I'm trying to connect to a CAS 5.3.3 server using the `apereo/mod_auth_cas` master branch. Following sign-in, the browser reports 'Secure Connection Failed' (ERR_EMPTY_RESPONSE) and the Apache ticket cache is empty. Does the configuration below suggest a problem with the CAS certificate path?
Thanks for taking a look. -Alan LoadModule auth_cas_module /usr/lib/apache2/modules/mod_auth_cas.so CASCertificatePath /etc/ssl/cert/CAS_SERVER_x509chain.pem CASCookiePath /var/cache/apache2/mod_auth_cas/ CASLoginURL https://CAS_SERVER/cas/login CASValidateURL https://CAS_SERVER/cas/samlValidate CASValidateSAML On CASAttributePrefix SAML- CASDebug On <LocationMatch ^/auth/> AuthType CAS AuthName "Authentication Required" CASAuthNHeader CAS-User Require valid-user </LocationMatch> [auth_cas:debug] [pid 20375] mod_auth_cas.c(2675): entering check_vhost_config() [auth_cas:debug] [pid 20376] mod_auth_cas.c(2675): entering check_vhost_config() [core:debug] [pid 20378] protocol.c(2316): [client CLIENT_IP:49262] AH03155: select protocol from , choices=h2,http/1.1 for server APP_HOST [core:debug] [pid 20379] protocol.c(2316): [client CLIENT_IP:49264] AH03155: select protocol from , choices=h2,http/1.1 for server APP_HOST [authz_core:debug] [pid 20379] mod_authz_core.c(820): [client CLIENT_IP:49264] AH01626: authorization result of Require valid-user : denied (no authenticated user yet) [authz_core:debug] [pid 20379] mod_authz_core.c(820): [client CLIENT_IP:49264] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet) [auth_cas:debug] [pid 20379] mod_auth_cas.c(2159): [client CLIENT_IP:49264] Entering cas_authenticate() [auth_cas:debug] [pid 20379] mod_auth_cas.c(610): [client CLIENT_IP:49264] CAS Service 'https%3a%2f%2fAPP_HOST%2fauth%2f' [auth_cas:debug] [pid 20379] mod_auth_cas.c(558): [client CLIENT_IP:49264] entering getCASLoginURL() [auth_cas:debug] [pid 20379] mod_auth_cas.c(535): [client CLIENT_IP:49264] entering getCASGateway() [auth_cas:debug] [pid 20379] mod_auth_cas.c(625): [client CLIENT_IP:49264] entering redirectRequest() [auth_cas:debug] [pid 20379] mod_auth_cas.c(637): [client CLIENT_IP:49264] Adding outgoing header: Location: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [authz_core:debug] [pid 20378] mod_authz_core.c(820): [client CLIENT_IP:49262] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [authz_core:debug] [pid 20378] mod_authz_core.c(820): [client CLIENT_IP:49262] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20378] mod_auth_cas.c(2159): [client CLIENT_IP:49262] Entering cas_authenticate(), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20378] mod_auth_cas.c(682): [client CLIENT_IP:49262] Modified r->args (now ''), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20378] mod_auth_cas.c(1832): [client CLIENT_IP:49262] entering getResponseFromServer(), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20378] mod_auth_cas.c(1895): [client CLIENT_IP:49262] samlPayload = <?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="6cef759bedefebb9b13afbae6f18f368" ><samlp:AssertionArtifact>ST-53 -zxrvP6m7ACd--xeOLhHqVxQ-7MISFACAS3</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope>, referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20378] mod_auth_cas.c(610): [client CLIENT_IP:49262] CAS Service 'https%3a%2f%2fAPP_HOST%2fauth%2f', referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [core:debug] [pid 20380] protocol.c(2316): [client CLIENT_IP:49280] AH03155: select protocol from , choices=h2,http/1.1 for server APP_HOST [authz_core:debug] [pid 20380] mod_authz_core.c(820): [client CLIENT_IP:49280] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [authz_core:debug] [pid 20380] mod_authz_core.c(820): [client CLIENT_IP:49280] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20380] mod_auth_cas.c(2159): [client CLIENT_IP:49280] Entering cas_authenticate(), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20380] mod_auth_cas.c(682): [client CLIENT_IP:49280] Modified r->args (now ''), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20380] mod_auth_cas.c(1832): [client CLIENT_IP:49280] entering getResponseFromServer(), referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20380] mod_auth_cas.c(1895): [client CLIENT_IP:49280] samlPayload = <?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="bd2e248cbb8aec0e1a8188502988c82e" ><samlp:AssertionArtifact>ST-53 -zxrvP6m7ACd--xeOLhHqVxQ-7MISFACAS3</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope>, referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [auth_cas:debug] [pid 20380] mod_auth_cas.c(610): [client CLIENT_IP:49280] CAS Service 'https%3a%2f%2fAPP_HOST%2fauth%2f', referer: https://CAS_SERVER/cas/login?service=https%3a%2f%2fAPP_HOST%2fauth%2f [core:debug] [pid 20384] protocol.c(2316): [client APP_HOST_IP:57578] AH03155: select protocol from , choices=http/1.1 for server APP_HOST [authz_core:debug] [pid 20384] mod_authz_core.c(820): [client APP_HOST_IP:57578] AH01626: authorization result of Require all granted: granted [authz_core:debug] [pid 20384] mod_authz_core.c(820): [client APP_HOST_IP:57578] AH01626: authorization result of <RequireAny>: granted -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4c7620e0-052c-414b-af91-5d71515bab4e%40apereo.org.
