Good evening Jeff, I had to include bcprov-jdk15on-1.53.jar.
Pau Gómez Dpto. de Desarrollo Técnicas Competitivas, S. A. Tel: 922 203 931 Fax: 922 203 871 Grupo URANIA Aviso legal: El contenido de este mensaje (y de cualquiera de los archivos adjuntos) es confidencial, y previsto solamente para el uso de los destinatarios especificados. Cualquier uso, difusión, expedición, impresión o copiado de esta información, sin autorización expresa previa, está prohibido en virtud de la legislación vigente. P Antes de imprimir este mensaje, asegúrese de que es necesario. El medio ambiente es cosa de todos De: Jeff Gouge [mailto:gouge.j...@gmail.com] Enviado el: martes, 27 de octubre de 2015 14:52 Para: jasig-cas-user <jasig-cas-u...@googlegroups.com> CC: cas-user@lists.jasig.org; Pau I. Gómez Molina <pau.go...@tecnicascompetitivas.com> Asunto: Re: [cas-user] Error 500 when validating SAML Paul, What was the missed library? On Monday, October 26, 2015 at 3:26:20 AM UTC-4, Pau Gómez wrote: Goog morning, Alberto, thanks for your help. I was only looking at CAS log and I forgot to check Tomcat's log. I had to include a missed library and everything worked again. Gracias por todo!! I'm using CAS 4.0.2 and cas client 3.3.3, so I guess you can use same client (or later) with cas 4.1. I would recomment to follow documentation to set SAML support and look logs. In my case I had to import Bouncy Castles lib, (bcprov). Pau. El miércoles, 21 de octubre de 2015, 12:43:58 (UTC+1), Pau I. Gómez Molina escribió: Good morning, We are trying to activate SAML validation but it doesn’t work. We have followed documentation for 4.0.X version. This is the LOG after trying authenticate: 2015-10-21 12:30:53,831 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Attempting LDAP authentication for XXXX+password - (certificate:) 2015-10-21 12:30:53,863 INFO [org.ldaptive.auth.Authenticator] - Authentication succeeded for dn: uid=XXXX,o=XXXX,c=XX 2015-10-21 12:30:53,863 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP response: [org.ldaptive.auth.AuthenticationResponse@5290428::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[dn=uid=XXXX,o=XXXX,c=XX[[uid[XXXX]], [givenName[XXXX]], [sn[XXXX]], [isMemberOf[cn=XXXX,ou=XXX,o=XXXX, o=XXXX,c=XXXX, uid=XXXX,o=XXXX,c=XX, cn=XXXX,o=XXXX,o=XXXX,c=XX]]], responseControls=null, messageId=-1], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null] 2015-10-21 12:30:53,864 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [isMemberOf[cn=XXXX,ou=XXXX,o=XXXX,o=XXXX,c=XX, uid=XXXX,o=XXXX,c=XX, cn=XXXX,o=XXXX,o=XXXX,c=XX]] 2015-10-21 12:30:53,865 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [givenName[XXXX]] 2015-10-21 12:30:53,865 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [sn[XXXX]] 2015-10-21 12:30:53,865 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - LdapAuthenticationHandler successfully authenticated XXXX+password - (certificate:) 2015-10-21 12:30:53,866 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Resolver is null. 2015-10-21 12:30:53,866 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - No resolver configured for LdapAuthenticationHandler. Falling back to handler principal XXXX 2015-10-21 12:30:53,866 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Principal=XXXX 2015-10-21 12:30:53,866 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Setting principal. 2015-10-21 12:30:53,866 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Returning builder. 2015-10-21 12:30:53,867 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated XXXX with credentials [XXXX+password - (certificate:)]. 2015-10-21 12:30:53,869 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Attribute map for XXXX: {isMemberOf=[cn=XXXX,ou=XXXX,o=XXXX,o=XXXX,c=XX, uid=XXXX,c=XX, cn=XXXX,o=XXXX,o=XXXX,c=XX], givenName=XXXX, sn=XXXX} 2015-10-21 12:30:53,884 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: supplied credentials: [XXXX+password - (certificate:)] ACTION: AUTHENTICATION_SUCCESS APPLICATION: SSO WHEN: Wed Oct 21 12:30:53 BST 2015 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= 2015-10-21 12:30:53,895 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Added ticket [TGT-3-KDZzl1jcXb0W6bARCGc0SngtNtdquQ706gblgh34I5W7XzBWrj-localhost:8443] to registry. 