I was able to figure out the issue for any future people that may be
running into this issue:
This was due to upgrading Spring Boot from 2.x to 3.x, the spring.factories
file is no longer used so you need to move the contents of that file into
the
resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
then replacing @Configuration in the file that contains the bean to
@AutoConfiguration along with adding import
org.springframework.boot.autoconfigure.AutoConfiguration;
On Friday, September 20, 2024 at 4:48:35 PM UTC-4 Neil Bhadsavle wrote:
> This is the TemporaryTicketNonInteractiveAction just in case that helps:
>
> package edu.gatech.gtri.cas.web.flow;
>
> import
> edu.gatech.gtri.cas.authentication.principal.AfwpTempTicketCredential;
> import org.apereo.cas.authentication.Credential;
> import
> org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy;
> import
> org.apereo.cas.web.flow.actions.AbstractNonInteractiveCredentialsAction;
> import
> org.apereo.cas.web.flow.authentication.DefaultCasWebflowExceptionCatalog;
> import org.apereo.cas.web.flow.authentication.CasWebflowExceptionHandler;
> import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
> import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
> import org.apereo.cas.web.support.WebUtils;
>
> import lombok.extern.slf4j.Slf4j;
> import lombok.val;
> import org.springframework.context.ConfigurableApplicationContext;
> import org.springframework.core.annotation.AnnotationAwareOrderComparator;
> import org.springframework.webflow.execution.RequestContext;
> import org.apache.commons.lang3.StringUtils;
> import org.springframework.webflow.action.AbstractAction;
> import org.springframework.webflow.core.collection.LocalAttributeMap;
> import org.springframework.webflow.execution.Event;
>
> import org.springframework.webflow.execution.Action;
> import org.springframework.context.annotation.Bean;
> import org.springframework.context.annotation.Configuration;
> import org.springframework.beans.factory.ObjectProvider;
> import org.springframework.beans.factory.annotation.Autowired;
> import org.springframework.beans.factory.annotation.Qualifier;
> import
> org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
> import
> org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction;
> import org.apereo.cas.configuration.CasConfigurationProperties;
> import
> org.apereo.cas.configuration.model.core.web.MessageBundleProperties;
> import org.springframework.cloud.context.config.annotation.RefreshScope;
>
> import
> edu.gatech.gtri.cas.authentication.casuseradmin.InvalidTempTicketException;
>
> import java.util.ArrayList;
> import java.util.Arrays;
> import java.util.LinkedHashSet;
> import java.util.Set;
>
> /**
> * Fully overlaid here from the core implementation package, so CAS config
> uses this class instead of its own
> * version, as there is no conditional bean definition available for this
> class as of version 6.0.3.
> * <p>
> * This implementation uses custom <code>AfwpX509CertificateCredential
> </code>
> */
> @Slf4j
> public class TemporaryTicketNonInteractiveAction extends
> AbstractNonInteractiveCredentialsAction
> {
>
> @Autowired
> private ConfigurableApplicationContext applicationContext;
>
> /**
> * Attribute to indicate the x509 certificate.
> */
> private static final long serialVersionUID = 4789797148634156909L;
>
> public TemporaryTicketNonInteractiveAction(final
> CasDelegatingWebflowEventResolver
> initialAuthenticationAttemptWebflowEventResolver,
> final CasWebflowEventResolver serviceTicketRequestWebflowEventResolver,
> final AdaptiveAuthenticationPolicy adaptiveAuthenticationPolicy) {
>
> super(initialAuthenticationAttemptWebflowEventResolver,
> serviceTicketRequestWebflowEventResolver,
> adaptiveAuthenticationPolicy);
> }
>
> @Override
> protected Credential constructCredentialsFromRequest(final RequestContext
> context) {
> val request =
> WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
> final String loginTicketHash = context.getRequestParameters().get(
> "onetimeTicket");
>
> if (loginTicketHash != null && !loginTicketHash.isEmpty()) {
> return new AfwpTempTicketCredential(loginTicketHash);
> }
> return null;
> }
>
> /*
> @ConditionalOnMissingBean(name = "authenticationExceptionHandler2")
> @Bean
> public Action authenticationExceptionHandler() {
> Look at org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration.java
> for reference.
