Closed ddorigo closed 6 years ago
Burtbeckwith changed the version of cas-client-core. In RC5 was 3.3.3, and just before 2.0.0 final release was changed to 3.4.1:
Did you fix it, ddorigo? I'm getting the same error and am not sure what the solution is.
In BuildConfig.groovy, dependencies... compile "org.jasig.cas.client:cas-client-core:3.3.3", { excludes 'commons-codec', 'commons-logging', 'junit', 'log4j', 'opensaml', 'servlet-api', 'spring-beans', 'spring-context', 'spring-core', 'spring-test', 'xmlsec' }
It´s working fine.
Any news on this ? will it be part of a next release ?
@sersena 's fix worked initially for local deployment of three different grails apps I was upgrading to run on tomcat 8 / java 8 (from tomcat 6 / java 6). I needed the security upgrade to do so and ran into the same problem described here, and once I added the cas-client-core:3.3.3 dependency with those exclusions, I was able to run the apps with embedded tomcat as well as deployed to a local tomcat.
However, when the apps were deployed to other environments, they would act consistently per environment, but on some environments would start up successfully, and others would not. ie: it would always fail to start on instance 1, but always successfully start on instance 2.
This type of behavior is typically indicative of library conflicts that aren't always resolved the same way from instance to instance of tomcat. I at first thought the problem was the xerces and xml-apis dependencies being pulled in by this cas-client-core, but after excluding them the same problem persisted. I was finally able to fix the problem by just ignoring ALL transitive dependencies pulled in by cas-client-core, so my BuildConfig.groovy for the CAS upgrade looks like this:
compile 'org.jasig.cas.client:cas-client-core:3.3.3', { transitive = false }
I'm not sure if this is because we have some other plugins / dependencies than is typical, or because of the version we're using, but I figured I'd leave this here in case anyone else runts into the same problem.
Our apps used the following versions (only included what I thought may be relevant):
All environments were running Java 8u5 and Tomcat 8.0.14
I believe this is solved in
compile "org.grails.plugins:spring-security-cas:2.0.1"
via:
Could anyone @ddorigo @sersena @zepuka @rlaplante could you please confirm it is solved for you?
Please reopen if the error is still ocurring.
I have reverted the CAS Client Core dependency to: cas-client-core:3.3.3
and release a new version ( 2.0.2) of the plugin.
compile "org.grails.plugins:spring-security-cas:2.0.2"
Dear all, I have a grails 2.5 application running with the following security configuration in BuildConfig:
compile ':spring-security-core:2.0-RC5' compile ':spring-security-cas:2.0-RC1'
I moved to compile ':spring-security-core:2.0.0' compile ':spring-security-cas:2.0.0'
and I get the following error during deployment:
Exception starting filter CAS Single Sign Out Filter java.lang.IllegalArgumentException: casServerUrlPrefix cannot be null. at org.jasig.cas.client.util.CommonUtils.assertNotNull(CommonUtils.java:86) at org.jasig.cas.client.session.SingleSignOutHandler.init(SingleSignOutHandler.java:140) at org.jasig.cas.client.session.SingleSignOutFilter.init(SingleSignOutFilter.java:55) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)
The cas configuration is included from Config.groovy: grails.config.locations = ["file:${System.properties['catalina.base']}/webapps/appName/WEB-INF/gintegration-config.groovy"]
and in gintegration:
// app grails.serverURL = "http://hostname:8080/appName" grails.serverSecureURL = "https://hostname:8043/appName"
// CAS configuration grails.plugin.springsecurity.seSessionFixationPrevention = false grails.plugin.springsecurity.useCAS = true grails.plugin.springsecurity.cas.active = true grails.plugin.springsecurity.cas.serverUrlPrefix = 'https://hostname:10443/sso' grails.plugin.springsecurity.cas.serverUrlEncoding = 'UTF-8' grails.plugin.springsecurity.cas.loginUri = '/login' grails.plugin.springsecurity.cas.sendRenew = false grails.plugin.springsecurity.cas.serviceUrl = "${grails.serverURL}/secure/security_check" grails.plugin.springsecurity.cas.key ='authentication_provider' grails.plugin.springsecurity.cas.artifactParameter = 'ticket' grails.plugin.springsecurity.cas.serviceParameter = 'service' grails.plugin.springsecurity.cas.filterProcessesUrl = '/secure/security_check' grails.plugin.springsecurity.cas.proxyCallbackUrl = "${grails.serverSecureURL}/secure/receptor" grails.plugin.springsecurity.cas.proxyReceptorUrl = '/secure/receptor'
grails.plugin.springsecurity.cas.useSingleSignOut = true
// also CAS related - do not touch please grails.plugin.springsecurity.logoutURL = "${grails.plugin.springsecurity.cas.serverUrlPrefix}/logout" grails.plugin.springsecurity.logout.afterLogoutUrl = "${grails.plugin.springsecurity.cas.serverUrlPrefix}/logout?url=${grails.serverURL}"
I tried to change some configuration but it doesn't help. Am I doing something wrong?