CAS 5.2.0-RC3 Rest 암호 관리 웹 흐름

Question

사용자 인증을 위해 CAS 5.2.0-RC3을 사용하고 있습니다 (REST 인증 공급자 사용). 지금은 디버깅을 위해 mock rest 서비스로 전환했습니다.

428 HTTP 코드 (암호 변경 강제)를 반환하면 웹 플로우 오류가 발생합니다. 암호 변경이 REST 끝점에서도 관리되도록 허용하려고합니다.

login-webflow.xml에 일련의 전환과 함께 handleauthenticationfailure에 대한 조치 상태를 추가해야합니까? CAS가 나를 위해이 일을해서는 안됩니까? (모든 로그인-webflow.xml 오버레이없이)

예외 :

나는 어떤 시점에서이 작업 상태를 추가 않았다 https://www.mail-archive.com/cas-user@apereo.org/msg03913.html

메일 링리스트에 여기에 표시

WHO: casuser 
WHAT: Supplied credentials: [casuser] 
ACTION: AUTHENTICATION_FAILED 
APPLICATION: CAS 
WHEN: Thu Oct 12 10:20:39 CEST 2017 
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 
SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 
============================================================= 

> 
2017-10-12 10:20:39,711 ERROR [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas].[dispatcherServlet]] - <Servlet.service() for servlet [dispatcherServlet] in context with path [/cas] threw exception [Request processing failed; nested exception is org.springframework.webflow.execution.FlowExecutionException: Exception thrown in state 'handleAuthenticationFailure' of flow 'login'] with root cause> 
java.lang.IllegalArgumentException: Cannot find state with id 'casMustChangePassView' in flow 'login' -- Known state ids are 'array<String>['initialAuthenticationRequestValidationCheck', 'ticketGrantingTicketCheck', 'initializeLoginForm', 'viewLoginForm', 'realSubmit', 'showAuthenticationWarningMessages', 'sendTicketGrantingTicket', 'viewRedirectToUnauthorizedUrlView', 'viewServiceErrorView', 'redirectView', 'postView', 'headerView', 'viewGenericLoginSuccess', 'showWarningView', 'finalizeWarning', 'serviceUnauthorizedCheck', 'serviceCheck', 'warn', 'gatewayRequestCheck', 'hasServiceCheck', 'renewRequestCheck', 'generateServiceTicket', 'terminateSession', 'gatewayServicesManagementCheck', 'serviceAuthorizationCheck', 'redirect', 'handleAuthenticationFailure', 'casAuthenticationBlockedView', 'casBadWorkstationView', 'casBadHoursView', 'casAccountLockedView', 'casAccountDisabledView', 'casPasswordUpdateSuccess', 'passwordChangeAction', 'casExpiredPassView', 'casResetPasswordSendInstructionsView', 'sendInstructions', 'casResetPasswordSentInstructionsView']' 
     at org.springframework.webflow.engine.Flow.getStateInstance(Flow.java:342) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE] 
     at org.springframework.webflow.engine.support.DefaultTargetStateResolver.resolveTargetState(DefaultTargetStateResolver.java:60) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE] 
     at org.springframework.webflow.engine.Transition.execute(Transition.java:218) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE] 
     at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE] 
     at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214) ~[spring-webflow-2.4.5.RELEASE.jar!/:2.4.5.RELEASE] 

와 상응하는 최종 상태/뷰 상태.

페이지가로드되지만이 상태에 대한 전송 전환이 페이지를 제출할 때 상태 목록에서 찾을 수 없다는 오류가 표시됩니다.

나는 봄에 대한 기본적인 지식 만 가지고있다.

내 application.properties :

## 
#This is a test comment 
# CAS Server Context Configuration 
# 
server.context-path=/cas 
server.port=8443 

#server.ssl.key-store=file:/etc/cas/thekeystore 
#server.ssl.key-store-password=changeit 
#server.ssl.key-password=changeit 
# server.ssl.ciphers= 
# server.ssl.client-auth= 
# server.ssl.enabled= 
# server.ssl.key-alias= 
# server.ssl.key-store-provider= 
# server.ssl.key-store-type= 
# server.ssl.protocol= 
# server.ssl.trust-store= 
# server.ssl.trust-store-password= 
# server.ssl.trust-store-provider= 
# server.ssl.trust-store-type= 