> return new
> AuthenticationExceptionHandlerAction(handledAuthenticationExceptions(),
> MessageBundleProperties.DEFAULT_BUNDLE_PREFIX_AUTHN_FAILURE);
> }*/
>
> @ConditionalOnMissingBean(name = "authenticationExceptionHandler2")
> @Bean
> public Action authenticationExceptionHandler() {
> val beans = applicationContext.getBeansOfType(CasWebflowExceptionHandler.
> class, false, true);
> val handlers = new ArrayList<>(beans.values());
> AnnotationAwareOrderComparator.sort(handlers);
> return new AuthenticationExceptionHandlerAction(handlers);
> }
>
> @RefreshScope
> @Bean
> public DefaultCasWebflowExceptionCatalog
> handledAuthenticationExceptions() {
> System.out.println("--------- handleAuthenticationExceptions");
> /*
> * Order is important here; We want the account policy exceptions to be
> handled
> * first before moving onto more generic errors. In the event that multiple
> handlers
> * are defined, where one fails due to account policy restriction and one
> fails
> * due to a bad password, we want the error associated with the account
> policy
> * to be processed first, rather than presenting a more generic error
> associated
> */
> val errors = new DefaultCasWebflowExceptionCatalog();;
> errors.registerException(InvalidTempTicketException.class);
> // errors.add(javax.security.auth.login.AccountLockedException.class);
> // errors.add(javax.security.auth.login.CredentialExpiredException.class);
> // errors.add(javax.security.auth.login.AccountExpiredException.class);
> // errors.add(AccountDisabledException.class);
> // errors.add(InvalidLoginLocationException.class);
> // errors.add(AccountPasswordMustChangeException.class);
> // errors.add(InvalidLoginTimeException.class);
>
> // errors.add(javax.security.auth.login.AccountNotFoundException.class);
> // errors.add(javax.security.auth.login.FailedLoginException.class);
> // errors.add(UnauthorizedServiceForPrincipalException.class);
> // errors.add(PrincipalException.class);
> // errors.add(UnsatisfiedAuthenticationPolicyException.class);
> // errors.add(UnauthorizedAuthenticationException.class);
>
> // errors.addAll(casProperties.getAuthn().getExceptions().getExceptions());
>
> return errors;
> }
> }
>
> On Friday, September 20, 2024 at 2:18:17 PM UTC-4 Neil Bhadsavle wrote:
>
>> While upgrading to CAS 7, I am running into issues with the Action we are
>> adding to the webflow saying it can no longer find the method:
>>
>> Here are the errors I am getting:
>>
>> casuseradmin-1 | 2024-09-20 15:03:15,051 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing
>> org.apereo.cas.web.flow.login.InitialAuthenticationRequestValidationAction@7ac00160;
>>
>> result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,051 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@45fe3bfc expression =
>> initialAuthenticationRequestValidationAction, resultExpression = [null]];
>> result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,052 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@6080e1b6 on = success, to = ticketGrantingTicketCheck]>
>> casuseradmin-1 | 2024-09-20 15:03:15,052 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'initialAuthenticationRequestValidationCheck'>
>> casuseradmin-1 | 2024-09-20 15:03:15,052 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'ticketGrantingTicketCheck' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,052 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@3a2eaea6 expression = ticketGrantingTicketCheckAction,
>> resultExpression = [null]]>
>> casuseradmin-1 | 2024-09-20 15:03:15,058 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.login.TicketGrantingTicketCheckAction@68d8359a>
>> casuseradmin-1 | 2024-09-20 15:03:15,058 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing
>> org.apereo.cas.web.flow.login.TicketGrantingTicketCheckAction@68d8359a;
>> result = notExists>
>> casuseradmin-1 | 2024-09-20 15:03:15,058 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@3a2eaea6 expression =
>> ticketGrantingTicketCheckAction, resultExpression = [null]]; result =
>> notExists>
>> casuseradmin-1 | 2024-09-20 15:03:15,059 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@2a181fdd on = notExists, to = gatewayRequestCheck]>
>> casuseradmin-1 | 2024-09-20 15:03:15,059 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'ticketGrantingTicketCheck'>
>> casuseradmin-1 | 2024-09-20 15:03:15,059 DEBUG
