Done : https://github.com/apereo/cas/issues/1943
Regards. Le 10/08/2016 à 13:57, Misagh Moayyed a écrit : > > > I don’t think you have. Go ahead and file an issue please. > > > On Wednesday, August 10, 2016 at 4:46:07 AM UTC-7, Philippe MARASSE > wrote: > > BTW, The sample request found on the wiki ( > https://apereo.github.io/cas/development/protocol/SAML-Protocol.html > <https://apereo.github.io/cas/development/protocol/SAML-Protocol.html> > ) shows : > > POST /cas/samlValidate?ticket= > Host: cas.example.com <http://cas.example.com> > Content-Length: 491 > Content-Type: text/xml > > <SOAP-ENV:Envelope > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" > <http://schemas.xmlsoap.org/soap/envelope/>> > <SOAP-ENV:Header/> > <SOAP-ENV:Body> > <samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" > MajorVersion="1" > MinorVersion="1" RequestID="_192.168.16.51.1024506224022" > IssueInstant="2002-06-19T17:03:44.022Z"> > <samlp:AssertionArtifact> > ST-1-u4hrm3td92cLxpCvrjylcas.example.com > <http://ST-1-u4hrm3td92cLxpCvrjylcas.example.com> > </samlp:AssertionArtifact> > </samlp:Request> > </SOAP-ENV:Body> > </SOAP-ENV:Envelope> > > but phpCAS does not use POST /cas/samlValidate?ticket= but > /cas/samlValidate?TARGET= Regards. > Le 10/08/2016 à 12:39, Philippe MARASSE a écrit : >> Folks, >> >> I'm testing basic authentication (casuser:Mellon) with CAS 5 server and >> official phpCAS 1.3.4 client with SAML 1.1 validation, and it does not >> seem to work. >> >> Cas Client send post data : >> >> <SOAP-ENV:Envelope >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" >> <http://schemas.xmlsoap.org/soap/envelope/>> >> <SOAP-ENV:Header/> >> <SOAP-ENV:Body> >> <samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" >> MajorVersion="1" MinorVersion="1" >> RequestID="_192.168.16.51.1024506224022" >> IssueInstant="2002-06-19T17:03:44.022Z"> >> >> >> <samlp:AssertionArtifact>ST-2-aghFC3hJ2dnePztkMfbK-devcas1</samlp:AssertionArtifact> >> </samlp:Request> >> </SOAP-ENV:Body> >> </SOAP-ENV:Envelope> >> >> to : >> >> https://php-dev.mydomain.com/cas/samlValidate?TARGET=http%3A%2F%2Fphp-dev.mydomain.com%2Fphilippe%2Feclipse%2Ftestcas%2Fwww%2Fsaml11.php >> >> <https://php-dev.mydomain.com/cas/samlValidate?TARGET=http%3A%2F%2Fphp-dev.mydomain.com%2Fphilippe%2Feclipse%2Ftestcas%2Fwww%2Fsaml11.php> >> >> I got this answer from CAS Server : >> >> <?xml version="1.0" encoding="UTF-8"?> >> <SOAP-ENV:Envelope >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" >> <http://schemas.xmlsoap.org/soap/envelope/>> >> <SOAP-ENV:Body> >> <saml1p:Response InResponseTo="_192.168.16.51.1024506224022" >> IssueInstant="2016-08-10T09:44:12.393 >> Z" MajorVersion="1" MinorVersion="1" >> ResponseID="_2905923a3d94406937598b14f57e8043" >> >> xmlns:saml1p="urn:oasis:names:tc:SAML:1.0:protocol"><saml1p:Status><saml1p:StatusCode >> Value="saml1p:RequestDenied"/><saml1p:StatusMessage> >> Les paramètres 'service' et 'ticket' sont tous deux >> nécessaires</saml1p:StatusMessage></saml1p:Status> >> </saml1p:Response> >> </SOAP-ENV:Body> >> </SOAP-ENV:Envelope> >> >> Server complains about missing ticket and/or service parameter ?? >> Validation works for both CASv2 and CASv3 protocol but not with SAMLv1.1. >> SAMLv1.1 works against our production CAS v3.5 servers. >> >> Relevant part of my pom.xml (maven war overlay method) : >> <cas.groupId>org.apereo.cas</cas.groupId> >> <cas.version>5.0.0.RC1-SNAPSHOT</cas.version> >> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> <artifactId>cas-server-support-spnego</artifactId> >> <version>${cas.version}</version> >> <scope>runtime</scope> >> </dependency> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> <artifactId>cas-server-support-spnego-webflow</artifactId> >> <version>${cas.version}</version> >> <scope>runtime</scope> >> </dependency> >> <dependency> >> <groupId>${cas.groupId}</groupId> >> >> <artifactId>cas-server-support-json-service-registry</artifactId> >> <version>${cas.version}</version> >> </dependency> >> >> <!-- Support SAMLv1.1 et v2 --> >> <dependency> >> <groupId>org.apereo.cas</groupId> >> <artifactId>cas-server-support-saml</artifactId> >> <version>${cas.version}</version> >> </dependency> >> >> Am I missing something (again :-) ) ? >> >> Regards. >> > -- > Philippe MARASSE > > Responsable pôle Infrastructures - DSIO > Centre Hospitalier Henri Laborit > CS 10587 - 370 avenue Jacques Cœur > 86021 Poitiers Cedex > Tel : 05.49.44.57.19 > > -- You received this message because you are subscribed to the Google > Groups "CAS Community" group. To unsubscribe from this group and stop > receiving emails from it, send an email to > cas-user+unsubscr...@apereo.org > <mailto:cas-user+unsubscr...@apereo.org>. To post to this group, send > email to cas-user@apereo.org <mailto:cas-user@apereo.org>. Visit this > group at https://groups.google.com/a/apereo.org/group/cas-user/. To > view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd2fcb58-7247-4691-ad7e-b07de233c87d%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd2fcb58-7247-4691-ad7e-b07de233c87d%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To post to this group, send email to cas-user@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fec846cd-e704-9f8e-9456-3a341779a34e%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.