Re:[cas-user] CasOwa - help please

Wed, 31 Mar 2010 11:41:48 -0700 

Success!! I imported those handlers by wildcard mapping in IIS 6.

I'm now having a new error after a successful login:


   /The remote server returned an error: (500) Internal Server Error./

reader = new StreamReader(new WebClient().OpenRead(clearPassRequest));

[WebException: The remote server returned an error: (500) Internal Server 
Error.]
  System.Net.WebClient.OpenRead(Uri address) +366
  System.Net.WebClient.OpenRead(String address) +29
  CasOwa.CasOwaAuthHandler.ProcessRequest(HttpContext context) in C:\Documents 
and Settings\Administrator\Desktop\casowa\CasOwaAuthHandler.cs:149

[HttpException (0x80004005): Error getting response from clearPass at URL: 
https://winserver.xtanki.local:8443/cas/clearPass?ticket=ST-2-FwvPXe3T4WmxKRTVmkz6-cas&service=https://winserver.xtanki.local:8443/cas/clearPass.
 The remote server returned an error: (500) Internal Server Error.]
  CasOwa.CasOwaAuthHandler.ProcessRequest(HttpContext context) in C:\Documents 
and Settings\Administrator\Desktop\casowa\CasOwaAuthHandler.cs:153
  
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
 +181
  System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& 
completedSynchronously) +75

