.3 version. It is related of Tomcat or 
> Spring rendering URL where it adds ;JSESSIONID=... after the URL for 
> webjars, js, css files. I try to find the solution also. Some people say 
> that we should implement a WebSecurityConfigurerAdapter
>
> @Configuration
>
> @EnableWebSecurity
>
> @EnableGlobalMethodSecurity(prePostEnabled = true)
>
> public class
> WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
>
>   @Override
>   protected void configure(HttpSecurity httpSecurity) throws Exception {
>
> httpSecurity.cors().and().csrf()
>   .permtAll().antMatchers("/webjars/**", "/js/**", "/css/**", 
> "/themes/**", "/images/**", "/sass/**","/favicon.ico")
>
> [...]
>
> I tried to add these lines in my cas.properties but still not working 
> (still rendering  href="/cas/webjars/font-awesome/5.0.13/web-fonts-with-css/css/fontawesome-all.min.css;jsessionid=76F1DC8C73583A53EAF0C8D47D2472D9"/>)
> security.ignored[0]=/webjars/**
> security.ignored[1]=/js/**
> security.ignored[2]=/images/**
> security.ignored[3]=/css/**
> security.ignored[4]=/themes/**
> security.ignored[5]=/sass/**
> security.ignored[6]=/favicon.ico
>
>
> I tried to add these lines in my cas.properties but still not working 
> (still rendering  href="/cas/webjars/font-awesome/5.0.13/web-fonts-with-css/css/fontawesome-all.min.css;jsessionid=76F1DC8C73583A53EAF0C8D47D2472D9"/>)
> security.ignored[0]=/cas/webjars/**
> security.ignored[1]=/cas/js/**
> security.ignored[2]=/cas/images/**
> security.ignored[3]=/cas/css/**
> security.ignored[4]=/cas/themes/**
> security.ignored[5]=/cas/sass/**
> security.ignored[6]=/cas/favicon.ico
>
> I will try to implement the WebSecurityConfigurerAdapter 
>
> Le jeudi 11 avril 2019 03:41:12 UTC-4, Tobias Johansson a écrit :
>>
>> Hi!
>>
>> Having problems upgrading from 5.3.5 to 6.0.3 on docker. 
>> Running fine on localhost (http), but getting errors like below on rc 
>> (https):
>>
>> 2019-04-11 07:19:02,477 ERROR 
>> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>> > request was rejected because the URL was not normalized.]>
>> org.springframework.security.web.firewall.RequestRejectedException: The 
>> request was rejected because the URL was not normalized.
>> at 
>> org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:296)
>>  
>> ~[spring-security-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]
>> at 
>> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:194)
>>  
>> ~[spring-security-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]
>> at 
>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
>>  
>> ~[spring-security-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]
>> at 
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
>>  
>> ~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
>> at 
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)
>>  
>> ~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>  
>> ~[catalina.jar:9.0.17]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:9.0.17]
>> at 
>> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
>>  
>> ~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
>> at 
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>>  
>> ~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>  
>> ~[catalina.jar:9.0.17]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:9.0.17]
>> at 
>> org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
>>  
>> ~[spring-web-5.1.

RE: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Doug Campbell

Ray,

 

That got me a little further along but when I try to build (./gradlew clean 
build) I get a lot of errors.  I have tried adding compile dependencies which 
has reduce the number of errors but now I am stuck.

 

This is what I am seeing in terms of errors:

 

> Task :compileJava FAILED

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:147:
 error: incompatible types: CloseableKryo cannot be converted to val

val kryo = new CloseableKryo(this.kryoPool);

   ^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:148:
 error: cannot find symbol

kryo.setInstantiatorStrategy(new Kryo.DefaultInstantiatorStrategy(new 
StdInstantiatorStrategy()));

 ^

  symbol:   class DefaultInstantiatorStrategy

  location: class Kryo

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:149:
 error: cannot find symbol

kryo.setWarnUnregisteredClasses(this.warnUnregisteredClasses);

