No conversation state found
Andrew Morgan
morgan at orst.edu
Wed Dec 16 19:49:27 EST 2015
On Wed, 16 Dec 2015, Cantor, Scott wrote:
> On 12/16/15, 7:09 AM, "users on behalf of Marvin Addison"
> <users-bounces at shibboleth.net on behalf of marvin.addison at gmail.com>
> wrote:
>
>
>>
>> We identified this issue (not exactly but similar) in testing and found
>> a pretty straightforward workaround: defining a custom 500 error page
>> in web.xml. It's a trivial fix we should consider.
>
> I forgot you can do code mappings in web.xml portably, yes, that's
> probably a reasonable fix until I think of something better. I probably
> would do it as an MVC controller now, but I don't know how easy it will
> be to do that change in place.
>
>> I'm fairly certain you're getting this behavior because your bookmark
>> includes a Webflow state identifier in the URL; the conversation=e1s1
>> bit. That's presumably an artifact of the Jasig CAS server that also
>> uses Webflow for processing at the /login URI, but it's confusing the
>> IdP.
>
> No, it would do it anyway. The error is from the call to
> startExternalAuthentication and the error message might be different,
> but it's still throwing a ServletException if that call fails. I didn't
> think about the bookmark problem in the RemoteUser case when I did that.
Thanks for all the information everyone. We ended up modifying web.xml to
send 500 errors to a custom error page:
<error-page>
<error-code>500</error-code>
<location>/error.jsp</location>
</error-page>
We still get a big stack trace in Tomcat's catalina.out log file, but at
least the users get some useful instructions.
It would be really nice if error handling for this condition was handled
natively in the IDP using the normal error page.
Would it be helpful if I filed a bug?
Thanks,
Andy
More information about the users
mailing list