Ray, To answer your question. Yes there are two tomcat servers running the application and load balancer switches between the servers. I will check with the Run team for clustering or setting load balancer to be sticky.
Travis, Yes the encryption keys are copied across the servers so they are same. Anyhow I will verify that once as well. Regards, Jay On Friday, May 18, 2018 at 9:44:44 PM UTC+5:30, Travis Schmidt wrote: > > Do you have the same webflow encryption keys set in each of the config > files on the different servers? If the property is not present the server > generates it's own on each server at start up, resulting in each server not > understanding the other. > > > > On Fri, May 18, 2018 at 8:39 AM Ray Bon <[email protected] <javascript:>> > wrote: > >> Jay, >> >> Are there multiple CAS servers? Could this be a result of the load >> balancer switching between CAS servers for each request (load form, post >> form)? >> You may need to cluster your tomcats or set load balancer to be sticky. >> >> Ray >> >> On Thu, 2018-05-17 at 22:42 -0700, Jay wrote: >> >> Hi Ray, >> >> >> Yes, it does not allow the user to be validated and login successfully. >> It redirects back to login page only. >> >> Any suggestion to look into specifically. >> >> We see this issue when we hit the load balance url but not when we >> directly access the server url. >> >> Thanks, >> Jay >> >> On Thursday, May 17, 2018 at 11:46:17 AM UTC-5, rbon wrote: >> >> Jay, >> >> I seem to recall a message like this was produced because of a 'feature' >> to clear out the flow if it sat for too long. It would show up periodically >> and had no bearing on how long the user took to log in. >> Does it cause a problem? >> >> Ray >> >> On Thu, 2018-05-17 at 01:16 -0700, Jay wrote: >> >> Hello everyone, >> >> We have CAS application running in Tomcat in two different instances and >> load balanced by a F5 url. >> Any application is configured with the F5 url for login authentication >> and authorization. >> >> We have customized the url to *https://<cas.server>/las/v3/login* >> (Naming the war file as *las#v3.war* sets the context path here) >> >> When I use individual server instance login/logout works absolutely fine. >> (i.e. *<cas.server.instance1>:<port>/las/v3/login* ) >> >> We see below error after we give the user credential and clink on login >> button. >> >> 2018-05-17 01:49:36,786 DEBUG >> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <*Error getting >> flow information for URL* >> [/las/v3/login?service=http%3A%2F%2Flocalhost%3A3001%2Flogin%3Fdestination%3D%252Fconfiguration%252Faccounts%252F34864%252FproductLines%252FPrismPostPD%252Ftemplates%252F311]> >> >> [m >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepositoryException: >> Error decoding flow execution >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:99) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) >> >> ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_31] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_31] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_31] >> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at com.sun.proxy.$Proxy165.resumeExecution(Unknown Source) ~[?:?] >> at >> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) >> >> ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) >> ~[servlet-api.jar:?] >> at >> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) >> >> ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) >> ~[servlet-api.jar:?] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> ~[tomcat-websocket.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:30) >> >> ~[cas-server-core-web-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:237) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94) >> >> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) >> >> ~[spring-boot-actuator-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91) >> >> ~[cas-server-core-logging-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) >> >> ~[spring-boot-actuator-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> >> ~[spring-web-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108) >> >> ~[spring-boot-1.5.9.RELEASE.jar:1.5.9.RELEASE] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66) >> >> ~[inspektr-common-1.8.1.GA.jar:1.8.1.GA] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) >> >> ~[log4j-web-2.10.0.jar:2.10.0] >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) >> >> ~[catalina.jar:8.0.29] >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) >> ~[catalina.jar:8.0.29] >> at >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:277) >> >> ~[tomcat-coyote.jar:8.0.29] >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> >> ~[?:1.8.0_31] >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> >> ~[?:1.8.0_31] >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> >> ~[tomcat-util.jar:8.0.29] >> at java.lang.Thread.run(Thread.java:745) [?:1.8.0_31] >> Caused by: java.io.IOException: Decryption error >> at >> org.apereo.spring.webflow.plugin.EncryptedTranscoder.decode(EncryptedTranscoder.java:107) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:94) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> ... 90 more >> Caused by: java.lang.IllegalArgumentException: Null input buffer >> at javax.crypto.Cipher.doFinal(Cipher.java:2117) ~[?:1.8.0_25] >> at >> org.apereo.cas.util.cipher.BaseBinaryCipherExecutor.decode(BaseBinaryCipherExecutor.java:83) >> >> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apereo.cas.util.cipher.BaseBinaryCipherExecutor.decode(BaseBinaryCipherExecutor.java:30) >> >> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_31] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_31] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_31] >> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at com.sun.proxy.$Proxy161.decode(Unknown Source) ~[?:?] >> at >> org.apereo.cas.web.flow.executor.WebflowCipherBean.decrypt(WebflowCipherBean.java:36) >> >> ~[cas-server-core-webflow-api-5.3.0-RC2.jar:5.3.0-RC2] >> at >> org.apereo.spring.webflow.plugin.EncryptedTranscoder.decode(EncryptedTranscoder.java:105) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:94) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> ... 90 more >> >> >> Any help in this regards would be much appreciated. >> >> Thanks, >> Jay >> >> -- >> Ray Bon >> Programmer analyst >> Development Services, University Systems2507218831 | CLE 019 | [email protected] >> >> >> -- >> Ray Bon >> Programmer analyst >> Development Services, University Systems >> >> 2507218831 | CLE 019 | [email protected] <javascript:> >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526657965.1817.99.camel%40uvic.ca >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526657965.1817.99.camel%40uvic.ca?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2444709a-060e-4d1f-ace9-cfccd80e7c94%40apereo.org.
