Possibly. Start with this tutorial and compare: https://wiki.jasig.org/display/CASUM/HOWTO+CASifying+ASP.NET+WebApp+-+ExampleWebsite
.NET client is only able to retrieve attributes via samlValidate. It does not yet support the new CAS3 protocol. From: Roger Spears [mailto:[email protected]] Sent: Monday, June 27, 2016 5:46 AM To: Misagh Moayyed <[email protected]> Subject: Re: [cas-user] .Net client and redirect issue Hello, Thanks for the response. Here's what I have found... The server hosting the .Net app does have a cert. However, the cert is for *.<fqdn>.com I'm guessing the wildcard in the cert name is causing issues? Also, will the .Net app have access to attributes that are in AD? I did see the attributes in the logs, but I thought I read somewhere (recently) the .Net app can't access attributes... Thanks, Roger On Fri, Jun 24, 2016 at 6:43 PM, Misagh Moayyed <[email protected] <mailto:[email protected]> > wrote: SSL. ‘nuff sed :) Redirect loops are most commonly caused by validation calls from the app failing to reach cas or vice versa because some cert somewhere isn't trusted. >From: [email protected] <mailto:[email protected]> >[mailto:[email protected] <mailto:[email protected]> ] On Behalf Of >Roger Spears Sent: Friday, June 24, 2016 12:59 PM To: [email protected] <mailto:[email protected]> Subject: [cas-user] .Net client and redirect issue Hello, Using the example and instructions located at: https://github.com/UniconLabs/cas-sample-dotnet-webapp We deployed the .Net client to a Windows Server 2012 running IIS 8. The .Net app is pointing at our CAS installation (version 3.5.2.1). Our CAS works with other applications, but none of them are .Net applications. When we load the .Net app in a browser, we are sent to the CAS login page. After providing our login credentials, we eventually see a message that states "The page isn't redirecting properly" in the browser. When the message appears, the URL in the URL bar of the browser is: https:// <https://%3cfqdn%3e/Public/Default.aspx> <fqdn>/Public/Default.aspx At this point, the browser has 2 cookies for CAS. There is a JSESSIONID cookie and a CASTGC cookie. Both are set to the /cas/ path. The CASTGC cookie has a value that begins with TGT. We set the logs to DEBUG. In the log(s) I can see the authentication is working against our AD, complete with attributes. If we adjust the web.config file so the redirectAfterValidation="false", we do see the default CAS login page and after entering valid credentials we see the "You have successfully logged in" message on the CAS login page...but we are never sent back to the .Net application. Things we tried that didn't make a difference: 1. Setting the defaultURL in the <forms> section of the web.config to be: https:// <https://%3cfqdn%3e/Public/Default.aspx> <fqdn>/Public/Default.aspx 2. Setting the path in the <forms> section to "/" What's in the log that is questionable: 1. CAS and catalina log: Error getting service from flow state / no active flowsession to access; this FlowExecution has ended. I don't know enough to tell if this is the cause or a result of the cause. 2. localhost log for Tomcat lists the following entries: CASSERVER -- POST -- /cas/login;jsessionid=97fbdsdddd?service=https://<fqdn>/Public/Default.aspx -- 302 NETAPPLICATION -- GET -- /validate?service=https://<fqdn>/Public/Default.aspx&ticket=ST-1-ingfsdJKdklam -- 404 CASSERVER -- GET -- /cas/login?service=https://<fqdn>/Public/Default.aspx -- 302 NETAPPLICATION -- GET -- /validate?service=https://<fqdn>/Public/Default.aspx&ticket=ST-2-Bsdjklwe39fdsm -- 404 These repeat and the ST increases all the way to ST-7 Any hints on what might be mis-configured? Thanks, Roger -- Roger Spears Northwest State Community College 22600 State Route 34 Archbold, Ohio 43502 P: 419-267-1304 <tel:419-267-1304> F: 419-267-3891 <tel:419-267-3891> *********************************** This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected under FERPA ( http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited. Northwest State Community College and/or any part thereof shall not be liable for the message if altered, falsified, or in case of error in the recipient. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <mailto:[email protected]> . To post to this group, send email to [email protected] <mailto:[email protected]> . Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFHJ8H2zR5jPXnN9-xatGAEy0QO8BF4CJqBZbsE2vTmKf5f3ww%40mail.gmail.com <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFHJ8H2zR5jPXnN9-xatGAEy0QO8BF4CJqBZbsE2vTmKf5f3ww%40mail.gmail.com?utm_medium=email&utm_source=footer> . For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <mailto:[email protected]> . To post to this group, send email to [email protected] <mailto:[email protected]> . Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3dcf1efc-f34c-449b-9234-dea7647f85f0%40unicon.net <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3dcf1efc-f34c-449b-9234-dea7647f85f0%40unicon.net?utm_medium=email&utm_source=footer> . For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Roger Spears Northwest State Community College 22600 State Route 34 Archbold, Ohio 43502 P: 419-267-1304 F: 419-267-3891 *********************************** This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected under FERPA ( http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited. Northwest State Community College and/or any part thereof shall not be liable for the message if altered, falsified, or in case of error in the recipient. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/006a01d1d085%240eef0bf0%242ccd23d0%24%40unicon.net. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