^

  symbol:   method setWarnUnregisteredClasses(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:150:
 error: cannot find symbol

kryo.setAutoReset(this.autoReset);

^

  symbol:   method setAutoReset(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:151:
 error: cannot find symbol

kryo.setReferences(this.replaceObjectsByReferences);

^

  symbol:   method setReferences(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:152:
 error: cannot find symbol

kryo.setRegistrationRequired(this.registrationRequired);

^

  symbol:   method setRegistrationRequired(boolean)

  location: variable kryo of type val

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:154:
 error: cannot find symbol

LOGGER.debug("Constructing a kryo instance with the following 
settings:");

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:155:
 error: cannot find symbol

LOGGER.debug("warnUnregisteredClasses: [{}]", 
this.warnUnregisteredClasses);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:156:
 error: cannot find symbol

LOGGER.debug("autoReset: [{}]", this.autoReset);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:157:
 error: cannot find symbol

LOGGER.debug("replaceObjectsByReferences: [{}]", 
this.replaceObjectsByReferences);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:158:
 error: cannot find symbol

LOGGER.debug("registrationRequired: [{}]", this.registrationRequired);

^

  symbol:   variable LOGGER

  location: class CloseableKryoFactory

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:160:
 error: incompatible types: val cannot be converted to Kryo

registerCasAuthenticationWithKryo(kryo);

  ^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:161:
 error: incompatible types: val cannot be converted to Kryo

registerExpirationPoliciesWithKryo(kryo);

   ^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:162:
 error: incompatible types: val cannot be converted to Kryo

registerCasTicketsWithKryo(kryo);

   ^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:163:
 error: incompatible types: val cannot be converted to Kryo

registerNativeJdkComponentsWithKryo(kryo);

^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:164:
 error: incompatible types: val cannot be converted to Kryo

registerCasServicesWithKryo(kryo);

^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:165:
 error: incompatible types: val cannot be converted to Kryo

registerImmutableOrEmptyCollectionsWithKryo(kryo);

^

/cas-overlay/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java:167:
 error: cannot find symbol

LOGGER.trace("Registering seri

Re: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Ray Bon

Doug,

OK, create the path src/main/java/org/apereo/cas/memcached/kryo/ and copy in 
CloseableKryoFactory.java (from apero/cas source).
You may need to modify build.gradle to include appropriate dependencies (as 
compile).

Get the project to build (no need to deploy) before making changes to 
CloseableKryoFactory.

Ray

On Fri, 2019-05-03 at 00:53 +0800, Doug Campbell wrote:
Ray,

I want to modify 
cas/support/cas-server-support-memcached-core/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java.

Doug

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Ray Bon
Sent: Friday, May 3, 2019 12:40 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

Doug,

What is the file(s) that you want to modify?
src/main/java is for files that get compiled (.java).
src/main/resources is for everything else (images, .html, etc).

You will need to use jdk 11 for CAS 6.x.

Ray

On Fri, 2019-05-03 at 00:20 +0800, Doug Campbell wrote:
Correction.  I think I had things cached.  It doesn’t work to put the files in 
src/main/resources.

From: cas-user@apereo.org 
[mailto:cas-user@apereo.org] On Behalf Of Doug Campbell
Sent: Friday, May 3, 2019 12:06 AM
To: cas-user@apereo.org
Subject: RE: [cas-user] Issue with LPPE and memcached ticket registry

Thanks guys this got me on the right track.

I first tried what Ray suggested but was having difficulties.  I then adjusted 
and tried Julien’s approach and saw success once I downgraded my Java version.  
I then went back and tried Ray’s suggestion and was successful except that I 
had to put the files in the src/main/resources directory not src/main/java.

Anyway, I think I am starting to understand this though I want to write myself 
some step-by-step instructions and will probably go ahead and post those back.

Appreciate your help!

Doug

From: cas-user@apereo.org 
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Thursday, May 2, 2019 4:51 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry


Ray I'm not sure that will work with the cas-overlay-template done with gradle.

