Hello,
Still trying to understand if I missed something in login flow setup.
I switched to the original login flow that came with CAS 4.1.x, and forced
user to go to "success with warning" view, so that I can observe what
happens if user walks away for a while (in the middle of login flow), then,
come back and click on "continue".
This is what I noticed. the flow continues even after the idle session
timeout has elapsed. The reason it continues is because flow resumes
execution and flow variables are restored. Does that sound right?
This does not seem to be the case with CAS 3.5.x. With my login flow in CAS
3.5.x, I will be redirected to login page if I walked away in the middle
of login flow and come back and attempt to resume.
Here are the logs. Is this CAS question or Spring Web flow question? I am
just surprised that a flow can last that long, even after session expired.
2016-07-28 10:27:23,657 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - Null ModelAndView
returned to DispatcherServlet with name 'cas': assuming HandlerAdapter
completed request handling
2016-07-28 10:27:23,657 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - Successfully
completed request
2016-07-28 10:28:46,757 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2016-07-28 10:28:46,955 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 17 services.
2016-07-28 10:30:46,726 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2016-07-28 10:30:46,912 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 17 services.
2016-07-28 10:32:46,727 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2016-07-28 10:32:46,912 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 17 services.
2016-07-28 10:32:50,369 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - DispatcherServlet
with name 'cas' processing GET request for [/cas/login]
2016-07-28 10:32:50,370 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- Looking up handler method for path /login
2016-07-28 10:32:50,377 DEBUG
[org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]
- Did not find handler method for [/login]
2016-07-28 10:32:50,378 DEBUG
[org.springframework.webflow.mvc.servlet.FlowHandlerMapping] - Mapping
request with URI '/cas/login' to flow with id 'login'
2016-07-28 10:32:50,378 DEBUG
[org.springframework.web.servlet.DispatcherServlet] - Last-Modified value
for [/cas/login] is: -1
2016-07-28 10:32:50,379 DEBUG
[org.springframework.webflow.executor.FlowExecutorImpl] - Resuming flow
execution with key '996ee856-f8e1-4441-aa0b-2016-07-28 10:32:50,388 DEBUG
[org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl]
- Getting FlowDefinition with id 'login'
2016-07-28 10:32:50,388 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - Resuming in
org.springframework.webflow.mvc.servlet.MvcExternalContext@32685dcd
2016-07-28 10:32:50,388 DEBUG [org.springframework.webflow.engine.Flow] -
Restoring [FlowVariable@377ed8ad name = 'credential', valueFactory =
[BeanFactoryVariableValueFactory@68c36251 type =
UsernamePasswordCredential]]
2016-07-28 10:32:50,389 DEBUG
[org.springframework.webflow.mvc.view.AbstractMvcView] - Processing user
event 'proceed'
2016-07-28 10:32:50,389 DEBUG
[org.springframework.webflow.mvc.view.AbstractMvcView] - No model to bind
to; done processing user event
2016-07-28 10:32:50,389 DEBUG
[org.springframework.webflow.engine.ViewState] - Event 'proceed' returned
from view [ServletMvcView@61e65795 view =
org.springframework.web.servlet.view.JstlView: name 'casLoginMessageView';
URL [/WEB-INF/view/jsp/default/ui/casLoginMessageView.jsp]]
2016-07-28 10:32:50,389 DEBUG
[org.springframework.webflow.engine.Transition] - Executing
[Transition@59802969 on = proceed, to = serviceCheck]
2016-07-28 10:32:50,389 DEBUG
[org.springframework.webflow.engine.Transition] - Exiting state
'showMessages'
2016-07-28 10:32:50,390 DEBUG
[org.springframework.webflow.engine.DecisionState] - Entering state
'serviceCheck' of flow 'login'
2016-07-28 10:32:50,391 DEBUG
[org.springframework.webflow.engine.Transition] - Executing
[Transition@6d1eda66 on = *, to = viewGenericLoginSuccess]
2016-07-28 10:32:50,391 DEBUG
[org.springframework.webflow.engine.Transition] - Exiting state
'serviceCheck'
2016-07-28 10:32:50,391 DEBUG [org.springframework.webflow.engine.EndState]
- Entering state 'viewGenericLoginSuccess' of flow 'login'
2016-07-28 10:32:50,391 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - Executing