2015-10-21 12:30:53,909 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: TGT-3-KDZzl1jcXb0W6bARCGc0SngtNtdquQ706gblgh34I5W7XzBWrj-localhost:8443 ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: SSO WHEN: Wed Oct 21 12:30:53 BST 2015 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= 2015-10-21 12:30:53,931 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Removed cookie with name [CASPRIVACY] 2015-10-21 12:30:53,948 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie with name [CASTGC] and value [TGT-3-KDZzl1jcXb0W6bARCGc0SngtNtdquQ706gblgh34I5W7XzBWrj-localhost:8443] 2015-10-21 12:30:53,964 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - Generated service ticket id [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443] for ticket granting ticket [TGT-3-KDZzl1jcXb0W6bARCGc0SngtNtdquQ706gblgh34I5W7XzBWrj-localhost:8443] 2015-10-21 12:30:53,964 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Updated ticket [TGT-3-KDZzl1jcXb0W6bARCGc0SngtNtdquQ706gblgh34I5W7XzBWrj-localhost:8443]. 2015-10-21 12:30:53,965 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Added ticket [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443] to registry. 2015-10-21 12:30:53,966 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443] for service [https://localhost:8443/TestApp11/sso/ProtectedServlet] for user [XXXX] 2015-10-21 12:30:53,967 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: XXXX WHAT: ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443 for https://localhost:8443/TestApp11/sso/ProtectedServlet ACTION: SERVICE_TICKET_CREATED APPLICATION: SSO WHEN: Wed Oct 21 12:30:53 BST 2015 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= 2015-10-21 12:30:54,005 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Entering method [extractService] with arguments [[org.apache.catalina.connector.RequestFacade@1e9991b]] 2015-10-21 12:30:54,005 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Entering method [extractService] with arguments [[org.apache.catalina.connector.RequestFacade@1e9991b]] 2015-10-21 12:30:54,006 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Attempted to extract Request from HttpServletRequest. Results: 2015-10-21 12:30:54,006 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Attempted to extract Request from HttpServletRequest. Results: 2015-10-21 12:30:54,007 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Request Body: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="7465e1f0-f499-44fe-b138-d9c15d195642" IssueInstant="2015-10-21T12:30:53Z"><samlp:AssertionArtifact>ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope> 2015-10-21 12:30:54,007 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Request Body: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="7465e1f0-f499-44fe-b138-d9c15d195642" IssueInstant="2015-10-21T12:30:53Z"><samlp:AssertionArtifact>ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope> 2015-10-21 12:30:54,008 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted ArtifactId: ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443 2015-10-21 12:30:54,008 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted ArtifactId: ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443 2015-10-21 12:30:54,008 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted Request Id: 7465e1f0-f499-44fe-b138-d9c15d195642 2015-10-21 12:30:54,008 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted Request Id: 7465e1f0-f499-44fe-b138-d9c15d195642 2015-10-21 12:30:54,012 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,012 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,012 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,012 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,017 DEBUG [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Extractor generated service for: https://localhost:8443/TestApp11/sso/ProtectedServlet 2015-10-21 12:30:54,017 DEBUG [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Extractor generated service for: https://localhost:8443/TestApp11/sso/ProtectedServlet 2015-10-21 12:30:54,022 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [toString] with arguments [] 2015-10-21 12:30:54,022 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [toString] with arguments [] 2015-10-21 12:30:54,023 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [toString] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,023 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [toString] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,028 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Leaving method [extractService] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,028 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Leaving method [extractService] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,032 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getArtifactId] with arguments [] 2015-10-21 12:30:54,032 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getArtifactId] with arguments [] 2015-10-21 12:30:54,033 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getArtifactId] with return value [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443]. 