I am in the same boat as you. We have authentication setup with ADFS (which is working with the regular CAS page), but I can't get to cas-services - I am just taken to the Access Denied page with no chance to login.
Eric On Tuesday, March 8, 2016 at 8:45:41 AM UTC-6, Dmitriy Kopylenko wrote: > > Hard to say what is going on there… Where’s your cas.properties file - > e.g. externalized vs embedded in the cas.war? Have you restarted the Tomcat > after adding the user? etc. etc. You will have to do some log files sifting > to figure out what is going on. > > Best, > D. > > On Mar 8, 2016, at 8:36 AM, Josep Manel Andrés <[email protected] > <javascript:>> wrote: > > Hi, > I've added my user there, but I don't even have the chance to get the > login page, when I type cas02.mydomain.com:8443/cas-services I get > redirected somewhere and tomcat throws a 404 error. The only place I can go > is cas02.mydomain.com:8443/cas which the main cas server, to which I am > able to log in. But the weird thing is when I type > https://cas02.mydomain.com:8443/cas-services/login/cas I am able to get > the unauthorized access page. > > > On 08/03/16 14:29, Dmitriy Kopylenko wrote: > > What user are you using to login to the mgmt app? By default only > 'casuser' is authorized to use the app: > <https://github.com/Jasig/cas-services-management-overlay/blob/master/etc/user-details.properties#L29> > https://github.com/Jasig/cas-services-management-overlay/blob/master/etc/user-details.properties#L29 > > Cheers, > Dmitriy. > > Sent from my iPhone > > On Mar 8, 2016, at 08:23, Josep Manel Andrés < <javascript:> > [email protected] <javascript:>> wrote: > > > > > No problem at all, > Regarding the deployment, I did it for both, server and cas-services: > > opscas02:/opt/tomcat # l webapps/ > total 81740 > drwxr-xr-x 8 root root 4096 Feb 17 17:12 ./ > drwxr-xr-x 9 root root 4096 Feb 4 12:40 ../ > drwxr-xr-x 3 tomcat root 4096 Feb 4 12:40 ROOT/ > drwxr-xr-x 8 tomcat tomcat 4096 Feb 17 10:52 cas-services/ > -rw-r--r-- 1 root root 36622968 Feb 17 10:52 cas-services.war > -rw-r--r-- 1 root root 47040277 Feb 17 17:12 cas.war > drwxr-xr-x 14 tomcat root 4096 Feb 4 12:40 docs/ > drwxr-xr-x 7 tomcat root 4096 Feb 4 12:40 examples/ > drwxr-xr-x 5 tomcat root 4096 Feb 4 12:40 host-manager/ > drwxr-xr-x 5 tomcat root 4096 Feb 4 12:40 manager/ > opscas02:/opt/tomcat # > > I even get this screen: > > <bfhcfhib.png> > > > and cas server is working and authenticating: > > <hjdgjceb.png> > > > So, I assume there might be something wrong with the config files. > > when I access to https://cas02.mydomain.com:8443/cas-services > I get redirected to: > > > https://cas02.mydomain:8443/login?service=https%3A%2F%2Fcas02.bsc.es%2Fcas-services%2Flogin%2Fcas > > not sure if this is correct. > > Thanks for yor help. > > > On 08/03/16 14:03, Misagh Moayyed wrote: > > My default. I was too presumptuous in my last post. Sorry about that. > > So to clarify, there is a CAS webapp, and there is a CAS management webapp. > These are two different applications, that need to be separately deployed. > Your brief snippet here below shows that you have only deployed the former > and not the latter. (You copied the cas.war over to tomcat's but not the > other app) So you get a 404 when you try to access it. You have not deployed > the management app. > > In order to do so, you need a separate overlay that builds that app for you > just like you have one now that builds the main CAS application for you. > This is a good starting > point:https://github.com/Jasig/cas-services-management-overlay > > Have you done any of those steps? > > > -----Original Message----- > From: [email protected] <javascript:> [mailto:[email protected] <javascript:>] > On Behalf Of Josep > Manel Andrés > Sent: Tuesday, March 8, 2016 5:33 AM > To: [email protected] <javascript:> > Subject: Re: [cas-user] CAS Service Management webapp not loading > > But I have multiple applications running on the same server under the same > port, just in different paths, like > > /cas > /docs > /examples > /manager > > On 08/03/16 13:24, Misagh Moayyed wrote: > > Your configuration for the management app says: > > 1. My CAS server is running here: https://cas02.mydomain:8443 2. My > Mgmt server is running here: https://cas02.mydomain.com:8443 > > Which is of course wrong. You either need to pick a different server > or a different port. These are two different apps, assuming you're on > some version of CAS4. > > > -----Original Message----- > From: [email protected] <javascript:> [mailto:[email protected] <javascript:>] > On Behalf Of > Josep Manel Andrés > Sent: Tuesday, March 8, 2016 4:55 AM > To: [email protected] <javascript:> > Subject: Re: [cas-user] CAS Service Management webapp not loading > > > Hi, > After some days stuck here, I come back to see if anyone can help me > with this. > > With the following setup I can get to the login > pagehttps://cas02.mydomain:8443/cas but I get a 404 error when going > tohttps://cas02.mydomain:8443/cas-services > > But if I go to https://cas02.mydomain:8443/cas-services/login/cas I > can see the unauthorized page. > > Any help would be appreciated. > > This is my cas-management.properties > > # CAS > cas.host=https://cas02.mydomain:8443 > #cas.host=https://localhost:8443 > cas.prefix=${cas.host} > cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${cas.pref > ix}/login > cas.securityContext.ticketValidator.casServerUrlPrefix=${cas.prefix} > > # Management > cas-management.host=https://cas02.mydomain.com:8443 > cas-management.prefix=${cas-management.host}/cas-services > cas-management.securityContext.serviceProperties.service=${cas- > management.prefix}/login/cas > cas- > management.securityContext.serviceProperties.adminRoles=hasRole('ROLE > _AD > MIN') > > # views > cas-management.viewResolver.basename=default_views > > ## > # User details file location that contains list of users # who are > allowed access to the management webapp: > # > user.details.file.location = file:/etc/cas/user-details.properties > > ## > # JSON Service Registry > # > # Directory location where JSON service files may be found. > service.registry.config.location=file:/etc/cas/services > > ## > # Log4j > # Default sourced from > WEB-INF/spring-configuration/log4jConfiguration.xml: > # > # It is often time helpful to externalize log4j.xml to a system path > to preserve settings between upgrades. > # e.g. log4j.config.location=file:/etc/cas/log4j2.xml > log4j.config.location=file:/etc/cas/log4j2.xml > > > And here is my cas.properties > > #server.name=http://cas02.bsc.es:8080server.name=https://cas02.bsc.es:8443 > server.prefix=${server.name}/cas > > > On 17/02/16 17:11, Josep Manel Andrés wrote: > > Hi, > I am done with the CAS installation along with the LDAP setup (btw, > I had to enable SAML under pom.xml for LDAP auth to work....don't > know > why...) > so now I am trying to build and deploy cas-services management > webapp, following the maven overlay, I just followed the procedure > from the website that is basically coping the files from etc > directory and moving them, to my /etc/cas/ directory along with > cas.properties and log4j2.xml. I also edited log4j2.xml and added > > <RollingFile name="cas-management" > fileName="/opt/tomcat/logs/cas-services/cas-management.log" > > append="true" > > filePattern="/opt/tomcat/logs/cas-services/cas-management-%d{yyyy-MM > - > > dd-HH}-%i.log.gz"> > > <PatternLayout pattern="%d %p [%c] - %m%n"/> > <Policies> > <OnStartupTriggeringPolicy /> > <SizeBasedTriggeringPolicy size="512 KB"/> > <TimeBasedTriggeringPolicy /> > </Policies> > </RollingFile> > > > > So, app is compiling and deployment is fine, but when I go to > :https://cas02.mydomain.com:8443/cas%2Dservices/ > > nothing is loaded (I noticed there is %2D instead of a dash, doesn't > matter if I replace it with a dash) > > but if I go to :https://cas02.mydomain.com:8443/cas-services/login/cas > > I get a CAS Services Management webpage stating: > > > Access Denied > > You are not authorized to access this resource. Contact your CAS > administrator for more info. > > > I don't even have the chance to put username and password. > > do I have to modify pom.xml on cas-overlay or on the > cas-service-management overlay? > > Thanks. > > > -- > Josep Manel Andrés ([email protected] <javascript:>) Operations - Barcelona > Supercomputing Center C/ Jordi Girona, 31 http://www.bsc.es > 08034 Barcelona, Spain Tel: +34-93-405 42 14 > e-mail: [email protected] <javascript:> Fax: +34-93-413 77 21 > ----------------------------------------------- > > WARNING / LEGAL TEXT: This message is intended only for the use of > the individual or entity to which it is addressed and may contain > information which is privileged, confidential, proprietary, or exempt > from disclosure under applicable law. If you are not the intended > recipient or the person responsible for delivering the message to the > intended recipient, you are strictly prohibited from disclosing, > distributing, copying, or in any way using this message. If you have > received this communication in error, please notify the sender and > destroy and delete any copies you may have received. > http://www.bsc.es/disclaimer > > -- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, > send an email to [email protected] <javascript:>. > Visit this group athttps://groups.google.com/a/apereo.org/group/cas-user/. > > -- > Josep Manel Andrés ([email protected] <javascript:>) > Operations - Barcelona Supercomputing Center > C/ Jordi Girona, 31 http://www.bsc.es > 08034 Barcelona, Spain Tel: +34-93-405 42 14 > e-mail: [email protected] <javascript:> Fax: +34-93-413 77 21 > ----------------------------------------------- > > WARNING / LEGAL TEXT: This message is intended only for the use of the > individual or entity to which it is addressed and may contain > information which is privileged, confidential, proprietary, or exempt > from disclosure under applicable law. If you are not the intended > recipient or the person responsible for delivering the message to the > intended recipient, you are strictly prohibited from disclosing, > distributing, copying, or in any way using this message. If you have > received this communication in error, please notify the sender and > destroy and delete any copies you may have received. > http://www.bsc.es/disclaimer > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email > to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. > > > -- > Josep Manel Andrés ([email protected] <javascript:>) > Operations - Barcelona Supercomputing Center > C/ Jordi Girona, 31 http://www.bsc.es > 08034 Barcelona, Spain Tel: +34-93-405 42 14 > e-mail: [email protected] <javascript:> Fax: +34-93-413 77 21 > ----------------------------------------------- > > > > WARNING / LEGAL TEXT: This message is intended only for the use of the > individual or entity to which it is addressed and may contain information > which is privileged, confidential, proprietary, or exempt from disclosure > under applicable law. If you are not the intended recipient or the person > responsible for delivering the message to the intended recipient, you are > strictly prohibited from disclosing, distributing, copying, or in any way > using this message. If you have received this communication in error, > please notify the sender and destroy and delete any copies you may have > received. > > http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm> > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > > > -- > Josep Manel Andrés ([email protected] <javascript:>) > Operations - Barcelona Supercomputing Center > C/ Jordi Girona, 31 http://www.bsc.es > 08034 Barcelona, Spain Tel: +34-93-405 42 14 > e-mail: [email protected] <javascript:> Fax: +34-93-413 77 21 > ----------------------------------------------- > > > > WARNING / LEGAL TEXT: This message is intended only for the use of the > individual or entity to which it is addressed and may contain information > which is privileged, confidential, proprietary, or exempt from disclosure > under applicable law. If you are not the intended recipient or the person > responsible for delivering the message to the intended recipient, you are > strictly prohibited from disclosing, distributing, copying, or in any way > using this message. If you have received this communication in error, > please notify the sender and destroy and delete any copies you may have > received. > > http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm> > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > > > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
