Hello I have a web application which uses proxy authentification, but CAS (V4.1.1) seems don't want to create PGT: ============================================================= WHO: xxxx+password WHAT: supplied credentials: [xxxx+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xx.xx.xx SERVER IP ADDRESS: cas.exemple.com =============================================================
============================================================= WHO: xxxx+password WHAT: TGT-6-sb2S7OpchGSIqsKAsaCvd4DJmzebVAbpIeRH4fZulDIytoQMhW-cas.exemple.com ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xx.xx.xx SERVER IP ADDRESS: cas.exemple.com ============================================================= > ============================================================= WHO: xxxx+password WHAT: supplied credentials: [xxxx+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xx.xx.xx SERVER IP ADDRESS: cas.exemple.com ============================================================= ============================================================= WHO: xxxx WHAT: ST-7-LD6GkGuApeu5bTbmVkIL-cas.exemple.com for https://xxx.test.com ACTION: SERVICE_TICKET_CREATED APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: cas.exemple.com ============================================================= ============================================================= WHO: https://xxx.test.com/CasProxyServlet WHAT: supplied credentials: [https://xxx.test.com/CasProxyServlet] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: cas.exemple.com ============================================================= ============================================================= WHO: xxxx WHAT: 0 errors, 0 successes ACTION: PROXY_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Wed May 18 16:47:38 CEST 2016 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: cas.exemple.com ============================================================= Here is my service config for the moment { "@class" : "org.jasig.cas.services.RegexRegisteredService", "serviceId" : "^(https|imaps)://.*", "name" : "HTTPS and IMAPS", "id" : 10000001, "description" : "This service definition authorized all application urls that support HTTPS and IMAPS protocols.", "proxyPolicy" : { "@class" : "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy", "pattern" : "^https?://.*" }, "evaluationOrder" : 0, "usernameAttributeProvider" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" }, "logoutType" : "BACK_CHANNEL", "attributeReleasePolicy" : { "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", "principalAttributesRepository" : { "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, "authorizedToReleaseCredentialPassword" : false, "authorizedToReleaseProxyGrantingTicket" : true }, "publicKey" : { "@class" : "org.jasig.cas.services.RegisteredServicePublicKeyImpl", "location" : "classpath:RSA1024Public.key", "algorithm" : "RSA" }, "accessStrategy" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true } } I've imported the certificat of the web app into CAS's truststroe, the CAS server and the web application server can communicate with each other. Anyone knows how to fix the problem please? Thanks a lot -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAET7%2BrnJaiXuRW5UD5B_WO3Mkuj_2hd1kJV%3D4M%2BZyWgP%2BpqaAw%40mail.gmail.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
