Hi Misagh thank you for your reply,
I made a mistake in the above pom artifact versions.
I will write down the 2 versions we have beeing using:
The new configuration pom (the one which throws that stacktrace) is:
<org.springframework.version>4.3.3.RELEASE</org.springframework.version>
<org.springframework.security.version>4.1.3.RELEASE</org.springframework.security.version>
<org.jasig.cas.client.cas-client-support-saml.version>3.4.1</org.jasig.cas.client.cas-client-support-saml.version>
<org.opensaml.opensaml.version>2.6.6</org.opensaml.opensaml.version>
<commons-codec.commons-codec.version>1.10</commons-codec.commons-codec.version>
<org.apache.santuario.xmlsec.version>1.5.7</org.apache.santuario.xmlsec.version>
SAML has no dependency on cas-client so we put version
2.6.6
The older version (the one we have to use in order to avoid the problems)
would be:
<org.springframework.version>4.2.2.RELEASE</org.springframework.version>
<org.springframework.security.version>4.0.3.RELEASE</org.springframework.security.version>
<org.jasig.cas.client.cas-client-core.version>3.3.3</org.jasig.cas.client.cas-client-core.version>
<org.opensaml.opensaml.version>1.1</org.opensaml.opensaml.version>
<commons-codec.commons-codec.version>1.5</commons-codec.commons-codec.version>
<org.apache.santuario.xmlsec.version>1.4.3</org.apache.santuario.xmlsec.version>
Thank you again
Manfredo
2016-11-22 21:25 GMT-03:00 Manfredo Hopp <[email protected]>:
> Hi, we have cas client applications using SAML 1.1 which we recently
> upgraded to SAML 1.1 V2.6.6.
>
> With one of these applications (= front end) we are experiencing problems
> when access through cas.
>
> These intermitent problems make this application unavailabe and we end
> changing the SAML version to its prior jar version. (1.1)
>
> We have Cas 4.0.1 installed and the client application is under
> spring/spring security (with srping security cas) version. Following is pom
> artifacts versions:
>
> <org.springframework.version>4.2.2.RELEASE</org.springframework.version>
> <org.springframework.security.version>4.0.3.RELEASE</org.
> springframework.security.version>
> <org.jasig.cas.client.cas-client-core.version>3.2.1</
> org.jasig.cas.client.cas-client-core.version>
> <org.opensaml.opensaml.version>2.6.6</org.opensaml.opensaml.version>
> <commons-codec.commons-codec.version>1.5</commons-codec.
> commons-codec.version>
> <org.apache.santuario.xmlsec.version>1.4.3</org.apache.
> santuario.xmlsec.version>
>
> Cas 4.0.1 version has opensaml-2.5.1-1.jar version.
> Could this difference in version generate some problem with clients or is
> there any other known issue on this configuration.
>
> Cas is running on tomcat .8.5.5 and application is under tomcat 6.0.45.
>
> Any comments on this would be greatly appreciated!
>
> Manfredo
>
>
>
> Stacktrace of problem
> =======================================================
> mensaje *IO error sending HTTP request to /samlValidate*descripción *El
> servidor encontró un error interno que hizo que no pudiera rellenar este
> requerimiento.*excepciónjava.lang.RuntimeException: IO error sending HTTP
> request to /samlValidate org.jasig.cas.client.validation.
> Saml11TicketValidator.retrieveResponseFromServer(
> Saml11TicketValidator.java:215) org.jasig.cas.client.validation.
> AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
> org.springframework.security.cas.authentication.CasAuthenticationProvider.
> authenticateNow(CasAuthenticationProvider.java:158)
> org.springframework.security.cas.authentication.CasAuthenticationProvider.
> authenticate(CasAuthenticationProvider.java:143)
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
> org.springframework.security.cas.web.CasAuthenticationFilter.
> attemptAuthentication(CasAuthenticationFilter.java:270)
> org.springframework.security.web.authentication.
> AbstractAuthenticationProcessingFilter.doFilter(
> AbstractAuthenticationProcessingFilter.java:212)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.authentication.logout.
> LogoutFilter.doFilter(LogoutFilter.java:121) org.springframework.security.
> web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.authentication.logout.
> LogoutFilter.doFilter(LogoutFilter.java:121) org.springframework.security.
> web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.header.HeaderWriterFilter.
> doFilterInternal(HeaderWriterFilter.java:66) org.springframework.web.
> filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.context.SecurityContextPersistenceFilt
> er.doFilter(SecurityContextPersistenceFilter.java:105)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(
> DelegatingFilterProxy.java:346) org.springframework.web.
> filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
> causa raízjava.io.IOException: Server returned HTTP response code: 403 for
> URL: https://my.domain/cas/samlValidate?TARGET=http%3A%
> 2F%2Fmy.domain%2Fauth%2Flogin%2Fcas
> <https://si.conicet.gov.ar/cas/samlValidate?TARGET=http%3A%2F%2Fsi.conicet.gov.ar%2Fauth%2Flogin%2Fcas>
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1627)
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(
> HttpsURLConnectionImpl.java:254) org.jasig.cas.client.validation.
> Saml11TicketValidator.retrieveResponseFromServer(
> Saml11TicketValidator.java:213) org.jasig.cas.client.validation.
> AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
> org.springframework.security.cas.authentication.CasAuthenticationProvider.
> authenticateNow(CasAuthenticationProvider.java:158)
> org.springframework.security.cas.authentication.CasAuthenticationProvider.
> authenticate(CasAuthenticationProvider.java:143)
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
> org.springframework.security.cas.web.CasAuthenticationFilter.
> attemptAuthentication(CasAuthenticationFilter.java:270)
> org.springframework.security.web.authentication.
> AbstractAuthenticationProcessingFilter.doFilter(
> AbstractAuthenticationProcessingFilter.java:212)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.authentication.logout.
> LogoutFilter.doFilter(LogoutFilter.java:121) org.springframework.security.
> web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.authentication.logout.
> LogoutFilter.doFilter(LogoutFilter.java:121) org.springframework.security.
> web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.header.HeaderWriterFilter.
> doFilterInternal(HeaderWriterFilter.java:66) org.springframework.web.
> filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.context.SecurityContextPersistenceFilt
> er.doFilter(SecurityContextPersistenceFilter.java:105)
> org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(
> DelegatingFilterProxy.java:346) org.springframework.web.
> filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
> nota *La traza completa de la causa de este error se encuentra en los
> archivos de diario de Apache Tomcat/6.0.45. <http://6.0.45.>*
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAB623R-X_O%2BriauA_%3DLHDE1Zso6VYuT88BcaRsiU50ZFmE5szg%40mail.gmail.com.