On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :

- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install locally 
the change (command example to build this kind of module and to install it 
locally : ../../gradlew clean build install --configure-on-demand --build-cache 
--parallel -x test -x javadoc -x check --stacktrace 
-DskipNestedConfigMetadataGen=true -DskipGradleLint=true), like that your cas 
build from the cas-overlay-template will be able to use your change.

Julien
Le 01/05/2019 à 21:26, Ray Bon a écrit :
Doug,

I have not used docker image but suspect it operate the same way as a stand 
alone deploy.
You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war.
https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html

Ray

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:
Thanks Julien.

I think I understand what is needed to be done for registering the missing 
class but I have no idea how to deploy a change to test it.  I’m using the 
cas-webapp-docker to deploy to Docker using cas-overlay-template.  If were able 
to give me some pointers as to how to test these changes I would go ahead and 
try to make this work on the 6.0.x branch.

Doug

From: cas-user@apereo.org 
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Tuesday, April 30, 2019 5:47 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry


Hi,

To fix your problem you have to register the missing class, here is a PR to get 
as example to register some missing class  
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?

After my point of view is that's a problem that KRYO need to register all class 
to serialize them, but it doesn't seem to have an other way. After there is a 
good beneit to use KRYO as his serialization is more efficient than the default 
one.

Thanks,

Julien
Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :
Doug, thank you very much for your feedback and the workaround. That does, 
indeed, fix the immediate issue at hand. Hopefully the Kryo serialization issue 
will be resolved soon.

Thanks again!
--Gary

--

Gary Windham

Principal Enterprise Systems Architect

University Information Technology Services

The University of Arizona



Email: windh...@email.arizona.edu

Office: +1 520

RE: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Doug Campbell

Ray,

 

I want to modify 
cas/support/cas-server-support-memcached-core/src/main/java/org/apereo/cas/memcached/kryo/CloseableKryoFactory.java.

 

Doug

 

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Ray Bon
Sent: Friday, May 3, 2019 12:40 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

Doug,

 

What is the file(s) that you want to modify?

src/main/java is for files that get compiled (.java).

src/main/resources is for everything else (images, .html, etc).

 

You will need to use jdk 11 for CAS 6.x.

 

Ray

 

On Fri, 2019-05-03 at 00:20 +0800, Doug Campbell wrote:

Correction.  I think I had things cached.  It doesn’t work to put the files in 
src/main/resources.

 

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Doug Campbell
Sent: Friday, May 3, 2019 12:06 AM
To: cas-user@apereo.org  
Subject: RE: [cas-user] Issue with LPPE and memcached ticket registry

 

Thanks guys this got me on the right track.

 

I first tried what Ray suggested but was having difficulties.  I then adjusted 
and tried Julien’s approach and saw success once I downgraded my Java version.  
I then went back and tried Ray’s suggestion and was successful except that I 
had to put the files in the src/main/resources directory not src/main/java.

 

Anyway, I think I am starting to understand this though I want to write myself 
some step-by-step instructions and will probably go ahead and post those back.

 

Appreciate your help!

 

Doug

 

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Thursday, May 2, 2019 4:51 PM
To: cas-user@apereo.org  
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

Ray I'm not sure that will work with the cas-overlay-template done with gradle.

On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :

- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install locally 
the change (command example to build this kind of module and to install it 
locally : ../../gradlew clean build install --configure-on-demand --build-cache 
--parallel -x test -x javadoc -x check --stacktrace 
-DskipNestedConfigMetadataGen=true -DskipGradleLint=true), like that your cas 
build from the cas-overlay-template will be able to use your change.

Julien

Le 01/05/2019 à 21:26, Ray Bon a écrit :

Doug,

 

I have not used docker image but suspect it operate the same way as a stand 
alone deploy.

You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war. 

https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html 

 

Ray

 

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:

Thanks Julien.

 

I think I understand what is needed to be done for registering the missing 
class but I have no idea how to deploy a change to test it.  I’m using the 
cas-webapp-docker to deploy to Docker using cas-overlay-template.  If were able 
to give me some pointers as to how to test these changes I would go ahead and 
try to make this work on the 6.0.x branch.

