Done : https://github.com/apereo/cas/issues/1943
Regards. Le 10/08/2016 à 13:57, Misagh Moayyed a écrit : > > > I don’t think you have. Go ahead and file an issue please. > > > On Wednesday, August 10, 2016 at 4:46:07 AM UTC-7, Philippe MARASSE > wrote: > > BTW, The sample request found on the wiki ( > https://apereo.github.io/cas/development/protocol/SAML-Protocol.html > <https://apereo.github.io/cas/development/protocol/SAML-Protocol.html> > ) shows : > > POST /cas/samlValidate?ticket= > Host: cas.example.com <http://cas.example.com> > Content-Length: 491 > Content-Type: text/xml > > <SOAP-ENV:Envelope > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"; > <http://schemas.xmlsoap.org/soap/envelope/>> > <SOAP-ENV:Header/> > <SOAP-ENV:Body> > <samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" > MajorVersion="1" > MinorVersion="1" RequestID="_192.168.16.51.1024506224022" > IssueInstant="2002-06-19T17:03:44.022Z"> > <samlp:AssertionArtifact> > ST-1-u4hrm3td92cLxpCvrjylcas.example.com > <http://ST-1-u4hrm3td92cLxpCvrjylcas.example.com> > </samlp:AssertionArtifact> > </samlp:Request> > </SOAP-ENV:Body> > </SOAP-ENV:Envelope> > > but phpCAS does not use POST /cas/samlValidate?ticket= but > /cas/samlValidate?TARGET= Regards. > Le 10/08/2016 à 12:39, Philippe MARASSE a écrit : >> Folks, >> >> I'm testing basic authentication (casuser:Mellon) with CAS 5 server and >> official phpCAS 1.3.4 client with SAML 1.1 validation, and it does not >> seem to work. >> >> Cas Client send post data : >> >> <SOAP-ENV:Envelope >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"; >> <http://schemas.xmlsoap.org/soap/envelope/>> >> <SOAP-ENV:Header/> >> <SOAP-ENV:Body> >> <samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" >> MajorVersion="1" MinorVersion="1" >> RequestID="_192.168.16.51.1024506224022" >> IssueInstant="2002-06-19T17:03:44.022Z"> >> >> >> <samlp:AssertionArtifact>ST-2-aghFC3hJ2dnePztkMfbK-devcas1</samlp:AssertionArtifact> >> </samlp:Request> >> </SOAP-ENV:Body> >> </SOAP-ENV:Envelope> >> >> to : >> >> https://php-dev.mydomain.com/cas/samlValidate?TARGET=http%3A%2F%2Fphp-dev.mydomain.com%2Fphilippe%2Feclipse%2Ftestcas%2Fwww%2Fsaml11.php >> >> <https://php-dev.mydomain.com/cas/samlValidate?TARGET=http%3A%2F%2Fphp-dev.mydomain.com%2Fphilippe%2Feclipse%2Ftestcas%2Fwww%2Fsaml11.php> >> >> I got this answer from CAS Server : >> >> <?xml version="1.0" encoding="UTF-8"?> >> <SOAP-ENV:Envelope >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"; >> <http://schemas.xmlsoap.org/soap/envelope/>> >> <SOAP-ENV:Body> >> <saml1p:Response InResponseTo="_192.168.16.51.1024506224022" >> IssueInstant="2016-08-10T09:44:12.393 >> Z" MajorVersion="1" MinorVersion="1" >> ResponseID="_2905923a3d94406937598b14f57e8043" >> >> xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"><saml1p:Status><saml1p:StatusCode >> Value="saml1p:RequestDenied"/><saml1p:StatusMessage> >> Les paramètres 'service' et 'ticket' sont tous deux >> nécessaires</saml1p:StatusMessage></saml1p:Status> >> </saml1p:Response> >> </SOAP-ENV:Body> >> </SOAP-ENV:Envelope> >> >> Server complains about missing ticket and/or service parameter ?? >> Validation works for both CASv2 and CASv3 protocol but not with SAMLv1.1. >> SAMLv1.1 works against our production CAS v3.5 servers. >> >> Relevant part of my pom.xml (maven war overlay method) : >> <cas.groupId>org.apereo.cas</cas.groupId> >> <cas.version>5.0.0.RC1-SNAPSHOT</cas.version> >> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> <artifactId>cas-server-support-spnego</artifactId> >> <version>${cas.version}</version> >> <scope>runtime</scope> >> </dependency> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> <artifactId>cas-server-support-spnego-webflow</artifactId> >> <version>${cas.version}</version> >> <scope>runtime</scope> >> </dependency> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> >> <artifactId>cas-server-support-json-service-registry</artifactId> >> <version>${cas.version}</version> >> </dependency> >> >> <!-- Support SAMLv1.1 et v2 --> >> <dependency> >> <groupId>org.apereo.cas</groupId> >> <artifactId>cas-server-support-saml</artifactId> >> <version>${cas.version}</version> >> </dependency> >> >> Am I missing something (again :-) ) ? >> >> Regards. >> > -- > Philippe MARASSE > > Responsable pôle Infrastructures - DSIO > Centre Hospitalier Henri Laborit > CS 10587 - 370 avenue Jacques Cœur > 86021 Poitiers Cedex > Tel : 05.49.44.57.19 > > -- You received this message because you are subscribed to the Google > Groups "CAS Community" group. To unsubscribe from this group and stop > receiving emails from it, send an email to > [email protected] > <mailto:[email protected]>. To post to this group, send > email to [email protected] <mailto:[email protected]>. Visit this > group at https://groups.google.com/a/apereo.org/group/cas-user/. To > view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd2fcb58-7247-4691-ad7e-b07de233c87d%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd2fcb58-7247-4691-ad7e-b07de233c87d%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fec846cd-e704-9f8e-9456-3a341779a34e%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