>> [org.springframework.webflow.engine.DecisionState] - <Entering state
>> 'gatewayRequestCheck' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,061 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@e1476bb on = *, to = serviceAuthorizationCheck]>
>> casuseradmin-1 | 2024-09-20 15:03:15,062 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'gatewayRequestCheck'>
>> casuseradmin-1 | 2024-09-20 15:03:15,062 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'serviceAuthorizationCheck' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,062 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@716ea9c3 expression = serviceAuthorizationCheck,
>> resultExpression = [null]]>
>> casuseradmin-1 | 2024-09-20 15:03:15,072 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@3934d4c0>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing org.apereo.cas.web.flow.ServiceAuthorizationCheckAction@3934d4c0;
>> result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@716ea9c3 expression = serviceAuthorizationCheck,
>> resultExpression = [null]]; result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@470e78d4 on = *, to = initializeLoginForm]>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'serviceAuthorizationCheck'>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'initializeLoginForm' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,073 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@514d40e1 expression = initializeLoginAction,
>> resultExpression = [null]]>
>> casuseradmin-1 | 2024-09-20 15:03:15,078 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> org.apereo.cas.web.flow.login.InitializeLoginAction@7f63fa0a>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing org.apereo.cas.web.flow.login.InitializeLoginAction@7f63fa0a;
>> result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [EvaluateAction@514d40e1 expression = initializeLoginAction,
>> resultExpression = [null]]; result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@2a2c0e3f on = success, to = afterInitializeLoginForm]>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'initializeLoginForm'>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'afterInitializeLoginForm' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,079 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [SetAction@27e2ca6f name = requestScope.initialized, value = true]>
>> casuseradmin-1 | 2024-09-20 15:03:15,080 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Finished
>> executing [SetAction@27e2ca6f name = requestScope.initialized, value =
>> true]; result = success>
>> casuseradmin-1 | 2024-09-20 15:03:15,080 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Executing
>> [Transition@3fdf7956 on = success, to = startTempAuthenticate]>
>> casuseradmin-1 | 2024-09-20 15:03:15,080 DEBUG
>> [org.springframework.webflow.engine.Transition] - <Exiting state
>> 'afterInitializeLoginForm'>
>> casuseradmin-1 | 2024-09-20 15:03:15,080 DEBUG
>> [org.springframework.webflow.engine.ActionState] - <Entering state
>> 'startTempAuthenticate' of flow 'login'>
>> casuseradmin-1 | 2024-09-20 15:03:15,081 DEBUG
>> [org.springframework.webflow.execution.ActionExecutor] - <Executing
>> [EvaluateAction@78ddce4 expression = tempTicketCheck, resultExpression =
>> [null]]>
>> casuseradmin-1 | 2024-09-20 15:03:15,086 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Attempting
>> to handle [org.springframework.webflow.execution.ActionExecutionException:
>> Exception thrown executing [EvaluateAction@78ddce4 expression =
>> tempTicketCheck, resultExpression = [null]] in state
>> 'startTempAuthenticate' of flow 'login' -- action execution attributes were
>> 'map[[empty]]'] with root cause
>> [org.springframework.expression.spel.SpelEvaluationException: EL1008E:
>> Property or field 'tempTicketCheck' cannot be found on object of type
>> 'org.springframework.webflow.engine.impl.RequestControlContextImpl' - maybe
>> not public or not valid?]>
>> casuseradmin-1 | 2024-09-20 15:03:15,087 DEBUG
>> [org.springframework.webflow.engine.impl.FlowExecutionImpl] - <Rethrowing
>> unhandled flow execution exception>
>> casuseradmin-1 | 2024-09-20 15:03:15,088 DEBUG
>> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the
>> received exception
>> [org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing [EvaluateAction@78ddce4 expression = tempTicketCheck,