 

Doug

 

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Tuesday, April 30, 2019 5:47 PM
To: cas-user@apereo.org  
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

Hi,

To fix your problem you have to register the missing class, here is a PR to get 
as example to register some missing class  
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?

After my point of view is that's a problem that KRYO need to register all class 
to serialize them, but it doesn't seem to have an other way. After there is a 
good beneit to use KRYO as his serialization is more efficient than the default 
one.

Thanks,

Julien

Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :

Doug, thank you very much for your feedback and the workaround. That does, 
indeed, fix the immediate issue at hand. Hopefully the Kryo serialization issue 
will be resolved soon.

 

Thanks again!

--Gary


--

Gary Windham

Principal Enterprise Systems Architect

University Information Technology Services 

The University of Arizona

 

Email: windh...@email.arizona.edu  

Office: +1 520 626 5981

 

 

On Sun, Apr 28, 2019 at 8:26 PM Doug Campbell mailto:wdouglascampb...@gmail.com> > wrote:

I don’t know if this is an ideal workaround but I found in my case if I changed 
the transcoder setting from KYRO to SERIAL that everything starting working 
great.

 

ca

Re: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Ray Bon

Doug,

What is the file(s) that you want to modify?
src/main/java is for files that get compiled (.java).
src/main/resources is for everything else (images, .html, etc).

You will need to use jdk 11 for CAS 6.x.

Ray

On Fri, 2019-05-03 at 00:20 +0800, Doug Campbell wrote:
Correction.  I think I had things cached.  It doesn’t work to put the files in 
src/main/resources.

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Doug 
Campbell
Sent: Friday, May 3, 2019 12:06 AM
To: cas-user@apereo.org
Subject: RE: [cas-user] Issue with LPPE and memcached ticket registry

Thanks guys this got me on the right track.

I first tried what Ray suggested but was having difficulties.  I then adjusted 
and tried Julien’s approach and saw success once I downgraded my Java version.  
I then went back and tried Ray’s suggestion and was successful except that I 
had to put the files in the src/main/resources directory not src/main/java.

Anyway, I think I am starting to understand this though I want to write myself 
some step-by-step instructions and will probably go ahead and post those back.

Appreciate your help!

Doug

From: cas-user@apereo.org 
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Thursday, May 2, 2019 4:51 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry


Ray I'm not sure that will work with the cas-overlay-template done with gradle.

On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :

- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install locally 
the change (command example to build this kind of module and to install it 
locally : ../../gradlew clean build install --configure-on-demand --build-cache 
--parallel -x test -x javadoc -x check --stacktrace 
-DskipNestedConfigMetadataGen=true -DskipGradleLint=true), like that your cas 
build from the cas-overlay-template will be able to use your change.

Julien
Le 01/05/2019 à 21:26, Ray Bon a écrit :
Doug,

I have not used docker image but suspect it operate the same way as a stand 
alone deploy.
You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war.
https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html

Ray

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:
Thanks Julien.

I think I understand what is needed to be done for registering the missing 
class but I have no idea how to deploy a change to test it.  I’m using the 
cas-webapp-docker to deploy to Docker using cas-overlay-template.  If were able 
to give me some pointers as to how to test these changes I would go ahead and 
try to make this work on the 6.0.x branch.

Doug

From: cas-user@apereo.org 
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Tuesday, April 30, 2019 5:47 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry


Hi,

To fix your problem you have to register the missing class, here is a PR to get 
as example to register some missing class  
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?

After my point of view is that's a problem that KRYO need to register all class 
to serialize them, but it doesn't seem to have an other way. After there is a 
good beneit to use KRYO as his serialization is more efficient than the default 
one.

Thanks,

Julien
Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :
Doug, thank you very much for your feedback and the workaround. That does, 
indeed, fix the immediate issue at hand. Hopefully the Kryo serialization issue 
will be resolved soon.

