사용자 인증을 위해 CAS 5.2.0-RC3을 사용하고 있습니다 (REST 인증 공급자 사용). 지금은 디버깅을 위해 mock rest 서비스로 전환했습니다.CAS 5.2.0-RC3 Rest 암호 관리 웹 흐름
428 HTTP 코드 (암호 변경 강제)를 반환하면 웹 플로우 오류가 발생합니다. 암호 변경이 REST 끝점에서도 관리되도록 허용하려고합니다.
login-webflow.xml에 일련의 전환과 함께 handleauthenticationfailure에 대한 조치 상태를 추가해야합니까? CAS가 나를 위해이 일을해서는 안됩니까? (모든 로그인-webflow.xml 오버레이없이)
예외 :
나는 어떤 시점에서이 작업 상태를 추가 않았다 https://www.mail-archive.com/[email protected]/msg03913.html메일 링리스트에 여기에 표시
WHO: casuser
WHAT: Supplied credentials: [casuser]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Thu Oct 12 10:20:39 CEST 2017
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1
SERVER IP ADDRESS: 0:0:0:0:0:0:0:1
=============================================================
>
2017-10-12 10:20:39,711 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/cas] threw exception [Request processing failed; nested exception is org.springframework.webflow.execution.FlowExecutionException: Exception thrown in state 'handleAuthenticationFailure' of flow 'login'] with root cause>
java.lang.IllegalArgumentException: Cannot find state with id 'casMustChangePassView' in flow 'login' -- Known state ids are 'array<String>['initialAuthenticationRequestValidationCheck', 'ticketGrantingTicketCheck', 'initializeLoginForm', 'viewLoginForm', 'realSubmit', 'showAuthenticationWarningMessages', 'sendTicketGrantingTicket', 'viewRedirectToUnauthorizedUrlView', 'viewServiceErrorView', 'redirectView', 'postView', 'headerView', 'viewGenericLoginSuccess', 'showWarningView', 'finalizeWarning', 'serviceUnauthorizedCheck', 'serviceCheck', 'warn', 'gatewayRequestCheck', 'hasServiceCheck', 'renewRequestCheck', 'generateServiceTicket', 'terminateSession', 'gatewayServicesManagementCheck', 'serviceAuthorizationCheck', 'redirect', 'handleAuthenticationFailure', 'casAuthenticationBlockedView', 'casBadWorkstationView', 'casBadHoursView', 'casAccountLockedView', 'casAccountDisabledView', 'casPasswordUpdateSuccess', 'passwordChangeAction', 'casExpiredPassView', 'casResetPasswordSendInstructionsView', 'sendInstructions', 'casResetPasswordSentInstructionsView']'
at org.springframework.webflow.engine.Flow.getStateInstance(Flow.java:342) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE]
at org.springframework.webflow.engine.support.DefaultTargetStateResolver.resolveTargetState(DefaultTargetStateResolver.java:60) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE]
at org.springframework.webflow.engine.Transition.execute(Transition.java:218) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE]
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE]
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE]
와 상응하는 최종 상태/뷰 상태.
페이지가로드되지만이 상태에 대한 전송 전환이 페이지를 제출할 때 상태 목록에서 찾을 수 없다는 오류가 표시됩니다.
나는 봄에 대한 기본적인 지식 만 가지고있다.