*CAS logs:*
2010-03-31 19:28:00,654 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered services. 2010-03-31 19:28:00,654 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. 2010-03-31 19:29:55,108 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://winserver.xtanki.local/coa/auth 2010-03-31 19:29:55,118 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://winserver.xtanki.local/coa/auth 2010-03-31 19:30:00,726 DEBUG [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] - Performing LDAP bind with credential: CN=fwestanqueiro,CN=Users,DC=xtanki,DC=local 2010-03-31 19:30:00,636 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered services. 2010-03-31 19:30:00,746 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. 2010-03-31 19:30:00,807 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to authenticate the user which provided the following credentials: [username: fwestanqueiro] 2010-03-31 19:30:00,807 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://winserver.xtanki.local/coa/auth 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] - Performing LDAP bind with credential: CN=fwestanqueiro,CN=Users,DC=xtanki,DC=local 2010-03-31 19:30:05,193 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: fwestanqueiro] 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - Attempting to resolve a principal... 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - Creating SimplePrincipal for [fwestanqueiro] 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [TGT-3-Ffh0jPrbuC1huEL12LEOUHo2fA7ewP12qraCEkBgzY1Vq0tWws-cas] to registry. 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Removed cookie with name [CASPRIVACY] 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - Added cookie with name [CASTGC] and value [TGT-3-Ffh0jPrbuC1huEL12LEOUHo2fA7ewP12qraCEkBgzY1Vq0tWws-cas] 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to retrieve ticket [TGT-3-Ffh0jPrbuC1huEL12LEOUHo2fA7ewP12qraCEkBgzY1Vq0tWws-cas] 2010-03-31 19:30:05,193 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [TGT-3-Ffh0jPrbuC1huEL12LEOUHo2fA7ewP12qraCEkBgzY1Vq0tWws-cas] found in registry. 2010-03-31 19:30:05,203 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] to registry. 2010-03-31 19:30:05,203 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] for service [https://winserver.xtanki.local/coa/auth] for user [fwestanqueiro] 2010-03-31 19:30:05,233 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://winserver.xtanki.local/coa/auth 2010-03-31 19:30:05,233 DEBUG [org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] - Attempting to resolve credentials for [callbackUrl: https://winserver.xtanki.local/coa/proxyCallback] 2010-03-31 19:30:05,443 DEBUG [org.jasig.cas.util.HttpClient] - Response code from server matched 200. 2010-03-31 19:30:05,453 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler successfully authenticated the user which provided the following credentials: [callbackUrl: https://winserver.xtanki.local/coa/proxyCallback] 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to retrieve ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] found in registry. 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [TGT-4-scxVp7pf6qmSPaWSJUAeCLZGwEyUEihgun1xW3fYA4jd4hZif0-cas] to registry. 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to retrieve ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] found in registry. 2010-03-31 19:30:05,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Removing ticket [ST-3-HBYRJEgeVRBUScLgjn09-cas] from registry 2010-03-31 19:30:05,463 DEBUG [org.jasig.cas.util.HttpClient] - Response code from server matched 200. 2010-03-31 19:30:05,463 DEBUG [org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler] - Sent ProxyIou of PGTIOU-2-eJiqBghiyblIRUpUsvp2-cas for service: [callbackUrl: https://winserver.xtanki.local/coa/proxyCallback] 2010-03-31 19:30:05,473 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to retrieve ticket [TGT-4-scxVp7pf6qmSPaWSJUAeCLZGwEyUEihgun1xW3fYA4jd4hZif0-cas] 2010-03-31 19:30:05,473 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [TGT-4-scxVp7pf6qmSPaWSJUAeCLZGwEyUEihgun1xW3fYA4jd4hZif0-cas] found in registry. 2010-03-31 19:30:05,473 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [ST-4-C64VPiXegTyLPKGjVtO5-cas] to registry. 2010-03-31 19:30:05,473 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-4-C64VPiXegTyLPKGjVtO5-cas] for service [https://winserver.xtanki.local:8443/cas/clearPass] for user [https://winserver.xtanki.local/coa/proxyCallback] 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] - Attempting to validate ticket: ST-4-C64VPiXegTyLPKGjVtO5-cas 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.util.CommonUtils] - serviceUrl generated: https://winserver.xtanki.local:8443/cas/clearPass 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Placing URL parameters in map. 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Calling template URL attribute map. 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Loading custom parameters from configuration. 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Constructing validation url: https://winserver.xtanki.local:8443/cas/serviceValidate?pgtUrl=https%3A%2F%2Fwinserver.xtanki.local%3A8443%2Fcoa%2FproxyCallback&ticket=ST-4-C64VPiXegTyLPKGjVtO5-cas&service=https%3A%2F%2Fwinserver.xtanki.local%3A8443%2Fcas%2FclearPass 2010-03-31 19:30:05,483 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Retrieving response from server. 2010-03-31 19:30:05,493 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://winserver.xtanki.local:8443/cas/clearPass 2010-03-31 19:30:05,493 DEBUG [org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] - Attempting to resolve credentials for [callbackUrl: https://winserver.xtanki.local:8443/coa/proxyCallback] 2010-03-31 19:30:05,503 DEBUG [org.jasig.cas.util.HttpClient] - Response Code did not match any of the acceptable response codes. Code returned was 404 2010-03-31 19:30:05,503 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler failed to authenticate the user which provided the following credentials: [callbackUrl: https://winserver.xtanki.local:8443/coa/proxyCallback] 2010-03-31 19:30:05,503 ERROR [org.jasig.cas.web.ServiceValidateController] - TicketException generating ticket for: [callbackUrl: https://winserver.xtanki.local:8443/coa/proxyCallback] org.jasig.cas.ticket.TicketCreationException: error.authentication.credentials.bad at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:293) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1) 
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
   at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) at org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:71) 
   at sun.reflect.GeneratedMethodAccessor54.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
   at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:622) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:611) at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) 
   at $Proxy26.delegateTicketGrantingTicket(Unknown Source)
at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:127) at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:647) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552) 
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:115) at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:44) at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:46) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) 
   at java.lang.Thread.run(Thread.java:619)
Caused by: error.authentication.credentials.bad
at org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25) at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:103) at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:42) at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44) at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:265) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44) at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1) 
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
   at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) at org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:71) 
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
   ... 37 more
2010-03-31 19:30:05,503 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to retrieve ticket [ST-4-C64VPiXegTyLPKGjVtO5-cas] 2010-03-31 19:30:05,503 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Ticket [ST-4-C64VPiXegTyLPKGjVtO5-cas] found in registry. 2010-03-31 19:30:05,503 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Removing ticket [ST-4-C64VPiXegTyLPKGjVtO5-cas] from registry 2010-03-31 19:30:05,503 DEBUG [org.jasig.cas.web.ServiceValidateController] - ServiceTicket [ST-4-C64VPiXegTyLPKGjVtO5-cas] does not satisfy validation specification. 2010-03-31 19:30:05,513 DEBUG [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] - Server response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> 
   <cas:authenticationFailure code='INVALID_TICKET'>
Ticket failed validation specification. Possible errors could include attempting to validate a Proxy Ticket via a Service Ticket validator, or not complying with the renew true request. 
   </cas:authenticationFailure>
</cas:serviceResponse>
2010-03-31 19:30:05,513 WARN [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] - org.jasig.cas.client.validation.TicketValidationException: Ticket failed validation specification. Possible errors could include attempting to validate a Proxy Ticket via a Service Ticket validator, or not complying with the renew true request. org.jasig.cas.client.validation.TicketValidationException: Ticket failed validation specification. Possible errors could include attempting to validate a Proxy Ticket via a Service Ticket validator, or not complying with the renew true request. at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:73) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:188) at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) 
   at java.lang.Thread.run(Thread.java:619)


Francisco

William G. Thompson, Jr. wrote:

On Tue, Mar 30, 2010 at 2:22 PM, Francisco Estanqueiro
<[email protected]> wrote:

I've installed the web app 
http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample,
 and verified that the PT's are being issued correctly.

