Hi,
I fixed it, was a path that was not correctly set up in
cas-management.properties. Here is how the file looks right now.
# CAS
cas.host=https://cas02.mydomain.com:8443
cas.prefix=${cas.host}/cas --> I believe /cas was the problem, since it
was not there before
cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${cas.prefix}/login
cas.securityContext.ticketValidator.casServerUrlPrefix=${cas.prefix}
# Management
cas-management.host=https://cas02.mydomain.com:8443
cas-management.prefix=${cas-management.host}/cas-services
cas-management.securityContext.serviceProperties.service=${cas-management.prefix}/login/cas
cas-management.securityContext.serviceProperties.adminRoles=hasRole('ROLE_ADMIN')
Hope this helps.
Just some thoughts about documentation.... Don't you guys find a lack of
documentation/procedures for CAS environment? Specially compared with
CAS 3.X version, I think with the version 4 documentation has become
more schematic, less explanatory. I think it is a great tool used by a
lot of centers but I cannot find manuals/guides/articles on how to
intall, deploy, tweak..... cas server.
Do you guys think it is due the commercial support being behind the
product? Doesn't matter!!, a lot of free software projects have
commercial support and still they have a lot of documentation.
Cheers!
On 09/03/16 09:33, Josep Manel Andrés wrote:
My cas.properties and cas-management.properties are located in
/etc/cas directory and called from the cas app. The problem is that
cas-services is not able to log anything to the files, it has only
created an empty file, but nothing more.
Yes, I did restart the server after changes.
and tomcat logs only shows 302 error or 401 errors
Cheers.
On 08/03/16 15:45, Dmitriy Kopylenko wrote:
Hard to say what is going on there… Where’s your cas.properties file
- e.g. externalized vs embedded in the cas.war? Have you restarted
the Tomcat after adding the user? etc. etc. You will have to do some
log files sifting to figure out what is going on.
Best,
D.
On Mar 8, 2016, at 8:36 AM, Josep Manel Andrés <[email protected]
<mailto:[email protected]>> wrote:
Hi,
I've added my user there, but I don't even have the chance to get
the login page, when I type cas02.mydomain.com
<http://cas02.mydomain.com>:8443/cas-services I get redirected
somewhere and tomcat throws a 404 error. The only place I can go is
cas02.mydomain.com <http://cas02.mydomain.com>:8443/cas which the
main cas server, to which I am able to log in. But the weird thing
is when I type
https://cas02.mydomain.com:8443/cas-services/login/cas I am able to
get the unauthorized access page.
On 08/03/16 14:29, Dmitriy Kopylenko wrote:
What user are you using to login to the mgmt app? By default only
'casuser' is authorized to use the app:
https://github.com/Jasig/cas-services-management-overlay/blob/master/etc/user-details.properties#L29
Cheers,
Dmitriy.
Sent from my iPhone
On Mar 8, 2016, at 08:23, Josep Manel Andrés <[email protected]>
wrote:
No problem at all,
Regarding the deployment, I did it for both, server and cas-services:
opscas02:/opt/tomcat # l webapps/
total 81740
drwxr-xr-x 8 root root 4096 Feb 17 17:12 ./
drwxr-xr-x 9 root root 4096 Feb 4 12:40 ../
drwxr-xr-x 3 tomcat root 4096 Feb 4 12:40 ROOT/
drwxr-xr-x 8 tomcat tomcat 4096 Feb 17 10:52 cas-services/
-rw-r--r-- 1 root root 36622968 Feb 17 10:52 cas-services.war
-rw-r--r-- 1 root root 47040277 Feb 17 17:12 cas.war
drwxr-xr-x 14 tomcat root 4096 Feb 4 12:40 docs/
drwxr-xr-x 7 tomcat root 4096 Feb 4 12:40 examples/
drwxr-xr-x 5 tomcat root 4096 Feb 4 12:40 host-manager/
drwxr-xr-x 5 tomcat root 4096 Feb 4 12:40 manager/
opscas02:/opt/tomcat #
I even get this screen:
<bfhcfhib.png>
and cas server is working and authenticating:
<hjdgjceb.png>
So, I assume there might be something wrong with the config files.
when I access to https://cas02.mydomain.com:8443/cas-services
I get redirected to:
https://cas02.mydomain:8443/login?service=https%3A%2F%2Fcas02.bsc.es%2Fcas-services%2Flogin%2Fcas
not sure if this is correct.
Thanks for yor help.
On 08/03/16 14:03, Misagh Moayyed wrote:
My default. I was too presumptuous in my last post. Sorry about that.
So to clarify, there is a CAS webapp, and there is a CAS management webapp.
These are two different applications, that need to be separately deployed.
Your brief snippet here below shows that you have only deployed the former
and not the latter. (You copied the cas.war over to tomcat's but not the
other app) So you get a 404 when you try to access it. You have not deployed
the management app.
In order to do so, you need a separate overlay that builds that app for you
just like you have one now that builds the main CAS application for you.
This is a good starting point:
https://github.com/Jasig/cas-services-management-overlay
Have you done any of those steps?