내 application.properties :
##
#This is a test comment
# CAS Server Context Configuration
#
server.context-path=/cas
server.port=8443
#server.ssl.key-store=file:/etc/cas/thekeystore
#server.ssl.key-store-password=changeit
#server.ssl.key-password=changeit
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
# server.ssl.key-alias=
# server.ssl.key-store-provider=
# server.ssl.key-store-type=
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type=
server.max-http-header-size=2097152
server.use-forward-headers=true
server.connection-timeout=20000
server.error.include-stacktrace=NEVER
server.tomcat.max-http-post-size=2097152
server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
server.tomcat.max-threads=10
server.tomcat.port-header=X-Forwarded-Port
server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true
##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true
endpoints.enabled=false
endpoints.sensitive=true
endpoints.restart.enabled=false
endpoints.shutdown.enabled=false
management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false
security.basic.authorize-mode=role
security.basic.enabled=false
security.basic.path=/cas/status/**
##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE
##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=true
spring.thymeleaf.mode=HTML
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true
##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true
cas.webflow.autoconfigure=true
##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon
cas.authn.rest.uri=http://demo5038781.mockable.io/test_cas
cas.authn.rest.passwordEncoder.type=NONE
cas.authn.pm.enabled=true
cas.authn.pm.reset.securityQuestionsEnabled=false
cas.authn.pm.rest.endpointUrlEmail=http://demo0014279.mockable.io/test_cas
cas.authn.pm.rest.endpointUrlChange=http://demo7912226.mockable.io/test_cas
내 pom.xml 파일 :
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd ">
<modelVersion>4.0.0</modelVersion>
<groupId>de.kaso.itp</groupId>
<artifactId>cas-overlay</artifactId>
<packaging>war</packaging>
<version>1.0</version>
<build>
<plugins>
<plugin>
<groupId>com.rimerosolutions.maven.plugins</groupId>
<artifactId>wrapper-maven-plugin</artifactId>
<version>0.0.4</version>
<configuration>
<verifyDownload>true</verifyDownload>
<checksumAlgorithm>MD5</checksumAlgorithm>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot.version}</version>
<configuration>
<mainClass>org.springframework.boot.loader.WarLauncher</mainClass>
<addResources>true</addResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.6</version>
<configuration>
<warName>cas</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<recompressZippedFiles>false</recompressZippedFiles>
<archive>
<compress>false</compress>
<manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp${app.server}/META-INF/MANIFEST.MF
</manifestFile>
</archive>
<overlays>
<overlay>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp${app.server}</artifactId>
</overlay>
</overlays>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
</plugin>
</plugins>
<finalName>cas</finalName>
</build>
<dependencies>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp${app.server}</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-rest-authentication</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm-rest</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm-webflow</artifactId>
<version>${cas.version}</version>
</dependency>
</dependencies>
<properties>
<cas.version>5.2.0-RC3</cas.version>
<springboot.version>1.5.7.RELEASE</springboot.version>
<!-- app.server could be -jetty, -undertow, -tomcat, or blank if you plan
to provide appserver -->
<app.server>-tomcat</app.server>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<repositories>
<repository>
<id>sonatype-releases</id>
<url>http://oss.sonatype.org/content/repositories/releases/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>sonatype-snapshots</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
<releases>
<enabled>false</enabled>
</releases>
</repository>
<repository>
<id>shibboleth-releases</id>
<url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
</repository>
<repository>
<id>spring-milestones</id>
<url>https://repo.spring.io/milestone</url>
</repository>
</repositories>
<profiles>
<profile>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<id>pgp</id>
<build>
<plugins>
<plugin>
<groupId>com.github.s4u.plugins</groupId>
<artifactId>pgpverify-maven-plugin</artifactId>
<version>1.1.0</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
<configuration>
<pgpKeyServer>hkp://pool.sks-keyservers.net</pgpKeyServer>
<pgpKeysCachePath>${settings.localRepository}/pgpkeys-cache</pgpKeysCachePath>
<scope>test</scope>
<verifyPomFiles>true</verifyPomFiles>
<failNoSignature>false</failNoSignature>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
답장을 보내 주셔서 감사합니다. 간단히 말해서,이 기능은 내가 게시 할 때 릴리스되었습니다 (v5.1.5에서). 나는 interwebz 톤을 수색했지만 풀 요청에 대한 페이지를 놓쳤다. 당신의 도움을 주셔서 감사합니다! 너 멋지다! 편집 : v5.1.5에는 pm 지원 클래스에 대한 코드 구조가 훨씬 우수합니다. 명성! – fermatsmargin
PR에 5.2.0 RC4의 태그가 지정됩니다. 나는 변경 사항이 5.1.x로 역전되었는지 기억하지 못한다. 그것은 아마도 있었다. 현재 5.1.5로 시도해보고 차이점을 확인하십시오. –