For anyone else having this problem, the issue was fixed by running the webapp on a secure port (443,8443) w/ssl.
I was testing the new deployment outside of the load balancer which is why I was going directly to port 8080 (since i'm using ssl offloading via f5). Even though I specified http and port 8080 in the management.properties file I guess it still required ssl. On Thursday, November 10, 2016 at 4:35:28 PM UTC-5, John Stevens II wrote: > > Hey guys, > > I am running cas 5.0.0 with the following configuration: > > servlet: tomcat 8 > ticket registry: hazelcast > service registry: file system json > > > Authentication is working for cas via ldap and I can hit the url > http://cas.example.com/cas-management and it redirects me to the login > page with the service in the url but after I login I get redirected to > http://cas.example.com/ > > Been trying to figure this out for a while now, any help would be > appreciated. > > catalina.out: > > ============================================================= > WHO: user1 > WHAT: Supplied credentials: [user1] > ACTION: AUTHENTICATION_SUCCESS > APPLICATION: CAS > WHEN: Thu Nov 10 15:56:13 EST 2016 > CLIENT IP ADDRESS: 172.16.11.244 > SERVER IP ADDRESS: 10.1.25.157 > ============================================================= > > > > 2016-11-10 15:56:13,418 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: user1 > WHAT: TGT-********************************************** > vVuaVC2sDN-cas1.example.com > ACTION: TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Thu Nov 10 15:56:13 EST 2016 > CLIENT IP ADDRESS: 172.16.11.244 > SERVER IP ADDRESS: 10.1.25.157 > ============================================================= > > > > 2016-11-10 15:56:13,426 INFO > [org.apereo.cas.CentralAuthenticationServiceImpl] - <Granted ticket [ > ST-3-guRqQXD0BC7RWNXCAEfc-cas1.example.com] for service [ > http://cas1.example.com:8080/cas-management/callback?client_name=CasClient] > and principal [user1]> > 2016-11-10 15:56:13,427 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: user1 > WHAT: ST-3-guRqQXD0BC7RWNXCAEfc-cas1.example.com for > http://cas1.example.com:8080/cas-management/callback?client_name=CasClient > ACTION: SERVICE_TICKET_CREATED > APPLICATION: CAS > WHEN: Thu Nov 10 15:56:13 EST 2016 > CLIENT IP ADDRESS: 172.16.11.244 > SERVER IP ADDRESS: 10.1.25.157 > ============================================================= > > > > 2016-11-10 15:56:13,680 DEBUG > [org.springframework.boot.web.filter.OrderedRequestContextFilter] - <Bound > request context to thread: > org.apache.catalina.connector.RequestFacade@160e66fa> > 2016-11-10 15:56:13,681 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <DispatcherServlet > with name 'dispatcherServlet' processing GET request for > [/cas-management/callback]> > 2016-11-10 15:56:13,681 DEBUG > [org.springframework.boot.actuate.endpoint.mvc.EndpointHandlerMapping] - > <Looking up handler method for path /callback> > 2016-11-10 15:56:13,684 DEBUG > [org.springframework.boot.actuate.endpoint.mvc.EndpointHandlerMapping] - > <Did not find handler method for [/callback]> > 2016-11-10 15:56:13,684 DEBUG > [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] > > - <Looking up handler method for path /callback> > 2016-11-10 15:56:13,684 DEBUG > [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] > > - <Returning handler method [public void > org.pac4j.springframework.web.CallbackController.callback(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)]> > 2016-11-10 15:56:13,684 DEBUG > [org.springframework.beans.factory.support.DefaultListableBeanFactory] - > <Returning cached instance of singleton bean 'callbackController'> > 2016-11-10 15:56:13,684 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Last-Modified value > for [/cas-management/callback] is: -1> > 2016-11-10 15:56:13,703 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: user1 > WHAT: ST-3-guRqQXD0BC7RWNXCAEfc-cas1.example.com > ACTION: SERVICE_TICKET_VALIDATED > APPLICATION: CAS > WHEN: Thu Nov 10 15:56:13 EST 2016 > CLIENT IP ADDRESS: 10.1.25.157 > SERVER IP ADDRESS: 10.1.25.157 > ============================================================= > > > > 2016-11-10 15:56:13,733 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Null ModelAndView > returned to DispatcherServlet with name 'dispatcherServlet': assuming > HandlerAdapter completed request handling> > 2016-11-10 15:56:13,733 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Successfully > completed request> > 2016-11-10 15:56:13,733 DEBUG > [org.springframework.boot.web.filter.OrderedRequestContextFilter] - > <Cleared thread-bound request context: > org.apache.catalina.connector.RequestFacade@160e66fa> > 2016-11-10 15:56:44,727 DEBUG > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loading services > from JsonServiceRegistryDao> > 2016-11-10 15:56:44,729 DEBUG > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Adding registered > service ^(https|imaps|http)://.