-----Original Message-----
From:[email protected] [mailto:[email protected]] On Behalf Of Josep
Manel Andrés
Sent: Tuesday, March 8, 2016 5:33 AM
To:[email protected]
Subject: Re: [cas-user] CAS Service Management webapp not loading
But I have multiple applications running on the same server under the same
port, just in different paths, like
/cas
/docs
/examples
/manager
On 08/03/16 13:24, Misagh Moayyed wrote:
Your configuration for the management app says:
1. My CAS server is running here:https://cas02.mydomain:8443 2. My
Mgmt server is running here:https://cas02.mydomain.com:8443
Which is of course wrong. You either need to pick a different server
or a different port. These are two different apps, assuming you're on
some version of CAS4.
-----Original Message-----
From:[email protected] [mailto:[email protected]] On Behalf Of
Josep Manel Andrés
Sent: Tuesday, March 8, 2016 4:55 AM
To:[email protected]
Subject: Re: [cas-user] CAS Service Management webapp not loading
Hi,
After some days stuck here, I come back to see if anyone can help me
with this.
With the following setup I can get to the login page
https://cas02.mydomain:8443/cas but I get a 404 error when going to
https://cas02.mydomain:8443/cas-services
But if I go tohttps://cas02.mydomain:8443/cas-services/login/cas I
can see the unauthorized page.
Any help would be appreciated.
This is my cas-management.properties
# CAS
cas.host=https://cas02.mydomain:8443
#cas.host=https://localhost:8443
cas.prefix=${cas.host}
cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${cas.pref
ix}/login
cas.securityContext.ticketValidator.casServerUrlPrefix=${cas.prefix}
# Management
cas-management.host=https://cas02.mydomain.com:8443
cas-management.prefix=${cas-management.host}/cas-services
cas-management.securityContext.serviceProperties.service=${cas-
management.prefix}/login/cas
cas-
management.securityContext.serviceProperties.adminRoles=hasRole('ROLE
_AD
MIN')
# views
cas-management.viewResolver.basename=default_views
##
# User details file location that contains list of users # who are
allowed access to the management webapp:
#
user.details.file.location =file:/etc/cas/user-details.properties
##
# JSON Service Registry
#
# Directory location where JSON service files may be found.
service.registry.config.location=file:/etc/cas/services
##
# Log4j
# Default sourced from
WEB-INF/spring-configuration/log4jConfiguration.xml:
#
# It is often time helpful to externalize log4j.xml to a system path
to preserve settings between upgrades.
# e.g. log4j.config.location=file:/etc/cas/log4j2.xml
log4j.config.location=file:/etc/cas/log4j2.xml
And here is my cas.properties
#server.name=http://cas02.bsc.es:8080
server.name=https://cas02.bsc.es:8443
server.prefix=${server.name}/cas
On 17/02/16 17:11, Josep Manel Andrés wrote:
Hi,
I am done with the CAS installation along with the LDAP setup (btw,
I had to enable SAML under pom.xml for LDAP auth to work....don't
know
why...)
so now I am trying to build and deploy cas-services management
webapp, following the maven overlay, I just followed the procedure
from the website that is basically coping the files from etc
directory and moving them, to my /etc/cas/ directory along with
cas.properties and log4j2.xml. I also edited log4j2.xml and added
<RollingFile name="cas-management"
fileName="/opt/tomcat/logs/cas-services/cas-management.log"
append="true"
filePattern="/opt/tomcat/logs/cas-services/cas-management-%d{yyyy-MM
-
dd-HH}-%i.log.gz">
<PatternLayout pattern="%d %p [%c] - %m%n"/>
<Policies>
<OnStartupTriggeringPolicy />
<SizeBasedTriggeringPolicy size="512 KB"/>
<TimeBasedTriggeringPolicy />
</Policies>
</RollingFile>
So, app is compiling and deployment is fine, but when I go to :
https://cas02.mydomain.com:8443/cas%2Dservices/
nothing is loaded (I noticed there is %2D instead of a dash, doesn't
matter if I replace it with a dash)
but if I go to :
https://cas02.mydomain.com:8443/cas-services/login/cas
I get a CAS Services Management webpage stating:
Access Denied
You are not authorized to access this resource. Contact your CAS
administrator for more info.
I don't even have the chance to put username and password.
do I have to modify pom.xml on cas-overlay or on the
cas-service-management overlay?
Thanks.
--
Josep Manel Andrés ([email protected]) Operations - Barcelona
Supercomputing Center C/ Jordi Girona, 31http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail:[email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of
the individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email [email protected].
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail:[email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email
[email protected].
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail:[email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of
the individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or
exempt from disclosure under applicable law. If you are not the
intended recipient or the person responsible for delivering the
message to the intended recipient, you are strictly prohibited
from disclosing, distributing, copying, or in any way using this
message. If you have received this communication in error, please
notify the sender and destroy and delete any copies you may have
received.
http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm>
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected]
<mailto:[email protected]>.
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail:[email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of
the individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or
exempt from disclosure under applicable law. If you are not the
intended recipient or the person responsible for delivering the
message to the intended recipient, you are strictly prohibited from
disclosing, distributing, copying, or in any way using this message.
If you have received this communication in error, please notify the
sender and destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm>
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected]
<mailto:[email protected]>.
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected]
<mailto:[email protected]>.
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail:[email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer <http://www.bsc.es/disclaimer.htm>
--
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
--
Josep Manel Andrés ([email protected])
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31 http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: [email protected] Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