Thanks again!
--Gary

--

Gary Windham

Principal Enterprise Systems Architect

University Information Technology Services

The University of Arizona



Email: windh...@email.arizona.edu

Office: +1 520 626 5981


On Sun, Apr 28, 2019 at 8:26 PM Doug Campbell 
mailto:wdouglascampb...@gmail.com>> wrote:
I don’t know if this is an ideal workaround but I found in my case if I changed 
the transcoder setting from KYRO to SERIAL that everything starting working 
great.

cas.ticket.registry.memcached.transcoder: SERIAL

In the documentation it recommends using KYRO stating “This component is 
recommended over the default Java serialization mechanism since it produces 
much more compact data, which benefits both storage requirements and 
throughput.”  There are two other options as well:  WHALIN and WHALINV1.

I am not sure if it really matters which one but since the use of KYRO seems 
buggy maybe the recommendation for using it is no longer the best.


From: cas-user@apereo.org

RE: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Doug Campbell

Correction.  I think I had things cached.  It doesn’t work to put the files in 
src/main/resources.

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Doug 
Campbell
Sent: Friday, May 3, 2019 12:06 AM
To: cas-user@apereo.org
Subject: RE: [cas-user] Issue with LPPE and memcached ticket registry

Thanks guys this got me on the right track.

I first tried what Ray suggested but was having difficulties.  I then adjusted 
and tried Julien’s approach and saw success once I downgraded my Java version.  
I then went back and tried Ray’s suggestion and was successful except that I 
had to put the files in the src/main/resources directory not src/main/java.

Anyway, I think I am starting to understand this though I want to write myself 
some step-by-step instructions and will probably go ahead and post those back.

Appreciate your help!

Doug

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Thursday, May 2, 2019 4:51 PM
To: cas-user@apereo.org  
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

Ray I'm not sure that will work with the cas-overlay-template done with gradle.

On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :

- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install locally 
the change (command example to build this kind of module and to install it 
locally : ../../gradlew clean build install --configure-on-demand --build-cache 
--parallel -x test -x javadoc -x check --stacktrace 
-DskipNestedConfigMetadataGen=true -DskipGradleLint=true), like that your cas 
build from the cas-overlay-template will be able to use your change.

Julien

Le 01/05/2019 à 21:26, Ray Bon a écrit :

Doug,

I have not used docker image but suspect it operate the same way as a stand 
alone deploy.

You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war. 

https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html 

Ray

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:

Thanks Julien.

I think I understand what is needed to be done for registering the missing 
class but I have no idea how to deploy a change to test it.  I’m using the 
cas-webapp-docker to deploy to Docker using cas-overlay-template.  If were able 
to give me some pointers as to how to test these changes I would go ahead and 
try to make this work on the 6.0.x branch.

Doug

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Tuesday, April 30, 2019 5:47 PM
To: cas-user@apereo.org  
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

Hi,

To fix your problem you have to register the missing class, here is a PR to get 
as example to register some missing class  
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?

After my point of view is that's a problem that KRYO need to register all class 
to serialize them, but it doesn't seem to have an other way. After there is a 
good beneit to use KRYO as his serialization is more efficient than the default 
one.

Thanks,

Julien

Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :

Doug, thank you very much for your feedback and the workaround. That does, 
indeed, fix the immediate issue at hand. Hopefully the Kryo serialization issue 
will be resolved soon.

Thanks again!

--Gary

--

Gary Windham

Principal Enterprise Systems Architect

University Information Technology Services 

The University of Arizona

Email: windh...@email.arizona.edu  

Office: +1 520 626 5981

On Sun, Apr 28, 2019 at 8:26 PM Doug Campbell mailto:wdouglascampb...@gmail.com> > wrote:

I don’t know if this is an ideal workaround but I found in my case if I changed 
the transcoder setting from KYRO to SERIAL that everything starting working 
great.

cas.ticket.registry.memcached.transcoder: SERIAL

In the documentation it recommends using KYRO stating “This component is 
recommended over the default Java serialization mechanism since it produces 
much more compact data, which benefits both storage requirements and 
throughput.”  There are two other options as well:  WHALIN and WHALINV1.

I am not sure if it really matters which one but since the use of KYRO seems 
buggy maybe the recommendation for using it is no longer the best.