I've the ClearPass extension working.

I've a virtual directory named coa in the Default Web Site tree (the same as 
owa), in the DefaultAppPool.

I've web.config changed to this: (only changed <appSettings> and 
<casClientConfig>)
 <appSettings>
 <add key="CasOwa.ClearPassUrl"
 value="https://winserver.xtanki.local:8443/cas/clearPass"/>
<add key="CasOwa.OwaUrl" value="https://winserver.xtanki.local/owa"/>
 <add key="CasOwa.skipOwaUrlCertificateValidation" value="false" />
 </appSettings>

<connectionStrings />

 <casClientConfig
 casServerLoginUrl="https://winserver.xtanki.local:8443/cas/login";
              serverName="https://winserver.xtanki.local:8443";
               secureUriRegex="(?i)/auth"

 casServerUrlPrefix="https://winserver.xtanki.local:8443/cas";
             redirectAfterValidation="false"
              useSession="false"
             gateway="false"
               renew="false"
               ticketValidatorName="Cas20"
              ticketTimeTolerance="5000"
              singleSignOut="false"
               proxyGrantingTicketReceptor="true"

 proxyCallbackUrl="https://winserver.xtanki.local/coa/proxyCallback";               
proxyReceptorUrl="/coa/proxyCallback" />


So, now what I'm suppose to see in the link https://winserver.xtanki.local/coa/.


The Default.aspx page, which currently just contains the string 'coa'.
 It could be contain link to the /coa/auth  which should redirect you
to CAS if you are not yet authenticated, and then to the OWA via the
CasOwa.OwaUrl config above.


Verified also that https://winserver.xtanki.local/coa/auth or 
https://winserver.xtanki.local/coa/proxyCallback gives me a 404 IIS error.


You're almost there...you need the Http Handler Mappings configured
for the coa directory.

Http Handler Mappings
CasOwa requires two HandlerMapping configurations, one for
CasOwaAuthHandler and one for the DotNetCasProxyCallback.

       CasOwaAuthHandler Mapping
       Request path: auth
       Type: CasOwa.CasOwaAuthHandler
       Name: CasOwaAuthHandler

       DotNetCasProxyCallback Mapping
       Request path: proxyCallback
       Type: CasOwa.CasOwaAuthHandler
       Name: DotNetCasProxyCallback

Bill




Francisco


________________________________________
De: William G. Thompson, Jr. [[email protected]]
Enviado: terça-feira, 30 de Março de 2010 19:06
Para: Francisco Estanqueiro
Cc: [email protected]
Assunto: Re: CasOwa - help please

On Tue, Mar 30, 2010 at 1:49 PM, Francisco Estanqueiro
<[email protected]> wrote:

But the handlers arent automaticly configured by having them in the web.config 
on COA Virtual Directory? Or I have to add another handler somewhere? I'm not 
understanding how this works.. how the redirection from owa to coa works? The 
only thing I've done is create a coa virtual directory and changed the 
web.config url's.

There aren't any step-by-step instructions available for your
configuration.  You'll need to understand well how to configure http
modules and handlers in IIS6, I would start there.  You'll also need
to understand SSL certs and how to configure them for IIS and Java.

The current CasOwa distribution doesn't provide any redirection from
owa to coa.  Users can authenticated by going directly to the coa Url.

Cheers,
Bill


Cumprimentos,
--------------------------------
Francisco Estanqueiro (https://www.ci.fc.ul.pt/rh/fwestanqueiro)
Suporte | Centro Informática | FCUL
E-mail: [email protected] | Ext: 21248 |  Tel: 21 750 00 67
--------------------------------
Por favor consulte sempre http://www.ci.fc.ul.pt antes de recorrer ao nosso 
Suporte a Utilizadores
________________________________________
De: William G. Thompson, Jr. [[email protected]]
Enviado: terça-feira, 30 de Março de 2010 18:44
Para: Francisco Estanqueiro
Cc: [email protected]
Assunto: Re: CasOwa - help please

On Tue, Mar 30, 2010 at 1:36 PM, Francisco Estanqueiro
<[email protected]> wrote:

5) Whats the managed pipeline mode and How do I set it to Integrated?


