> 3) Response: > <SOAP-ENV:Envelope> > <SOAP-ENV:Header/> > <SOAP-ENV:Body> > <Response IssueInstant="2009-03-05T01:53:57.398Z" > MajorVersion="1" > MinorVersion="1" Recipient="http://localhost/foo"; > ResponseID="_3aed1e4a58dbde84dd9d7815d61e9fb7"> > <Status> > <StatusCode Value="samlp:Responder"/> > <StatusMessage>Success</StatusMessage> > </Status> > </Response> > </SOAP-ENV:Body> > </SOAP-ENV:Envelope>
Despite "Success" in the response above, that is actually the payload returned for a failed ticket validation. See http://www.middleware.vt.edu/doku.php?id=middleware:cas:client#sample_saml_responses for examples of successful SAML responses. Note the NameIdentifier element that contains the NetID. As I mentioned in my previous post, you must send a HTTP POST to /samlValidate whose body content is a properly formed SAML assertion wrapped in a SOAP envelope. > https://mycasdomainname/cas/samlValidate?TARGET=http://localhost/foo&ticket=ST-1-DvuJvba6fwTP0uydDtuN-cas Browsing to the above URL in Firefox will send an HTTP GET request to /samlValidate, which cannot be understood by the CAS server. You can certainly play around with CAS SAML support using a simple HTTP client like curl or wget, but Firefox is probably the wrong tool for that sort of investigation. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