>> resultExpression = [null]] in state 'startTempAuthenticate' of flow 'login'
>> -- action execution attributes were 'map[[empty]]'] due to a type mismatch
>> with handler [[FlowHandlerMapping.DefaultFlowHandler@3d5f2f9f]]>
>>
>> 2024-09-20 15:03:15,092 ERROR
>> [org.apereo.cas.web.support.filters.AbstractSecurityFilter] - <Request
>> processing failed:
>> org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing [EvaluateAction@78ddce4 expression = tempTicketCheck,
>> resultExpression = [null]] in state 'startTempAuthenticate' of flow 'login'
>> -- action execution attributes were 'map[[empty]]'>
>>
>> 2024-09-20 15:03:15,094 ERROR
>> [org.springframework.boot.web.servlet.support.ErrorPageFilter] -
>> <Forwarding to error page from request [/login] due to exception
>> [jakarta.servlet.ServletException: Request processing failed:
>> org.springframework.webflow.execution.ActionExecutionException: Exception
>> thrown executing [EvaluateAction@78ddce4 expression = tempTicketCheck,
>> resultExpression = [null]] in state 'startTempAuthenticate' of flow 'login'
>> -- action execution attributes were 'map[[empty]]']>
>>
>> Here is the method that sets up startTempAuthenticate:
>>
>> @Bean(name = "tempTicketCheck")
>> public Action tempTicketCheck() {
>> return new
>> TemporaryTicketNonInteractiveAction(initialAuthenticationAttemptWebflowEventResolver.getIfAvailable(),
>> serviceTicketRequestWebflowEventResolver.getIfAvailable(),
>> adaptiveAuthenticationPolicy.getIfAvailable());
>> }
>>
>>
>> Here is the doInitialize setting up the webflow:
>>
>> @Override
>> protected void doInitialize() {
>> val flow = getLoginFlow();
>> if (flow != null) {
>> val actionState = createActionState(flow,
>> CasWebflowConstants.STATE_ID_X509_START,
>> CasWebflowConstants.ACTION_ID_X509_CHECK);
>> val transitionSet = actionState.getTransitionSet();
>>
>> //Adding x509 webflow transition
>>
>> transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_SUCCESS,
>> CasWebflowConstants.STATE_ID_CREATE_TICKET_GRANTING_TICKET));
>> transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_WARN,
>> CasWebflowConstants.TRANSITION_ID_WARN));
>> transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_ERROR,
>> getStateIdOnX509Failure(flow)));
>>
>> transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE,
>> CasWebflowConstants.STATE_ID_HANDLE_AUTHN_FAILURE));
>>
>> transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_SUCCESS_WITH_WARNINGS,
>> CasWebflowConstants.STATE_ID_SHOW_AUTHN_WARNING_MSGS));
>>
>>
>> actionState.getExitActionList().add(createEvaluateAction(CasWebflowConstants.ACTION_ID_CLEAR_WEBFLOW_CREDENTIALS));
>>
>> //Adding Temp ticket webflow transition
>>
>> val tempTicketActionState = createActionState(flow,
>> EVENT_ID_START_TEMP_TICKET, createEvaluateAction("tempTicketCheck"));
>> val tempTicketTransitionSet = tempTicketActionState.getTransitionSet();
>>
>> tempTicketTransitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_SUCCESS,
>>
>> CasWebflowConstants.STATE_ID_CREATE_TICKET_GRANTING_TICKET));
>> tempTicketTransitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_WARN,
>>
>> CasWebflowConstants.TRANSITION_ID_WARN));
>>
>> tempTicketTransitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE,
>> CasWebflowConstants.STATE_ID_HANDLE_AUTHN_FAILURE));
>> tempTicketTransitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_ERROR,
>>
>> getStateIdOnX509Failure(flow)));
>>
>> tempTicketTransitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_SUCCESS_WITH_WARNINGS,
>> CasWebflowConstants.STATE_ID_SHOW_AUTHN_WARNING_MSGS));
>>
>>
>> tempTicketActionState.getExitActionList().add(createEvaluateAction(CasWebflowConstants.ACTION_ID_CLEAR_WEBFLOW_CREDENTIALS));
>>
>> //Injecting the temp ticket webflow before the x509 webflow and to
>> transition to x509 when a temp ticket doesn't exist
>> val state = getState(flow,
>> CasWebflowConstants.STATE_ID_AFTER_INIT_LOGIN_FORM, ActionState.class);
>> createTransitionForState(state,
>> CasWebflowConstants.TRANSITION_ID_SUCCESS, EVENT_ID_START_TEMP_TICKET,
>> true);
>>
>> val initState = getState(flow, EVENT_ID_START_TEMP_TICKET, ActionState.
>> class);
>> createTransitionForState(initState,
>> CasWebflowConstants.TRANSITION_ID_ERROR,
>> CasWebflowConstants.STATE_ID_X509_START, true);
>> }
>> }
>>
>>
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8263f37e-3866-4304-bfc8-5c1b6b83263fn%40apereo.org.