server.max-http-header-size=2097152 
server.use-forward-headers=true 
server.connection-timeout=20000 
server.error.include-stacktrace=NEVER 

server.tomcat.max-http-post-size=2097152 
server.tomcat.basedir=build/tomcat 
server.tomcat.accesslog.enabled=true 
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms) 
server.tomcat.accesslog.suffix=.log 
server.tomcat.max-threads=10 
server.tomcat.port-header=X-Forwarded-Port 
server.tomcat.protocol-header=X-Forwarded-Proto 
server.tomcat.protocol-header-https-value=https 
server.tomcat.remote-ip-header=X-FORWARDED-FOR 
server.tomcat.uri-encoding=UTF-8 

spring.http.encoding.charset=UTF-8 
spring.http.encoding.enabled=true 
spring.http.encoding.force=true 

## 
# CAS Cloud Bus Configuration 
# 
spring.cloud.bus.enabled=false 
# spring.cloud.bus.refresh.enabled=true 
# spring.cloud.bus.env.enabled=true 
# spring.cloud.bus.destination=CasCloudBus 
# spring.cloud.bus.ack.enabled=true 

endpoints.enabled=false 
endpoints.sensitive=true 

endpoints.restart.enabled=false 
endpoints.shutdown.enabled=false 

management.security.enabled=true 
management.security.roles=ACTUATOR,ADMIN 
management.security.sessions=if_required 
management.context-path=/status 
management.add-application-context-header=false 

security.basic.authorize-mode=role 
security.basic.enabled=false 
security.basic.path=/cas/status/** 

## 
# CAS Web Application Session Configuration 
# 
server.session.timeout=300 
server.session.cookie.http-only=true 
server.session.tracking-modes=COOKIE 

## 
# CAS Thymeleaf View Configuration 
# 
spring.thymeleaf.encoding=UTF-8 
spring.thymeleaf.cache=true 
spring.thymeleaf.mode=HTML 
## 
# CAS Log4j Configuration 
# 
# logging.config=file:/etc/cas/log4j2.xml 
server.context-parameters.isLog4jAutoInitializationDisabled=true 

## 
# CAS AspectJ Configuration 
# 
spring.aop.auto=true 
spring.aop.proxy-target-class=true 

cas.webflow.autoconfigure=true 

## 
# CAS Authentication Credentials 
# 
#cas.authn.accept.users=casuser::Mellon 

cas.authn.rest.uri=http://demo5038781.mockable.io/test_cas 
cas.authn.rest.passwordEncoder.type=NONE 

cas.authn.pm.enabled=true 
cas.authn.pm.reset.securityQuestionsEnabled=false 

cas.authn.pm.rest.endpointUrlEmail=http://demo0014279.mockable.io/test_cas 
cas.authn.pm.rest.endpointUrlChange=http://demo7912226.mockable.io/test_cas 

내 pom.xml 파일 :

<?xml version="1.0" encoding="UTF-8"?> 
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd "> 
    <modelVersion>4.0.0</modelVersion> 
    <groupId>de.kaso.itp</groupId> 
    <artifactId>cas-overlay</artifactId> 
    <packaging>war</packaging> 
    <version>1.0</version> 

    <build> 
     <plugins> 
      <plugin> 
       <groupId>com.rimerosolutions.maven.plugins</groupId> 
       <artifactId>wrapper-maven-plugin</artifactId> 
       <version>0.0.4</version> 
       <configuration> 
        <verifyDownload>true</verifyDownload> 
        <checksumAlgorithm>MD5</checksumAlgorithm> 
       </configuration> 
      </plugin> 
      <plugin> 
       <groupId>org.springframework.boot</groupId> 
       <artifactId>spring-boot-maven-plugin</artifactId> 
       <version>${springboot.version}</version> 
       <configuration> 
        <mainClass>org.springframework.boot.loader.WarLauncher</mainClass> 
        <addResources>true</addResources> 
       </configuration> 
      </plugin> 
      <plugin> 
       <groupId>org.apache.maven.plugins</groupId> 
       <artifactId>maven-war-plugin</artifactId> 
       <version>2.6</version> 
       <configuration> 
        <warName>cas</warName> 
        <failOnMissingWebXml>false</failOnMissingWebXml> 
        <recompressZippedFiles>false</recompressZippedFiles> 
        <archive> 
         <compress>false</compress> 
         <manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp${app.server}/META-INF/MANIFEST.MF 
         </manifestFile> 
        </archive> 
        <overlays> 
         <overlay> 
          <groupId>org.apereo.cas</groupId> 
          <artifactId>cas-server-webapp${app.server}</artifactId> 
         </overlay> 
        </overlays> 
       </configuration> 
      </plugin> 
      <plugin> 
       <groupId>org.apache.maven.plugins</groupId> 
       <artifactId>maven-compiler-plugin</artifactId> 
       <version>3.3</version> 
      </plugin> 
     </plugins> 
     <finalName>cas</finalName> 
    </build> 

