Erik, Our Banner setup uses SAML 1.1. During the log in request it is /cas/login?TARGET=blah/banner/applicationnavigator 'service' is used for CAS protocol. Check your banner setup.
Ray On Thu, 2020-07-16 at 21:07 +0000, 'Mallory, Erik' via CAS Community wrote: Hello I think I've narrowed the problem and I *think* it's on the application side... but... is there any way to control the source parameter that we see below in the logs. If I could configure cas to always send source=TARGET I think this configuration would work for the banner apps. Log from inital login which produces "Invalid login/access denied" <Built response [org.apereo.cas.authentication.principal.DefaultResponse@323ac4df] for [AbstractWebApplicationService(id= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , originalUrl= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , artifactId=null, principal=f282c439, source=service, loggedOutAlready=false, format=XML, attributes={})]> ^^ Invalid login access denied. Log from the an established CAS/ADFS session gaining access to the application <Located service [AbstractWebApplicationService(id= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , originalUrl= <https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check> https://banxe-appdev.wichita.edu/applicationNavigator/j_spring_cas_security_check , artifactId=null, principal=f282c439, source=TARGET, loggedOutAlready=false, format=XML, attributes={})] from the context> ^^ works In the applications there is a groovy file with a parameter serviceParameter = 'TARGET' I tried changing it to 'service' but had no luck. -- Erik Mallory Server Analyst Wichita State University -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/59e99d2ecf12319202385331d62deab86ef0f49d.camel%40uvic.ca.
