Hello David,
The CAS Dashboard and the CAS Management are running on the same host.
The DNS is pointing on the CAS server :
C:\Users\Samuel.GARCON>nslookup ssp.emd-management.fr
Server: w-app-1.emd-management.fr
Address: 172.16.17.3
Name: ssp.emd-management.fr
Address: 192.168.200.11
root@L-APP-2:/etc/cas/config# ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.200.11 netmask 255.255.255.0 broadcast
192.168.200.255
inet6 fe80::250:56ff:fe95:689b prefixlen 64 scopeid 0x20<link>
ether 00:50:56:95:68:9b txqueuelen 1000 (Ethernet)
RX packets 151921 bytes 27672266 (26.3 MiB)
RX errors 0 dropped 19 overruns 0 frame 0
TX packets 134584 bytes 171085379 (163.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Thanks,
Sam
Le vendredi 30 août 2019 13:38:31 UTC+2, David Curry a écrit :
>
> Are the CAS dashboard and CAS management server running on the same host?
> Is your DNS doing the wrong thing and you're connecting to localhost
> (127.0.0.1) instead of the interface where Tomcat is listening?
>
> I would turn on some logging or tracing and verify that the IP/port your
> client is connecting to is the same one where the server is listening.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • [email protected] <javascript:>
>
>
> On Fri, Aug 30, 2019 at 7:30 AM Samuel GARÇON <[email protected]
> <javascript:>> wrote:
>
>> Hi Matthew,
>>
>> SSL cert used is valid util 21-Oct-20.
>> There is a firewall between the server and the client, but nothing is
>> blocked, and some services (CAS/SAML) are working.
>>
>> When i'm testing from the cas dashboard or from the cas-management web
>> aps the connection is refused.
>> But if i'm testing from a wordpress using cas, it's working
>>
>> - G Suite (SAML via SAML SP Integration) OK
>> - WordPress Auth (CAS) OK
>> - SalesForce (SAML via SAML SP Integration) NOK
>> - CAS Admin Dashboard (CAS) NOK
>> - CAS Management Web (CAS) NOK
>>
>> I'm using CAS 5.3.11.
>>
>> Thanks for your help,
>>
>> Sam
>>
>> Le vendredi 30 août 2019 12:46:31 UTC+2, Matthew Uribe a écrit :
>>>
>>> Just my initial thoughts: is there an expired SSL cert or a closed port
>>> in a firewall? The connection refused seems to indicate something possibly
>>> along those lines.
>>>
>>> On Fri, Aug 30, 2019, 3:23 AM Samuel GARÇON <[email protected]>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm sorry to post again, but i really need some help.
>>>>
>>>> Thanks,
>>>>
>>>> Sam
>>>>
>>>> Le jeudi 29 août 2019 18:11:25 UTC+2, Samuel GARÇON a écrit :
>>>>>
>>>>> Hi,
>>>>>
>>>>> After somme extensive debug, some services are working :
>>>>>
>>>>> - G Suite (SAML via SAML SP Integration) OK
>>>>> - WordPress Auth (CAS) OK
>>>>> - SalesForce (SAML via SAML SP Integration) NOK
>>>>> - CAS Admin Dashboard (CAS) NOK
>>>>>
>>>>> The problem seems to be located on the service validate side :
>>>>>
>>>>> 2019-08-29 18:08:50,183 ERROR [org.jasig.cas.client.util.CommonUtils]
>>>>> - <Error getting response from host: [ssp.emd-management.fr
>>>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__ssp.emd-2Dmanagement.fr&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=g87YygvNpseLKNH9RZs5u6goZegMUTtixPJ5R3X9AHU&e=>]
>>>>>
>>>>> with path: [/cas/p3/serviceValidate] and protocol: [https] Error Message:
>>>>> Connection refused (Connection refused)>
>>>>>
>>>>>
>>>>> Thanks for your help.
>>>>>
>>>>> Sam
>>>>>
>>>>>
>>>>> Le jeudi 29 août 2019 14:11:02 UTC+2, Samuel GARÇON a écrit :
>>>>>>
>>>>>> This issue is very problematic for me.
>>>>>>
>>>>>> So please find below more informations about my configuration
>>>>>>
>>>>>> - Directory used : AD
>>>>>> - No logon_hour are configured
>>>>>>
>>>>>> Thanks for your help :)
>>>>>>
>>>>>> Sam
>>>>>>
>>>>>> Le jeudi 29 août 2019 09:51:21 UTC+2, Samuel GARÇON a écrit :
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> After rebooting my cas server, i can't accessing services.
>>>>>>>
>>>>>>> Authentification seems to be OK, but ticket granting seems to fail :
>>>>>>>
>>>>>>> Error: java.net.ConnectException: Connection refused (Connection
>>>>>>> refused)
>>>>>>>
>>>>>>>
>>>>>>> Your account is forbidden to login at this thime ( web broswer
>>>>>>> header)
>>>>>>>
>>>>>>> Any ideas ?
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__apereo.github.io_cas&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=zE3Ct49Q_3MrYuBuXNvaPWBo4AoGjmJkgjBGdRE7VQE&e=>
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__gitter.im_apereo_cas&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=2Pek80yDCBI9EL8eq-9CUtIXLMTUKaATUIzkNSJ4OC4&e=>
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__goo.gl_1VRrw7&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=9PZDmIVK7jFBzUB93HKB6SfKi8DFTvV5ngu7rISGhYo&e=>
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__goo.gl_mh7qDG&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=c-hY__4t0Ioj2qGJlCYhStVWBV4oIIOnHTJsVW_zj3M&e=>
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a8ace89-f67f-4e25-ae99-955909bed2a9%40apereo.org
>>>>
>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_a_apereo.org_d_msgid_cas-2Duser_0a8ace89-2Df67f-2D4e25-2Dae99-2D955909bed2a9-2540apereo.org-3Futm-5Fmedium-3Demail-26utm-5Fsource-3Dfooter&d=DwMFaQ&c=spdyCQlbcMzVK9-MvWb-WQ&r=auWoa16BPqAWqsx-0-lnCDVAVu-ZWi_vyIfKhfMtR_E&m=YZINWTVJE30_D-3MuipKkxIVSwlepv1keWK7XfgkfvU&s=l0gUyxc5Mbaaks948YqCTjihR8gI5hiB12iGowqeAFQ&e=>
>>>> .
>>>>
>>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/6abb7c4f-bf14-4588-b99c-3fca2637a3bc%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/6abb7c4f-bf14-4588-b99c-3fca2637a3bc%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/70d8a3d9-301b-44fe-acb0-b0a96f850231%40apereo.org.