2015-10-21 12:30:54,033 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getArtifactId] with return value [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443]. 2015-10-21 12:30:54,072 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,072 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,072 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,072 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,073 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Updated ticket [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443]. 2015-10-21 12:30:54,073 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - Found attribute [givenName] in the list of allowed attributes for service [SSO SERVICE] 2015-10-21 12:30:54,074 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - Found attribute [isMemberOf] in the list of allowed attributes for service [SSO SERVICE] 2015-10-21 12:30:54,074 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - Found attribute [sn] in the list of allowed attributes for service [SSO SERVICE] 2015-10-21 12:30:54,074 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - Principal id to return for service [SSO SERVICE] is [XXXXX]. The default principal id is [XXXX]. 2015-10-21 12:30:54,075 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Removing Ticket [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443] created: Wed Oct 21 12:30:53 BST 2015 2015-10-21 12:30:54,077 DEBUG [org.jasig.cas.ticket.registry.JpaTicketRegistry] - Deleted ticket [ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443] from the registry. 2015-10-21 12:30:54,086 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443 ACTION: SERVICE_TICKET_VALIDATED APPLICATION: SSO WHEN: Wed Oct 21 12:30:54 BST 2015 CLIENT IP ADDRESS: 127.0.0.1 SERVER IP ADDRESS: 127.0.0.1 ============================================================= 2015-10-21 12:30:54,100 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,100 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Entering method [getId] with arguments [] 2015-10-21 12:30:54,101 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,101 TRACE [org.jasig.cas.support.saml.authentication.principal.SamlService] - Leaving method [getId] with return value [https://localhost:8443/TestApp11/sso/ProtectedServlet]. 2015-10-21 12:30:54,106 DEBUG [org.jasig.cas.web.ServiceValidateController] - Successfully validated service ticket ST-3-w3r1jKCesKUtdOfQbzfB-localhost:8443 for service [https://localhost:8443/TestApp11/sso/ProtectedServlet] 2015-10-21 12:30:54,111 TRACE [org.jasig.cas.support.saml.web.view.Saml10SuccessResponseView] - Rendering view with name 'casSamlServiceSuccessView' with model {assertion=org.jasig.cas.authentication.ImmutableAuthentication@8b5e11fe:https://localhost:8443/TestApp11/sso/ProtectedServlet, pgtIou=null} and static attributes {} 2015-10-21 12:30:54,111 TRACE [org.jasig.cas.support.saml.web.view.Saml10SuccessResponseView] - Rendering view with name 'casSamlServiceSuccessView' with model {assertion=org.jasig.cas.authentication.ImmutableAuthentication@8b5e11fe:https://localhost:8443/TestApp11/sso/ProtectedServlet, pgtIou=null} and static attributes {} 2015-10-21 12:30:54,115 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Entering method [extractService] with arguments [[org.apache.catalina.connector.RequestFacade@1e9991b]] 2015-10-21 12:30:54,115 TRACE [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - Entering method [extractService] with arguments [[org.apache.catalina.connector.RequestFacade@1e9991b]] 2015-10-21 12:30:54,126 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Attempted to extract Request from HttpServletRequest. Results: 2015-10-21 12:30:54,126 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Attempted to extract Request from HttpServletRequest. Results: 2015-10-21 12:30:54,126 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Request Body: 2015-10-21 12:30:54,126 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Request Body: 2015-10-21 12:30:54,131 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted ArtifactId: null 2015-10-21 12:30:54,131 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted ArtifactId: null 2015-10-21 12:30:54,131 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - Extracted Request Id: null ... -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
