Marvin Addison wrote:
Or maybe does anyone know how to activate
logging into phpCAS/moodle?
phpCAS has support for trace-mode debugging. We've found the output
to be very helpful in diagnosing client configuration properties. Use
the following directive:
phpCAS::setDebug('/path/to/log/file');
M
Hi Marvin. I think I already spoke with you and Scott about a similar
problem in the past, but that project was cancelled so I didn't get through.
Now I have two scenarios. I tried both with using a certificate and
without (setCasServerCert, etc). This is the output when using a
Certificate, but when not using one I get exactly the same result: a
curl_exec error.
test.php is a simple phpCas script that I attach below the output.
DCB3 .START ****************** [CAS.php:414]
DCB3 .=> () [:]
DCB3 .| =>
phpCAS::setCasServerCert('/etc/pki/tls/certs/wildcard.crt') [test.php:11]
DCB3 .| <= ''
DCB3 .| => phpCAS::forceAuthentication() [test.php:18]
DCB3 .| | => CASClient::forceAuthentication() [CAS.php:912]
DCB3 .| | | => CASClient::isAuthenticated() [client.php:692]
DCB3 .| | | | => CASClient::wasPreviouslyAuthenticated()
[client.php:797]
DCB3 .| | | | | no user found [client.php:909]
DCB3 .| | | | <= false
DCB3 .| | | | PT `ST-1-AvkOG9EQebwA3vYx3AUd-cas' is present
[client.php:819]
DCB3 .| | | | => CASClient::validatePT('', NULL, NULL)
[client.php:820]
DCB3 .| | | | | => CASClient::getURL() [client.php:396]
DCB3 .| | | | | <=
'https://moodle.myserver.co.uk/devmoodle/auth/cas/test.php'
DCB3 .| | | | | =>
CASClient::readURL('https://mytomcatserver.co.uk:443/cas-server-webapp-3.3.3/proxyValidate?service=https%3A%2F%2Fmoodle.myserver.co.uk%2Fdevmoodle%2Fauth%2Fcas%2Ftest.php&ticket=ST-1-AvkOG9EQebwA3vYx3AUd-cas',
'', NULL, NULL, NULL) [client.php:2153]
DCB3 .| | | | | | curl_exec() failed [client.php:1909]
DCB3 .| | | | | <= false
DCB3 .| | | | | could not open URL
'https://mytomcatserver.co.uk:443/cas-server-webapp-3.3.3/proxyValidate?service=https%3A%2F%2Fmoodle.myserver.co.uk%2Fdevmoodle%2Fauth%2Fcas%2Ftest.php&ticket=ST-1-AvkOG9EQebwA3vYx3AUd-cas'
to validate (CURL error #7: couldn't connect to host) [client.php:2154]
DCB3 .| | | | | => CASClient::authError('PT not
validated',
'https://mytomcatserver.co.uk:443/cas-server-webapp-3.3.3/proxyValidate?service=https%3A%2F%2Fmoodle.myserver.co.uk%2Fdevmoodle%2Fauth%2Fcas%2Ftest.php&ticket=ST-1-AvkOG9EQebwA3vYx3AUd-cas',
true) [client.php:2157]
DCB3 .| | | | | | => CASClient::getURL() [client.php:2338]
DCB3 .| | | | | | <=
'https://moodle.myserver.co.uk/devmoodle/auth/cas/test.php'
DCB3 .| | | | | | CAS URL:
https://mytomcatserver.co.uk:443/cas-server-webapp-3.3.3/proxyValidate?service=https%3A%2F%2Fmoodle.myserver.co.uk%2Fdevmoodle%2Fauth%2Fcas%2Ftest.php&ticket=ST-1-AvkOG9EQebwA3vYx3AUd-cas
[client.php:2339]
DCB3 .| | | | | | Authentication failure: PT not
validated [client.php:2340]
DCB3 .| | | | | | Reason: no response from the CAS
server [client.php:2342]
DCB3 .| | | | | | exit()
DCB3 .| | | | | | -
DCB3 .| | | | | -
DCB3 .| | | | -
DCB3 .| | | -
DCB3 .| | -
DCB3 .| -
If I manually open (browser or wget) the failed url, I get this (but I
think this depends on the fact that the ticket is not valid anymore when
I try manually, which is not the case when phpCas tries it):
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-1-AvkOG9EQebwA3vYx3AUd-cas' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
And this is my script:
<?php
//initialize the CAS library
require_once('CAS/CAS.php');
$_REQUEST['login'] = 'myuser';
phpCAS::client(CAS_VERSION_2_0, 'mytomcatserver.co.uk', 443,
'/cas-server-webapp-3.3.3');
phpCAS::setDebug($filename='phpCAS.log');
phpCAS::traceBegin();
phpCAS::setCasServerCert($cascert='/etc/pki/tls/certs/wildcard.crt');
//phpCAS::setCasServerCACert();
//phpCAS::setNoCasServerValidation();
//if the user is requesting to be logged in
if (isset($_REQUEST['login'])) {
phpCAS::forceAuthentication();
//the user is known to be logged in to CAS at this point
$_SESSION['loggedInLocally'] = true; //set a local variable telling
the program we are logged in
$_SESSION['username'] = phpCAS::getUser(); //this stores their
network user id
}
//if we want to log out of the program
if (isset($_REQUEST['logout'])) {
$_SESSION['loggedInLocally'] = false;
unset($_SESSION['username']);
}
if (isset($_SESSION['loggedinLocally']) &&
$_SESSION['loggedInLocally']===true) {
echo "You are logged in to the application";
} else {
echo "You are not logged in to the application. Log in by specifying
the 'login' log parameter to this script.";
}
phpCAS::traceEnd();
?>
Any hint/idea/suggestion would be highly appreciated :-)
Thanks,
--
Giuseppe Sollazzo
Systems Developer / Administrator
Computing Services
St. George's, University of London
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
