Re: [cas-user] Problem with CAS authentication

Thu, 23 Jan 2020 09:27:19 -0800 

Ben,

I do not know about guacamole. Does it need to be a proxy? If not, configure it 
as a regular service.

During the proxy validation process, CAS makes a call to the services proxy 
callback endpoint (this is defined in the service definition). This looks to be 
working correctly, because of the remaining logs you posted.
It looks to me like the proxy callback is protected by login. Thus when CAS 
calls proxy callback guacamole redirects to log in with the ST. The log in page 
is returned and this is shows in the tomcat log as an xml error with the img 
tag.

Turn up CAS logging to debug or add this to log4j2.xml

        <!-- DEBUG Response code from server matched [###] may be useful for 
debugging proxy
                   Created HTTP post message payload [POST URL] on logout -->
        <AsyncLogger name="org.apereo.cas.util.http.SimpleHttpClient" 
level="error" />

Ray


On Thu, 2020-01-23 at 02:06 -0800, BenDDD wrote:
Hi everyone,

I'm testing the Apache Guacamole solution and i want to set CAS authentication. 
I have installed the CAS extension in the Guacamole app in Tomcat.

When i reach https://guacamole.ourdomain.fr/guacamole, i am correctly 
redirected to https://cas.ourdomain.fr/cas/login. I enter my username and 
password and got redirected again to 
https://guacamole.ourdomain.fr/guacamole/#/?ticket=ST-290-5oZgIyiJ6wKl11IB13TW-cas.ourdomain.fr
 but the web page shows an error message<https://ibb.co/dDkDcqV>.

Here is the CAS server Tomcat logs<https://pastebin.com/5SnDjvr7>.

And the Guacamole server Tomcat logs<https://pastebin.com/KKS3ijs2>.

Thank you in advance for your help.

BenDDD

--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>

I respectfully acknowledge that my place of work is located within the 
ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
WSÁNEĆ Nations.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ab09203e91b2dc6fa8fa2f76a63a712b57680e6.camel%40uvic.ca.

Reply via email to