Hi guys, I am using CAS 5.3.6 and pac4j. I have an issue with delegating authentication to an external identity provider. I have seen the exchange in saml tracer, in the logs and compare it with cas server's code, so i can say that the request is well built and store the ticketID(clientID). but when receiving the response cas can't find clientID and throw me and exception: 2018-11-29 17:37:12,259 DEBUG [org.apereo.cas.web.pac4j.SessionStoreCookieGenerator] - <Removed cookie with name [PAC4JDELSESSION]> 2018-11-29 17:37:12,260 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier could not found as part of the request parameters. Looking at relay-state for the SAML2 client> 2018-11-29 17:37:12,260 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier could not found as part of the request parameters. Looking at relay-state for the SAML2 client> 2018-11-29 17:37:12,260 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client identifier for this request as [null]> 2018-11-29 17:37:12,260 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client identifier for this request as [null]> 2018-11-29 17:37:12,263 ERROR [org.apereo.cas.web.DelegatedClientWebflowManager] - <Delegated client identifier cannot be located in the authentication request [https://idp-auth.dev.test-gar.education.fr/login?client_name=ENTAWL]> 2018-11-29 17:37:12,263 ERROR [org.apereo.cas.web.DelegatedClientWebflowManager] - <Delegated client identifier cannot be located in the authentication request [https://idp-auth.dev.test-gar.education.fr/login?client_name=ENTAWL]> 2018-11-29 17:37:12,267 ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <> org.apereo.cas.services.UnauthorizedServiceException: at org.apereo.cas.web.DelegatedClientWebflowManager.retrieveSessionTicketViaClientId(DelegatedClientWebflowManager.java:149) ~[classes/:5.3.6] at org.apereo.cas.web.DelegatedClientWebflowManager.retrieve(DelegatedClientWebflowManager.java:129) ~[classes/:5.3.6]
My configuration pac4j below: ##Delegate authentication cas.authn.pac4j.saml[0].clientName=ENTAWL cas.authn.pac4j.saml[0].keystorePassword=nalle123 cas.authn.pac4j.saml[0].privateKeyPassword=nalle123 cas.authn.pac4j.saml[0].keystorePath=/MIDDLE/RGA/gar-authent-idp-sp/etc/cas/samlKeystore.jks cas.authn.pac4j.saml[0].serviceProviderEntityId=https://idp-auth.dev.test-gar.education.fr/login cas.authn.pac4j.saml[0].serviceProviderMetadataPath=/RESSOURCES/metadataStore/sp-metadata.xml cas.authn.pac4j.saml[0].identityProviderMetadataPath=/MIDDLE/RGA/gar-authent-sp/etc/metadataStore/metadataTEST.xml cas.authn.pac4j.saml[0].wantsAssertionsSigned=true cas.authn.pac4j.saml[0].forceAuth=false Can anyone help me to resolve this problem? Charafeddine -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a1990a3d-c809-4522-aa2d-e72c45a84249%40apereo.org.