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org  ] On Behalf Of Doug 
Campbell
Sent: Monday, April 29, 2019 10:36 AM
To: cas-user@apereo.org

RE: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Doug Campbell

Thanks guys this got me on the right track.

 

I first tried what Ray suggested but was having difficulties.  I then adjusted 
and tried Julien’s approach and saw success once I downgraded my Java version.  
I then went back and tried Ray’s suggestion and was successful except that I 
had to put the files in the src/main/resources directory not src/main/java.

 

Anyway, I think I am starting to understand this though I want to write myself 
some step-by-step instructions and will probably go ahead and post those back.

 

Appreciate your help!

 

Doug

 

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Julien 
Gribonvald
Sent: Thursday, May 2, 2019 4:51 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

Ray I'm not sure that will work with the cas-overlay-template done with gradle.

On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :

- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install locally 
the change (command example to build this kind of module and to install it 
locally : ../../gradlew clean build install --configure-on-demand --build-cache 
--parallel -x test -x javadoc -x check --stacktrace 
-DskipNestedConfigMetadataGen=true -DskipGradleLint=true), like that your cas 
build from the cas-overlay-template will be able to use your change.

Julien

Le 01/05/2019 à 21:26, Ray Bon a écrit :

Doug,

 

I have not used docker image but suspect it operate the same way as a stand 
alone deploy.

You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war. 

https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html 

 

Ray

 

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:

Thanks Julien.

 

I think I understand what is needed to be done for registering the missing 
class but I have no idea how to deploy a change to test it.  I’m using the 
cas-webapp-docker to deploy to Docker using cas-overlay-template.  If were able 
to give me some pointers as to how to test these changes I would go ahead and 
try to make this work on the 6.0.x branch.

 

Doug

 

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org] On Behalf Of Julien Gribonvald
Sent: Tuesday, April 30, 2019 5:47 PM
To: cas-user@apereo.org  
Subject: Re: [cas-user] Issue with LPPE and memcached ticket registry

 

Hi,

To fix your problem you have to register the missing class, here is a PR to get 
as example to register some missing class  
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?

After my point of view is that's a problem that KRYO need to register all class 
to serialize them, but it doesn't seem to have an other way. After there is a 
good beneit to use KRYO as his serialization is more efficient than the default 
one.

Thanks,

Julien

Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :

Doug, thank you very much for your feedback and the workaround. That does, 
indeed, fix the immediate issue at hand. Hopefully the Kryo serialization issue 
will be resolved soon.

 

Thanks again!

--Gary


--

Gary Windham

Principal Enterprise Systems Architect

University Information Technology Services 

The University of Arizona

 

Email: windh...@email.arizona.edu  

Office: +1 520 626 5981

 

 

On Sun, Apr 28, 2019 at 8:26 PM Doug Campbell mailto:wdouglascampb...@gmail.com> > wrote:

I don’t know if this is an ideal workaround but I found in my case if I changed 
the transcoder setting from KYRO to SERIAL that everything starting working 
great.

 

cas.ticket.registry.memcached.transcoder: SERIAL

 

In the documentation it recommends using KYRO stating “This component is 
recommended over the default Java serialization mechanism since it produces 
much more compact data, which benefits both storage requirements and 
throughput.”  There are two other options as well:  WHALIN and WHALINV1.

 

I am not sure if it really matters which one but since the use of KYRO seems 
buggy maybe the recommendation for using it is no longer the best.

 

 

From: cas-user@apereo.org   
[mailto:cas-user@apereo.org  ] On Behalf Of Doug 
Campbell
Sent: Monday, April 29, 2019 10:36 AM
To: cas-user@apereo.org  
Subject: RE: [cas-user] Issue with LPPE and memcached ticket registry

 

Gary,

 

I don’t have an answer but I saw this same error yesterday when I was testing 
proxy authentication on my CAS 6.0.3 test setup.  In my case I haven’t 
configured LPPE.  I did try disabling it just now but that seemed to have no 
effect as the error still occurs.  In my case

Re: [cas-user] clearpass in clustermode

2019-05-02 Thread Ray Bon

Andreas,

With ehcache we observed behaviour like this. The time required with 
replication was greater than the client request time (which went to a different 
server in the cluster). When we switched to hazelcast (which is in memory but 
not replicated), those problems went away.

