Re: [cas-user] Re: Cas 5.1.6 to 5.20 JSON Service Theme Parameter Not Working as Expected

2017-12-12 Thread michael kromarek 
It would seem so.  It would also seem that even when pointing to a groovy
script for the theme, that works for login, but even though the correct
service is found on logout, it can't find the theme and goes with the
default.

On Sun, Dec 10, 2017 at 11:12 PM, Andy Ng  wrote:

> I also encounter this problem, working on CAS 5.2.0-RC4 and not worked on
> CAS 5.2.0,
>
> I think the problem lies in this file here: https://github.com/
> apereo/cas/blob/master/support/cas-server-support-
> themes/src/main/java/org/apereo/cas/services/web/
> RegisteredServiceThemeResolver.java
>
> On line 134, final Resource resource = ResourceUtils.getRawResourceFr
> om(rService.getTheme());
> - default will change the resource into a File Resource
>
> On line 135, if (resource instanceof FileSystemResource && resource.exists())
> {
> - Resource will exists even if it does not actually exists
>
> I don't have a concrete explanation, but maybe CAS 5.2.0 sees the file
> directory of our theme name, and misunderstood that resource exists?
>
> Maybe it is a bug.
>
> - Andy
>
>
>
> On Sunday, 10 December 2017 21:19:25 UTC+8, Mike Kromarek wrote:
>>
>> I recently upgraded from CAS 5.1.6 to 5.2.0 and noticed that the theme
>> parameter in my JSON service definitions is being treated as if it is a
>> reference to a groovy script and not the name of the theme to load.
>>
>> -- cas.properties --
>> ### -- Theme settings -- ###
>> cas.theme.paramName=theme
>> spring.thymeleaf.cache=false
>> spring.thymeleaf.prefix=classpath:/templates/
>>
>>
>> -- service definition (Example-1006.json)  --
>> {
>>  "@class" : "org.apereo.cas.services.RegexRegisteredService",
>>   "serviceId" : "^https://example.highline.edu/.*;,
>>   "name" : "Example",
>>   "id" : 1006,
>>   "theme": "canvas",
>>   "description" : "Example Service",
>>   "evaluationOrder" : 1,
>>   "usernameAttributeProvider" : {
>> "@class" : "org.apereo.cas.services.Princ
>> ipalAttributeRegisteredServiceUsernameProvider",
>> "usernameAttribute" : "sAMAccountName"
>>   }
>> }
>>
>> -- Relevent log section for accessing the service --
>> 2017-12-10 04:54:39,434 DEBUG 
>> [org.apereo.cas.web.view.CasReloadableMessageBundle]
>> - 
>> 2017-12-10 04:54:39,527 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - 
>> 2017-12-10 04:54:39,527 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - 
>> 2017-12-10 04:54:39,528 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - 
>> 2017-12-10 04:54:39,528 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - 
>> 2017-12-10 04:54:39,529 DEBUG 
>> [org.apereo.cas.services.web.ServiceThemeResolver]
>> - > Service,serviceId=^https://example.highline.edu/.*,usernameA
>> ttributeProvider=usernameAttribute=sAMAccountName,,theme=[canvas],
>> evaluationOrder=1,logoutType=BACK_CHANNEL,attributeReleaseP
>> olicy=org.apereo.cas.services.ReturnAllowedAttributeReleaseP
>> olicy@118e1bd0[attributeFilter=,principalAttributesRep
>> ository=org.apereo.cas.authentication.principal.Defau
>> ltPrincipalAttributesRepository@581f099[],authorizedToReleas
>> eCredentialPassword=false,authorizedToReleaseAuthenticationA
>> ttributes=true,authorizedToReleaseProxyGrantingTicket=false,
>> excludeDefaultAttributes=false,principalIdAttribute=,
>> consentPolicy=org.apereo.cas.services.consent.DefaultRegist
>> eredServiceConsentPolicy@1ad6e5d6[excludedAttributes=<
>> null>,includeOnlyAttributes=,enabled=true],allowedAtt
>> ributes=[]],accessStrategy=org.apereo.cas.services.Defaul
>> tRegisteredServiceAccessStrategy@7231b0de[enabled=true,
>> ssoEnabled=true,requireAllAttributes=true,requiredAttributes
>> ={},unauthorizedRedirectUrl=,caseInsensitive=false,re
>> jectedAttributes={}],publicKey=,proxyPolicy=org.
>> apereo.cas.services.RefuseRegisteredServiceProxyPolicy@
>> 2eaa006d,logo=,logoutUrl=,requiredHandlers=[],pr
>> operties={},multifactorPolicy=org.apereo.cas.services.Defaul
>> tRegisteredServiceMultifactorPolicy@130075d3[multifactorAuth
>> enticationProviders=[],failureMode=NOT_SET,principalA
>> ttributeNameTrigger=,principalAttributeValueToMatch=<
>> null>,bypassEnabled=false],informationUrl=,privacyUrl=
>> ,contacts=[],expirationPolicy=org.apereo.cas.services.
>> DefaultRegisteredServiceExpirationPolicy@198f4a12[deleteWhen
>> Expired=false,notifyWhenDeleted=false,expirationDate=],] is
>> configured to use a custom theme [[canvas]]>
>> 2017-12-10 04:54:39,529 DEBUG 
>> [org.apereo.cas.services.web.ServiceThemeResolver]
>> - > https://example.highline.edu/securityRealm/finishLogin]>
>> 2017-12-10 04:54:39,530 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - 
>> 2017-12-10 04:54:39,530 DEBUG 
>> [org.apereo.cas.services.web.ChainingThemeResolver]
>> - > [cas-theme-default}>
>>
>>
>> If I set the theme default via the cas.properties file to canvas, it
>> loads the correct theme (of course I don't want that theme to be the
>> default every where) and if I set the theme