[EvaluateAction@4949682 expression =
genericSuccessViewAction.getAuthenticationPrincipal(flowScope.ticketGrantingTicketId),
resultExpression = requestScope.principal]
2016-07-28 10:32:50,391 DEBUG
[org.springframework.webflow.execution.AnnotatedAction] - Putting action
execution attributes map[[empty]]
2016-07-28 10:32:50,449 DEBUG
[org.springframework.webflow.execution.AnnotatedAction] - Clearing action
execution attributes map[[empty]]
2016-07-28 10:32:50,449 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - Finished executing
[EvaluateAction@4949682 expression =
genericSuccessViewAction.getAuthenticationPrincipal(flowScope.ticketGrantingTicketId),
resultExpression = requestScope.principal]; result = success
2016-07-28 10:32:50,449 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - Executing
org.springframework.webflow.action.ViewFactoryActionAdapter@6387ebfb
2016-07-28 10:32:50,450 DEBUG
[org.springframework.webflow.mvc.view.AbstractMvcView] - Rendering MVC
[org.springframework.web.servlet.view.JstlView: name
'casGenericSuccessView'; URL
[/WEB-INF/view/jsp/default/ui/casGenericSuccessView.jsp]] with model map
[{flowRequestContext=[RequestControlContextImpl@7f5597dd externalContext =
org.springframework.webflow.mvc.servlet.MvcExternalContext@32685dcd,
currentEvent = proceed, requestScope = map['principal' -> y], attributes =
map[[empty]], messageContext = [DefaultMessageContext@4c656f7a
sourceMessages = map[[null] -> list[[empty]]]], flowExecution =
[FlowExecutionImpl@1779d9c5 flow = 'login', flowSessions =
list[[FlowSessionImpl@40c8208d flow = 'login', state =
'viewGenericLoginSuccess', scope = map['service' -> [null],
'warnCookieValue' -> false, 'ticketGrantingTicketId' ->
'TGT-**********************************************XAUspgxjuc-localhost.dev.medplus.com',
'credential' -> y]]]]], flashScope=map[[empty]], principal=y,
currentUser=null, service=null, flowExecutionKey=996ee856-f8e1-4441-aa0b-
On Tuesday, July 26, 2016 at 2:12:39 PM UTC-4, Misagh Moayyed wrote:
>
> Your user is obviously and reportedly authenticated successfully.
> Otherwise you won’t see the login page. Examine your flow orchestration.
> Web flow/Web timeout setting are irrelevant here.
>
> --
> Misagh
>
> From: Yan Zhou <[email protected]> <javascript:>
> Reply: Yan Zhou <[email protected]> <javascript:>
> Date: July 26, 2016 at 10:20:52 AM
> To: CAS Community <[email protected]> <javascript:>
> Subject: [cas-user] Re: CAS web app does not idle timeout
>
>
> Hi, Misagh,
>
> Thanks, but, I was not talking about ticket timeout, etc.
>
> I extended CAS login flow, so that a first-time user will be required to
> change password, confirm his email address, etc., before he is
> authenticated successfully by CAS. If the user stops in the middle of the
> login flow, the app. does not timeout.
>
> He can go away for an hour and come back, everything still works. I was
> surprised by that, I thought my idle session timeout 15 minutes would have
> taken effective, and user will be redirected to login page, after he is
> gone for an hour and then attempts to continue on the flow.
>
> Do you have any insights into this?
>
> Thanks,
> Yan
>
> On Monday, July 25, 2016 at 5:27:26 PM UTC-4, Misagh Moayyed wrote:
>>
>> That's not how it works. See
>> https://apereo.github.io/cas/4.1.x/installation/Configuring-Ticket-Expiration-Policy.html
>>
>>
>> On Monday, July 25, 2016 at 12:17:17 PM UTC-7, Yan Zhou wrote:
>>>
>>> Hi there,
>>>
>>> I have a CAS 4.1.9 overlay setup, below is a section of my web.xml. CAS
>>> app should timeout in 15 minutes, but it does not.
>>>
>>> On the login page, I waited for 20 minutes, I can still login, CAS does
>>> not timeout.
>>>
>>> How can I debug this?
>>>
>>> <session-config>
>>> <session-timeout>15</session-timeout>
>>> <cookie-config>
>>> <name>CASSESSIONID</name>
>>> </cookie-config>
>>> </session-config>
>>>
>>>
>>> Thx,
>>> Yan
>>>
>>>
>>>
>>>
>>> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To post to this group, send email to [email protected] <javascript:>.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/05b0d01b-540c-408a-9dea-2171fa0c94fa%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/05b0d01b-540c-408a-9dea-2171fa0c94fa%40apereo.org?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
>
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1dbea0a1-8587-4290-9686-cae7db31439c%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