Ray

On Thu, 2019-05-02 at 03:11 -0700, Andreas Zschorn wrote:
Hello together,

we are running cas 6.0.3 in cluster mode with an dynamodb as ticket storage.
For one legacy application we enabled clearpass.
https://apereo.github.io/cas/6.0.x/integration/ClearPass.html

So far it works, but clearpass works only if 1 cluster node is active. 
Otherwise the credential object is null on client side.

I have the feeling, that the credential object is only saved (cached) in 
memory, so clear pass will not work in cluster mode, because the service ticket 
validation is a separate call from the service, so sticky sessions will not 
work.

I clould also not find any table in the dynamodb, which contains the credential.

Is this observation correct?

An  productive SSO  authentication server not running in HA cluster mode is 
prohibitive.

Has anyone a solution to get clearpass running in cluster mode? Perhaps a 
replication via hazelcast?

Thanks for any input.
Andreas



--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dc20857aba0392c945e83207af3e21ec80c13b14.camel%40uvic.ca.

[cas-user] clearpass in clustermode

2019-05-02 Thread Andreas Zschorn

Hello together,

we are running cas 6.0.3 in cluster mode with an dynamodb as ticket storage.
For one legacy application we enabled clearpass.
https://apereo.github.io/cas/6.0.x/integration/ClearPass.html

So far it works, but clearpass works only if 1 cluster node is active. 
Otherwise the credential object is null on client side.

I have the feeling, that the credential object is only saved (cached) in 
memory, so clear pass will not work in cluster mode, because the service 
ticket validation is a separate call from the service, so sticky sessions 
will not work.

I clould also not find any table in the dynamodb, which contains the 
credential.

Is this observation correct?

An  productive SSO  authentication server not running in HA cluster mode is 
prohibitive.

Has anyone a solution to get clearpass running in cluster mode? Perhaps a 
replication via hazelcast?

Thanks for any input.
Andreas


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cce87e8f-31e6-4b4f-8673-95c058b76379%40apereo.org.

Re: [cas-user] Issue with LPPE and memcached ticket registry

2019-05-02 Thread Julien Gribonvald

Ray I'm not sure that will work with the cas-overlay-template done with 
gradle.


On my side I cloned the CAS repository following the documentation and I 
publish to my nexus, but with docker :


- clone the cas project and apply change and publish them to your git repo

- clone this git repo on your docker file and run commands like locally 
following the doc, inside the module you will have to build and install 
locally the change (command example to build this kind of module and to 
install it locally : ../../gradlew clean build install 
--configure-on-demand --build-cache --parallel -x test -x javadoc -x 
check --stacktrace -DskipNestedConfigMetadataGen=true 
-DskipGradleLint=true), like that your cas build from the 
cas-overlay-template will be able to use your change.


Julien

Le 01/05/2019 à 21:26, Ray Bon a écrit :

Doug,

I have not used docker image but suspect it operate the same way as a 
stand alone deploy.
You create your package/class(es) in src/main/java (in root of project 
directory). It will get built and placed in the war.
https://apereo.github.io/cas/5.3.x/installation/Maven-Overlay-Installation.html 



Ray

On Wed, 2019-05-01 at 17:09 +0800, Doug Campbell wrote:


Thanks Julien.

I think I understand what is needed to be done for registering the 
missing class but I have no idea how to deploy a change to test it.  
I’m using the cas-webapp-docker to deploy to Docker using 
cas-overlay-template.  If were able to give me some pointers as to 
how to test these changes I would go ahead and try to make this work 
on the 6.0.x branch.


Doug

*From:*cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of 
*Julien Gribonvald

*Sent:* Tuesday, April 30, 2019 5:47 PM
*To:* cas-user@apereo.org
*Subject:* Re: [cas-user] Issue with LPPE and memcached ticket registry

Hi,

To fix your problem you have to register the missing class, here is a 
PR to get as example to register some missing class 
https://github.com/apereo/cas/pull/3857/files. So you can contribute ?


