search

grails / grails-spring-security-cas

Apache License 2.0
19 stars 29 forks source link

casServerUrlPrefix cannot be null. grails 2.5 and spring security 2.0.0 #9

Closed ddorigo closed 6 years ago

ddorigo commented 8 years ago

Dear all, I have a grails 2.5 application running with the following security configuration in BuildConfig:

compile ':spring-security-core:2.0-RC5' compile ':spring-security-cas:2.0-RC1'

I moved to compile ':spring-security-core:2.0.0' compile ':spring-security-cas:2.0.0'

and I get the following error during deployment:

Exception starting filter CAS Single Sign Out Filter java.lang.IllegalArgumentException: casServerUrlPrefix cannot be null. at org.jasig.cas.client.util.CommonUtils.assertNotNull(CommonUtils.java:86) at org.jasig.cas.client.session.SingleSignOutHandler.init(SingleSignOutHandler.java:140) at org.jasig.cas.client.session.SingleSignOutFilter.init(SingleSignOutFilter.java:55) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)

The cas configuration is included from Config.groovy: grails.config.locations = ["file:${System.properties['catalina.base']}/webapps/appName/WEB-INF/gintegration-config.groovy"]

and in gintegration:

// app grails.serverURL = "http://hostname:8080/appName" grails.serverSecureURL = "https://hostname:8043/appName"

// CAS configuration grails.plugin.springsecurity.seSessionFixationPrevention = false grails.plugin.springsecurity.useCAS = true grails.plugin.springsecurity.cas.active = true grails.plugin.springsecurity.cas.serverUrlPrefix = 'https://hostname:10443/sso' grails.plugin.springsecurity.cas.serverUrlEncoding = 'UTF-8' grails.plugin.springsecurity.cas.loginUri = '/login' grails.plugin.springsecurity.cas.sendRenew = false grails.plugin.springsecurity.cas.serviceUrl = "${grails.serverURL}/secure/security_check" grails.plugin.springsecurity.cas.key ='authentication_provider' grails.plugin.springsecurity.cas.artifactParameter = 'ticket' grails.plugin.springsecurity.cas.serviceParameter = 'service' grails.plugin.springsecurity.cas.filterProcessesUrl = '/secure/security_check' grails.plugin.springsecurity.cas.proxyCallbackUrl = "${grails.serverSecureURL}/secure/receptor" grails.plugin.springsecurity.cas.proxyReceptorUrl = '/secure/receptor'

grails.plugin.springsecurity.cas.useSingleSignOut = true

// also CAS related - do not touch please grails.plugin.springsecurity.logoutURL = "${grails.plugin.springsecurity.cas.serverUrlPrefix}/logout" grails.plugin.springsecurity.logout.afterLogoutUrl = "${grails.plugin.springsecurity.cas.serverUrlPrefix}/logout?url=${grails.serverURL}"

I tried to change some configuration but it doesn't help. Am I doing something wrong?

sersena commented 8 years ago

Burtbeckwith changed the version of cas-client-core. In RC5 was 3.3.3, and just before 2.0.0 final release was changed to 3.4.1:

jneallawson commented 8 years ago

Did you fix it, ddorigo? I'm getting the same error and am not sure what the solution is.

sersena commented 8 years ago

In BuildConfig.groovy, dependencies... compile "org.jasig.cas.client:cas-client-core:3.3.3", { excludes 'commons-codec', 'commons-logging', 'junit', 'log4j', 'opensaml', 'servlet-api', 'spring-beans', 'spring-context', 'spring-core', 'spring-test', 'xmlsec' }

It´s working fine.

rlaplante commented 8 years ago

Any news on this ? will it be part of a next release ?

zepuka commented 7 years ago

@sersena 's fix worked initially for local deployment of three different grails apps I was upgrading to run on tomcat 8 / java 8 (from tomcat 6 / java 6). I needed the security upgrade to do so and ran into the same problem described here, and once I added the cas-client-core:3.3.3 dependency with those exclusions, I was able to run the apps with embedded tomcat as well as deployed to a local tomcat.

However, when the apps were deployed to other environments, they would act consistently per environment, but on some environments would start up successfully, and others would not. ie: it would always fail to start on instance 1, but always successfully start on instance 2.

This type of behavior is typically indicative of library conflicts that aren't always resolved the same way from instance to instance of tomcat. I at first thought the problem was the xerces and xml-apis dependencies being pulled in by this cas-client-core, but after excluding them the same problem persisted. I was finally able to fix the problem by just ignoring ALL transitive dependencies pulled in by cas-client-core, so my BuildConfig.groovy for the CAS upgrade looks like this:

compile 'org.jasig.cas.client:cas-client-core:3.3.3', { transitive = false }

I'm not sure if this is because we have some other plugins / dependencies than is typical, or because of the version we're using, but I figured I'd leave this here in case anyone else runts into the same problem.

Our apps used the following versions (only included what I thought may be relevant):

All environments were running Java 8u5 and Tomcat 8.0.14

sdelamo commented 6 years ago

I believe this is solved in

compile "org.grails.plugins:spring-security-cas:2.0.1"

via:

https://github.com/grails-plugins/grails-spring-security-cas/commit/347217482b16be85d775016d10b6b4ccc2f5825f

Could anyone @ddorigo @sersena @zepuka @rlaplante could you please confirm it is solved for you?

sdelamo commented 6 years ago

Please reopen if the error is still ocurring.

sdelamo commented 6 years ago

I have reverted the CAS Client Core dependency to: cas-client-core:3.3.3and release a new version ( 2.0.2) of the plugin.

compile "org.grails.plugins:spring-security-cas:2.0.2"