*> > 2016-11-10 15:56:44,729 INFO > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 1 services > from JsonServiceRegistryDao.> > 2016-11-10 15:57:04,710 INFO > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 1 services > from JsonServiceRegistryDao.> > 2016-11-10 15:57:05,825 INFO > [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <0 expired > tickets removed.> > 2016-11-10 15:57:08,380 WARN > [com.hazelcast.nio.tcp.TcpIpConnectionManager] - <[localhost]:5701 [dev] > [3.7.2] Wrong bind request from [cas2.example.com]:5701! This node is not > requested endpoint: [cas1.example.com]:5701> > 2016-11-10 15:57:44,729 DEBUG > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loading services > from JsonServiceRegistryDao> > 2016-11-10 15:57:44,730 DEBUG > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Adding registered > service ^(https|imaps|http)://.*> > 2016-11-10 15:57:44,730 INFO > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 1 services > from JsonServiceRegistryDao.> > 2016-11-10 15:58:04,711 INFO > [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 1 services > from JsonServiceRegistryDao.> > 2016-11-10 15:58:05,846 INFO > [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <0 expired > tickets removed.> > > management.properties: > > cas.server.name: http://cas1.example.com:8080 > cas.server.prefix: http://cas1.example.com:8080/cas > > cas.mgmt.adminRoles=ROLE_ADMIN > cas.mgmt.userPropertiesFile=file:/etc/cas/config/users.properties > cas.mgmt.serverName=http://cas1.example.com:8080 > > server.context-path=/cas-management > server.port=8080 > > cas.serviceRegistry.config.location=file:///etc/cas/services > > spring.thymeleaf.mode=HTML > logging.config=file:/etc/cas/config/log4j2.xml > > > cas.properties: > > #CAS Settings > cas.server.name=http://cas1.example.com:8080 > cas.server.prefix=${server.name}/cas > cas.host.name=cas1.example.com > cas.authn.accept.users= > > #Logging > logging.config=file:///etc/cas/log4j2.xml > > #LDAP > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].dnFormat=%[email protected] > cas.authn.ldap[0].ldapUrl=ldap://dc2.example.com > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=true > cas.authn.ldap[0].connectTimeout=5000 > cas.authn.ldap[0].baseDn=dc=example,dc=com > cas.authn.ldap[0].userFilter=sAMAccountName={user} > cas.authn.ldap[0].subtreeSearch=true > cas.authn.ldap[0].usePasswordPolicy=false > cas.authn.ldap[0].bindDn=cn=cas,ou=Service Accounts,dc=example,dc=com > cas.authn.ldap[0].bindCredential=secret > cas.authn.ldap[0].principalAttributeId=sAMAccountName > > cas.authn.ldap[0].principalAttributeList=sAMAccountName,sn,co,givenName,displayName,mail,department,telephoneNumber,title > cas.authn.ldap[0].trustCertificates=file:///etc/certs/dc2.crt > cas.authn.ldap[0].minPoolSize=3 > cas.authn.ldap[0].maxPoolSize=10 > cas.authn.ldap[0].validateOnCheckout=false > cas.authn.ldap[0].validatePeriodically=true > cas.authn.ldap[0].validatePeriod=600 > cas.authn.ldap[0].failFast=true > cas.authn.ldap[0].idleTime=5000 > cas.authn.ldap[0].prunePeriod=5000 > cas.authn.ldap[0].blockWaitTime=5000 > > #Not sure if we need this, verify > cas.personDirectory.principalAttribute=sAMAccountName > cas.personDirectory.returnNull=false > > #LDAP Attributes > cas.authn.attributeRepository.ldap.ldapUrl=ldap://dc2.example.com > cas.authn.attributeRepository.ldap.useSsl=false > cas.authn.attributeRepository.ldap.useStartTls=true > cas.authn.attributeRepository.ldap.connectTimeout=5000 > cas.authn.attributeRepository.ldap.baseDn=dc=example,dc=com > cas.authn.attributeRepository.ldap.userFilter=sAMAccountName={user} > cas.authn.attributeRepository.ldap.subtreeSearch=true > cas.authn.attributeRepository.ldap.bindDn=cn=cas,ou=Service > Accounts,dc=example,dc=com > cas.authn.attributeRepository.ldap.bindCredential=secret > cas.authn.attributeRepository.ldap.minPoolSize=3 > cas.authn.attributeRepository.ldap.maxPoolSize=10 > cas.authn.attributeRepository.ldap.validateOnCheckout=true > cas.authn.attributeRepository.ldap.validatePeriodically=true > cas.authn.attributeRepository.ldap.validatePeriod=600 > cas.authn.attributeRepository.ldap.failFast=true > cas.authn.attributeRepository.ldap.idleTime=500 > cas.authn.attributeRepository.ldap.prunePeriod=600 > cas.authn.attributeRepository.ldap.blockWaitTime=5000 > > #Hazelcast Ticket Registry > cas.ticket.registry.hazelcast.pageSize=500 > cas.ticket.registry.hazelcast.mapName=tickets > > #Service Registry > cas.serviceRegistry.config.location=file:///etc/cas/services > > > > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cdd52b8e-e3d9-4a38-8604-03fe287af96f%40apereo.org.