After my point of view is that's a problem that KRYO need to register 
all class to serialize them, but it doesn't seem to have an other 
way. After there is a good beneit to use KRYO as his serialization is 
more efficient than the default one.


Thanks,

Julien

Le 29/04/2019 à 05:51, Windham, Gary D - (windhamg) a écrit :

Doug, thank you very much for your feedback and the workaround. That 
does, indeed, fix the immediate issue at hand. Hopefully the Kryo 
serialization issue will be resolved soon.


Thanks again!

--Gary

*--*

*Gary Windham*

Principal Enterprise Systems Architect

University Information Technology Services

The University of Arizona

Email: windh...@email.arizona.edu 

Office: +1 520 626 5981

On Sun, Apr 28, 2019 at 8:26 PM Doug Campbell 
mailto:wdouglascampb...@gmail.com>> wrote:


I don’t know if this is an ideal workaround but I found in my case 
if I changed the transcoder setting from KYRO to SERIAL that 
everything starting working great.


cas.ticket.registry.memcached.transcoder: SERIAL

In the documentation it recommends using KYRO stating “This 
component is recommended over the default Java serialization 
mechanism since it produces much more compact data, which benefits 
both storage requirements and throughput.”  There are two other 
options as well:  WHALIN and WHALINV1.


I am not sure if it really matters which one but since the use of 
KYRO seems buggy maybe the recommendation for using it is no longer 
the best.


*From:*cas-user@apereo.org  
[mailto:cas-user@apereo.org ] *On 
Behalf Of *Doug Campbell

*Sent:* Monday, April 29, 2019 10:36 AM
*To:* cas-user@apereo.org 
*Subject:* RE: [cas-user] Issue with LPPE and memcached ticket registry

Gary,

I don’t have an answer but I saw this same error yesterday when I 
was testing proxy authentication on my CAS 6.0.3 test setup. In my 
case I haven’t configured LPPE.  I did try disabling it just now 
but that seemed to have no effect as the error still occurs. In my 
case I am using spymemcache and not AWS Elasticache.  For now I 
have switched back to the default InMemory ticket registry and 
proxy authentication works fine with that.


If I figured out anything I will let you know and if you discover a 
solution please do report back.


Thanks!

*From:*cas-user@apereo.org  
[mailto:cas-user@apereo.org] *On Behalf Of *Windham, Gary D - 
(windhamg)

*Sent:* Monday, April 29, 2019 9:28 AM
*To:* cas-user@apereo.org 
*Subject:* [cas-user] Issue with LPPE and memcached ticket registry

Hi all,

I've been building/testing CAS v6.1.0 (HEAD), and was getting along 
fairly well until I ran into an error with LPPE and the memcached 
ticket registry I'm using.


I am using 389 Directory server for LDAP authentication and have 
password policy configured as follows:


# LDAP Pas

Re: [cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

Re: [cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

[cas-user] CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

[cas-user] Database Audits

Re: [cas-user] Issue with LPPE and memcached ticket registry

RE: [cas-user] Issue with LPPE and memcached ticket registry

Re: [cas-user] Issue with LPPE and memcached ticket registry

[cas-user] Re: CAS 6.0.3 - The request was rejected because the URL was not normalized.

RE: [cas-user] Issue with LPPE and memcached ticket registry

Re: [cas-user] Issue with LPPE and memcached ticket registry

RE: [cas-user] Issue with LPPE and memcached ticket registry

Re: [cas-user] Issue with LPPE and memcached ticket registry

RE: [cas-user] Issue with LPPE and memcached ticket registry

RE: [cas-user] Issue with LPPE and memcached ticket registry

Re: [cas-user] clearpass in clustermode

[cas-user] clearpass in clustermode

Re: [cas-user] Issue with LPPE and memcached ticket registry

17 matches

Site Navigation

Mail list logo

Footer information