Hi,
I'm trying to use cas version 5.0.0 as an openid connect server (on
localhost and http for the moment).
Code generation is ok but, I get the following error when I try to validate
the obtained code thanks /cas/oidc/access_token endpoint :
{"timestamp":1485791198745,"status":401,"error":"Unauthorized","message":"No
message available","path":"/cas/oidc/accessToken"}The logs don't say anything about the error : 2017-01-30 16:46:38,726 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <=== SECURITY ===> 2017-01-30 16:46:38,726 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <url: http://cas.idp.test.fr:8080/cas/oidc/accessToken> 2017-01-30 16:46:38,726 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <matchers: null> 2017-01-30 16:46:38,726 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <clients: clientBasicAuth,clientForm,userForm> 2017-01-30 16:46:38,726 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <currentClients: [#DirectBasicAuthClient# | name: clientBasicAuth | credentialsExtractor: null | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthClientAuthenticator@2d309cd1 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |, #DirectFormClient# | name: clientForm | usernameParameter: client_id | passwordParameter: client_secret | extractor: null | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthClientAuthenticator@2d309cd1 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |, #DirectFormClient# | name: userForm | usernameParameter: username | passwordParameter: password | extractor: null | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthUserAuthenticator@780f6639 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |]> 2017-01-30 16:46:38,728 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <loadProfilesFromSession: false> 2017-01-30 16:46:38,728 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <profiles: []> 2017-01-30 16:46:38,728 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <Performing authentication for direct client: #DirectBasicAuthClient# | name: clientBasicAuth | credentialsExtractor: null | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthClientAuthenticator@2d309cd1 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |> 2017-01-30 16:46:38,732 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <credentials: null> 2017-01-30 16:46:38,732 DEBUG [org.pac4j.http.client.direct.DirectBasicAuthClient] - <credentials : null> 2017-01-30 16:46:38,732 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <profile: null> 2017-01-30 16:46:38,732 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <Performing authentication for direct client: #DirectFormClient# | name: clientForm | usernameParameter: client_id | passwordParameter: client_secret | extractor: null | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthClientAuthenticator@2d309cd1 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <credentials: null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.http.client.direct.DirectFormClient] - <credentials : null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <profile: null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <Performing authentication for direct client: #DirectFormClient# | name: userForm | usernameParameter: username | passwordParameter: password | extractor: org.pac4j.core.credentials.extractor.FormExtractor@62f3a13a | authenticator: org.apereo.cas.support.oauth.authenticator.OAuthUserAuthenticator@780f6639 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@1be1a488 |> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <credentials: null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.http.client.direct.DirectFormClient] - <credentials : null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <profile: null> 2017-01-30 16:46:38,734 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <unauthorized> Does anybody already encouter this behaviour? I attach my pom.xml and cas.properties, maybe I miss something. Thanks! Regards, -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADopUgxZJ%3DksBS6zoBWhCXd8W4WUjTt-WMoBScfmO_rvYCffqQ%40mail.gmail.com.
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd "> <modelVersion>4.0.0</modelVersion> <groupId>org.apereo.cas</groupId> <artifactId>cas-overlay</artifactId> <packaging>war</packaging> <version>1.0</version> <build> <plugins> <plugin> <groupId>com.rimerosolutions.maven.plugins</groupId> <artifactId>wrapper-maven-plugin</artifactId> <version>0.0.4</version> <configuration> <verifyDownload>true</verifyDownload> <checksumAlgorithm>MD5</checksumAlgorithm> </configuration> </plugin> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> <version>${springboot.version}</version> <configuration> <mainClass>org.springframework.boot.loader.WarLauncher</mainClass> <addResources>true</addResources> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-war-plugin</artifactId> <version>2.6</version> <configuration> <warName>cas</warName> <failOnMissingWebXml>false</failOnMissingWebXml> <recompressZippedFiles>false</recompressZippedFiles> <archive> <compress>false</compress> <manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp/META-INF/MANIFEST.MF </manifestFile> </archive> <overlays> <overlay> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-webapp</artifactId> </overlay> </overlays> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.3</version> </plugin> </plugins> <finalName>cas</finalName> </build> <dependencies> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-webapp</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-cookie</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-generic</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-trusted-webflow</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-oidc</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-json-service-registry</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.apereo.inspektr</groupId> <artifactId>inspektr-aspects</artifactId> <version>1.5.GA</version> </dependency> </dependencies> <properties> <cas.version>5.0.0</cas.version> <springboot.version>1.4.2.RELEASE</springboot.version> <maven-jetty-plugin.version>9.3.6.v20151106</maven-jetty-plugin.version> <maven.compiler.source>1.8</maven.compiler.source> <maven.compiler.target>1.8</maven.compiler.target> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <repositories> <repository> <id>sonatype-releases</id> <url>http://oss.sonatype.org/content/repositories/releases/</url> <snapshots> <enabled>false</enabled> </snapshots> <releases> <enabled>true</enabled> </releases> </repository> <repository> <id>sonatype-snapshots</id> <url>https://oss.sonatype.org/content/repositories/snapshots/</url> <snapshots> <enabled>true</enabled> </snapshots> <releases> <enabled>false</enabled> </releases> </repository> <repository> <id>shibboleth-releases</id> <url>https://build.shibboleth.net/nexus/content/repositories/releases</url> </repository> <repository> <id>spring-milestones</id> <url>https://repo.spring.io/milestone</url> </repository> </repositories> <profiles> <profile> <activation> <activeByDefault>false</activeByDefault> </activation> <id>pgp</id> <build> <plugins> <plugin> <groupId>com.github.s4u.plugins</groupId> <artifactId>pgpverify-maven-plugin</artifactId> <version>1.1.0</version> <executions> <execution> <goals> <goal>check</goal> </goals> </execution> </executions> <configuration> <pgpKeyServer>hkp://pool.sks-keyservers.net</pgpKeyServer> <pgpKeysCachePath>${settings.localRepository}/pgpkeys-cache</pgpKeysCachePath> <scope>test</scope> <verifyPomFiles>true</verifyPomFiles> <failNoSignature>false</failNoSignature> </configuration> </plugin> </plugins> </build> </profile> </profiles> </project>
cas.properties
Description: Binary data