    <dependencies> 
     <dependency> 
      <groupId>org.apereo.cas</groupId> 
      <artifactId>cas-server-webapp${app.server}</artifactId> 
      <version>${cas.version}</version> 
      <type>war</type> 
      <scope>runtime</scope> 
     </dependency> 
     <dependency> 
      <groupId>org.apereo.cas</groupId> 
      <artifactId>cas-server-support-rest-authentication</artifactId> 
      <version>${cas.version}</version> 
     </dependency> 
     <dependency> 
      <groupId>org.apereo.cas</groupId> 
      <artifactId>cas-server-support-pm</artifactId> 
      <version>${cas.version}</version> 
     </dependency> 
     <dependency> 
      <groupId>org.apereo.cas</groupId> 
      <artifactId>cas-server-support-pm-rest</artifactId> 
      <version>${cas.version}</version> 
     </dependency> 
     <dependency> 
      <groupId>org.apereo.cas</groupId> 
      <artifactId>cas-server-support-pm-webflow</artifactId> 
      <version>${cas.version}</version> 
     </dependency> 
    </dependencies> 

    <properties> 
     <cas.version>5.2.0-RC3</cas.version> 
     <springboot.version>1.5.7.RELEASE</springboot.version> 
     <!-- app.server could be -jetty, -undertow, -tomcat, or blank if you plan 
      to provide appserver --> 
     <app.server>-tomcat</app.server> 
     <maven.compiler.source>1.8</maven.compiler.source> 
     <maven.compiler.target>1.8</maven.compiler.target> 
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> 
    </properties> 

    <repositories> 
     <repository> 
      <id>sonatype-releases</id> 
      <url>http://oss.sonatype.org/content/repositories/releases/</url> 
      <snapshots> 
       <enabled>false</enabled> 
      </snapshots> 
      <releases> 
       <enabled>true</enabled> 
      </releases> 
     </repository> 
     <repository> 
      <id>sonatype-snapshots</id> 
      <url>https://oss.sonatype.org/content/repositories/snapshots/</url> 
      <snapshots> 
       <enabled>true</enabled> 
      </snapshots> 
      <releases> 
       <enabled>false</enabled> 
      </releases> 
     </repository> 
     <repository> 
      <id>shibboleth-releases</id> 
      <url>https://build.shibboleth.net/nexus/content/repositories/releases</url> 
     </repository> 
     <repository> 
      <id>spring-milestones</id> 
      <url>https://repo.spring.io/milestone</url> 
     </repository> 
    </repositories> 

    <profiles> 
     <profile> 
      <activation> 
       <activeByDefault>false</activeByDefault> 
      </activation> 
      <id>pgp</id> 
      <build> 
       <plugins> 
        <plugin> 
         <groupId>com.github.s4u.plugins</groupId> 
         <artifactId>pgpverify-maven-plugin</artifactId> 
         <version>1.1.0</version> 
         <executions> 
          <execution> 
           <goals> 
            <goal>check</goal> 
           </goals> 
          </execution> 
         </executions> 
         <configuration> 
          <pgpKeyServer>hkp://pool.sks-keyservers.net</pgpKeyServer> 
          <pgpKeysCachePath>${settings.localRepository}/pgpkeys-cache</pgpKeysCachePath> 
          <scope>test</scope> 
          <verifyPomFiles>true</verifyPomFiles> 
          <failNoSignature>false</failNoSignature> 
         </configuration> 
        </plugin> 
       </plugins> 
      </build> 
     </profile> 
    </profiles> 
</project> 

Answer 1

이 검토 할 수있는 기회를 얻을나요? https://github.com/apereo/cas/pull/2940