Hello,
I'm doing some preliminary work on upgrading our cas integration from
version 6.0.4 to 6.1.0-RC5 and when I attempt to submit my credentials to
/login I get a stack overflow error.
2019-09-20 14:23:47,731 WARN [qtp1436347886-105]
org.eclipse.jetty.server.HttpChannel - /login
org.springframework.web.util.NestedServletException: Handler dispatch
failed; nested exception is java.lang.StackOverflowError
...
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:278)
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy230.buildTicketExpirationPolicy(Unknown Source)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.toTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:61)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.buildTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:43)
at jdk.internal.reflect.GeneratedMethodAccessor141.invoke(Unknown Source)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:278)
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy230.buildTicketExpirationPolicy(Unknown Source)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.toTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:61)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.buildTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:43)
at jdk.internal.reflect.GeneratedMethodAccessor141.invoke(Unknown Source)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:278)
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:499)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy230.buildTicketExpirationPolicy(Unknown Source)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.toTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:61)
at
org.apereo.cas.authentication.SurrogateAuthenticationExpirationPolicyBuilder.buildTicketExpirationPolicy(SurrogateAuthenticationExpirationPolicyBuilder.java:43)
at jdk.internal.reflect.GeneratedMethodAccessor141.invoke(Unknown Source)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
I did a bit of digging and it appears that the problem lies in
SurrogateAuthenticationConfiguration.java. In the 6.0.4 release, the
standard ticket granting policy is injected into
SurrogateAuthenticationConfiguration
as ticketGrantingTicketExpirationPolicy, and is used to create
the grantingTicketExpirationPolicy. In 6.1.0-RC5, the standard ticket
granting policy is injected as grantingTicketExpirationPolicy which is the
same name as the class is trying to build. From what I can tell, Spring
will then wire the bean into itself which leads to this infinite loop. I'm
not sure how to fix this issue so I figured I'd bring it up here rather
than as a PR on github.
6.0.4 SurrogateAuthenticationConfiguration.java
@Autowired
@Qualifier("ticketGrantingTicketExpirationPolicy")
private ObjectProvider<ExpirationPolicy> ticketGrantingTicketExpirationPolicy;
@Bean
public ExpirationPolicy grantingTicketExpirationPolicy() {
val defaultPolicy = ticketGrantingTicketExpirationPolicy.getIfAvailable();
val su = casProperties.getAuthn().getSurrogate();
val surrogatePolicy = new
HardTimeoutExpirationPolicy(su.getTgt().getTimeToKillInSeconds());
val policy = new SurrogateSessionExpirationPolicy(defaultPolicy);
policy.addPolicy(SurrogateSessionExpirationPolicy.PolicyTypes.SURROGATE,
surrogatePolicy);
policy.addPolicy(SurrogateSessionExpirationPolicy.PolicyTypes.DEFAULT,
defaultPolicy);
return policy;
}
6.1.0 SurrogateAuthenticationConfiguration.java
@Autowired
@Qualifier("grantingTicketExpirationPolicy")
private ObjectProvider<ExpirationPolicyBuilder> grantingTicketExpirationPolicy;
@Bean
@RefreshScope
public ExpirationPolicyBuilder grantingTicketExpirationPolicy() {
return new
SurrogateAuthenticationExpirationPolicyBuilder(grantingTicketExpirationPolicy.getIfAvailable(),
casProperties);
}
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5242e41b-95c4-458c-a552-73850a7483b5%40apereo.org.