[cas-user] Re: Cas 5.1.6 to 5.20 JSON Service Theme Parameter Not Working as Expected

2017-12-10 Thread Andy Ng 
I also encounter this problem, working on CAS 5.2.0-RC4 and not worked on 
CAS 5.2.0,

I think the problem lies in this file 
here: 
https://github.com/apereo/cas/blob/master/support/cas-server-support-themes/src/main/java/org/apereo/cas/services/web/RegisteredServiceThemeResolver.java

On line 134, final Resource resource = ResourceUtils.
getRawResourceFrom(rService.getTheme());
- default will change the resource into a File Resource

On line 135, if (resource instanceof FileSystemResource && resource.exists()) 
{
- Resource will exists even if it does not actually exists

I don't have a concrete explanation, but maybe CAS 5.2.0 sees the file 
directory of our theme name, and misunderstood that resource exists?

Maybe it is a bug.

- Andy


On Sunday, 10 December 2017 21:19:25 UTC+8, Mike Kromarek wrote:
>
> I recently upgraded from CAS 5.1.6 to 5.2.0 and noticed that the theme 
> parameter in my JSON service definitions is being treated as if it is a 
> reference to a groovy script and not the name of the theme to load.
>
> -- cas.properties --
> ### -- Theme settings -- ###
> cas.theme.paramName=theme
> spring.thymeleaf.cache=false
> spring.thymeleaf.prefix=classpath:/templates/
>
>
> -- service definition (Example-1006.json)  --
> {
>  "@class" : "org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "^https://example.highline.edu/.*;,
>   "name" : "Example",
>   "id" : 1006,
>   "theme": "canvas",
>   "description" : "Example Service",
>   "evaluationOrder" : 1,
>   "usernameAttributeProvider" : {
> "@class" : 
> "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
> "usernameAttribute" : "sAMAccountName"
>   }
> }
>
> -- Relevent log section for accessing the service --
> 2017-12-10 04:54:39,434 DEBUG 
> [org.apereo.cas.web.view.CasReloadableMessageBundle] -  [messages.properties] with encoding 'UTF-8'>
> 2017-12-10 04:54:39,527 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  resolve theme via [CookieThemeResolver]>
> 2017-12-10 04:54:39,527 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  resolve theme via [SessionThemeResolver]>
> 2017-12-10 04:54:39,528 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  resolve theme via [RequestHeaderThemeResolver]>
> 2017-12-10 04:54:39,528 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  resolve theme via [ServiceThemeResolver]>
> 2017-12-10 04:54:39,529 DEBUG 
> [org.apereo.cas.services.web.ServiceThemeResolver] -  [id=1006,name=Example,description=Example Service,serviceId=^
> https://example.highline.edu/.*,usernameAttributeProvider=usernameAttribute=sAMAccountName,,theme=[canvas],evaluationOrder=1,logoutType=BACK_CHANNEL,attributeReleasePolicy=org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy@118e1bd0[attributeFilter=,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@581f099[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseAuthenticationAttributes=true,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=,consentPolicy=org.apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy@1ad6e5d6[excludedAttributes=,includeOnlyAttributes=,enabled=true],allowedAttributes=[]],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@7231b0de[enabled=true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={},unauthorizedRedirectUrl=,caseInsensitive=false,rejectedAttributes={}],publicKey=,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@2eaa006d,logo=,logoutUrl=,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@130075d3[multifactorAuthenticationProviders=[],failureMode=NOT_SET,principalAttributeNameTrigger=,principalAttributeValueToMatch=,bypassEnabled=false],informationUrl=,privacyUrl=,contacts=[],expirationPolicy=org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy@198f4a12[deleteWhenExpired=false,notifyWhenDeleted=false,expirationDate=],]
>  
> is configured to use a custom theme [[canvas]]>
> 2017-12-10 04:54:39,529 DEBUG 
> [org.apereo.cas.services.web.ServiceThemeResolver] -  script to determine theme for [
> https://example.highline.edu/securityRealm/finishLogin]>
> 2017-12-10 04:54:39,530 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  resolve theme via [FixedThemeResolver]>
> 2017-12-10 04:54:39,530 DEBUG 
> [org.apereo.cas.services.web.ChainingThemeResolver] -  could be found. Using default theme [cas-theme-default}>
>
>
> If I set the theme default via the cas.properties file to canvas, it loads 
> the correct theme (of course I don't want that theme to be the default 
> every where) and if I set the theme property in my json service definition 
> to point to a groovy script that just returns "canvas", the correct theme 
> is loaded.
>
> Is there a configuration