Just looking at your log I don't see anything about your mod_auth_cas protected application attempting to have the service ticket validated. I see where the ST is being granted but not validated.
You need to confirm from the mod_auth_cas side if the redirect from the CAS server with the ST is being received. I am not too too familiar with mod_auth_cas, but I am sure there has to be a way to enable debug on it. Check its logs as well as your apache ssl_access_log for requests with the ticket parameter on the query string. A- On 7/15/09 1:32 AM, "Thierry Delaitre" <[email protected]> wrote: > Hello, > > The redirected loop happened again. I was able to access the first > mod_auth_cas ok (https://users/td). I got the redirected loop when accessing > the second server (https://download/tp). All messages on the cas server seems > ok (see below) and there are no errors on the mod_auth_cas on both apache > servers. Could it be a web proxy caching issue ? > > Thanks > > Thierry. > > 2009-07-15 06:55:35,223 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > AuthenticationHandler: > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully > authenticated the user which provided the following credentials: [username: > xxx] > 2009-07-15 06:55:35,223 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipal > Resolver] - Attempting to resolve a principal... > 2009-07-15 06:55:35,223 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipal > Resolver] - Creating SimplePrincipal for [xxx] > 2009-07-15 06:55:35,224 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action > 'AuthenticationViaFormAction' completed execution; result is 'success' > 2009-07-15 06:55:35,224 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action > 'SendTicketGrantingTicketAction' beginning execution > 2009-07-15 06:55:35,224 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - Action > 'SendTicketGrantingTicketAction' completed execution; result is 'success' > 2009-07-15 06:55:35,224 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' beginning execution > 2009-07-15 06:55:35,224 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] > - Granted service ticket [ST-63-6j2Q937wleBvobOvfjj2-cas] for service > [https://users/td/] for user [xxx] > 2009-07-15 06:55:35,225 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' completed execution; result is 'success' > 2009-07-15 06:55:39,323 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] > - Action 'InitialFlowSetupAction' beginning execution > 2009-07-15 06:55:39,323 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] > - Placing service in FlowScope: https://download/td > 2009-07-15 06:55:39,323 DEBUG [org.jasig.cas.web.flow.InitialFlowSetupAction] > - Action 'InitialFlowSetupAction' completed execution; result is 'success' > 2009-07-15 06:55:39,323 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' beginning execution > 2009-07-15 06:55:39,324 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] > - Granted service ticket [ST-64-A703UO7iy2v06pjbDTfo-cas] for service > [https://download/td] for user [xxx] > 2009-07-15 06:55:39,324 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action > 'GenerateServiceTicketAction' completed execution; result is 'success' > > > > -----Original Message----- > From: Phil Ames [mailto:[email protected]] > Sent: 12 July 2009 23:32 > To: [email protected] > Subject: Re: [cas-user] Redirected loop > > Hi Thierry, > Do you have any debug level logging information when this issue > occurs? Be sure to set "CASDebug On" in the mod_auth_cas > configuration as well as "LogLevel Debug" in the VirtualHost container > to capture the debug information. This will help us troubleshoot the > problem. > > Thanks, > -Phil > > On Sun, Jul 12, 2009 at 4:58 PM, Thierry > Delaitre<[email protected]> wrote: >> Hello, >> >> I'm using CAS 3.3.3 on debian and 2 apache 2.2 servers with mod_auth_cas >> 1.0.8-3 on debian. >> >> I got a 'redirected loop' when signing after the session had expired. I >> sometimes do not experience this. Deleting the expired cookie fixed this. >> >> Is this a bug ? >> >> Thanks >> >> Thierry. >> >> The University of Westminster is a charity and a company >> limited by guarantee. Registration number: 977818 England. >> Registered Office: 309 Regent Street, London W1B 2UW. >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user -- Andrew Feller, Business System Programmer LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