Managed Pipeline mode is a new unified request processing pipeline
that is exposed to both native and managed components in IIS7.  Is is
not available on IIS6.
http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/


This means I cant use casowa with windows server 2003? (since there's no
IIS7 for ws2003)

No.  It should work with IIS6 just find.  Configuration of the Modules
and Handlers is a little different though.  This might help:
http://arcware.net/use-a-single-web-config-for-iis6-and-iis7/

Bill


Francisco

William G. Thompson, Jr. wrote:

On Mon, Mar 29, 2010 at 10:32 PM, Francisco Estanqueiro
<[email protected]> wrote:


Hi,


Hi, Francisco.  I'll respond inline below...




I'm trying to figure out a way to casify Outlook Web Access and I found
out
about this CasOwa.

I read this thread (the few information there is about casowa),
http://www.mail-archive.com/[email protected]/msg03914.html, but
since I'm really a noob in the IIS bussiness so I have some questions.

Here's what I've done:
_________________________________________________________________
clearPass installed in my CAS server (3.4.1) with this Maven's
dependency:

<artifactId>clearpass-webapp</artifactId>
 <version>1.0.1.GA</version>

in the URL: https://winserver.xtanki.local:8443/cas/clearPass
_________________________________________________________________

I have Windows Server 2003 with Exchange 2007, the Outlook Web Access is
running:

OWA: https://winserver.xtanki.local/owa

_________________________________________________________________

I've downloaded the casowa zip file, changed the web.config beans:
 <appSettings> and <casClientConfig>.

<appSettings>
 <add key="CasOwa.ClearPassUrl"
value="https://winserver.xtanki.local:8443/cas/clearPass"/>
 <add key="CasOwa.OwaUrl" value="https://winserver.xtanki.local/owa"/>
 <add key="CasOwa.skipOwaUrlCertificateValidation" value="false" />
 </appSettings>

 <connectionStrings />


 <casClientConfig
casServerLoginUrl="https://winserver.xtanki.local:8443/cas/login";
                serverName="https://winserver.xtanki.local:8443";
                secureUriRegex="(?i)/auth"

 casServerUrlPrefix="https://winserver.xtanki.local:8443/cas";
                redirectAfterValidation="false"
                useSession="false"
                gateway="false"
                renew="false"
                ticketValidatorName="Cas20"
                ticketTimeTolerance="5000"
                singleSignOut="false"
                proxyGrantingTicketReceptor="true"

 proxyCallbackUrl="https://winserver.xtanki.local/coa/proxyCallback";
                proxyReceptorUrl="/coa/proxyCallback" />
_________________________________________________________________

Created a virtual directory in my IIS 6.0 on the Default Web Site tree
with
the name "coa".
_________________________________________________________________

So now here's my questions:

1) The properties (authentication, httphandlers, etc) in the web.config
file
supplied in the casowa zip, are to copy to the web.config file in the OWA
virtual directory? Or just leave it like that in the coa Virtual
Directory?


They go in the coa virtual directory.  Nothing in casowa.zip goes into
OWA directory.




2) The property proxyCallbackUrl in casClientConfig bean.. what does it
mean? Its automatically created by the casowa client?


This the URL that CAS will use to authenticated and fulfill coa
requests for a ProxyTickets.




3) How do I test if clearPass is working? If i go to the address
https://winserver.xtanki.local:8443/cas/clearPass it redirects me to the
/login servlet..


See: http://www.unicon.net/blog/3/deploying_clearpass

You could also deploy the Java Client Simple WebApp Sample to ensure
ProxyTickets are working properly.

http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample




4) The Http HandlerMappins / Http Modules are supposed to be hardcoded
into
the web.config file of owa? Where do I configure that in IIS 6??


Handlers and Modules are configured in Web.config either by hand or
using the IIS Manager:

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/b0c14479-83e3-435d-a935-819fe396e7d2.mspx?mfr=true




5) Whats the managed pipeline mode and How do I set it to Integrated?


Managed Pipeline mode is a new unified request processing pipeline
that is exposed to both native and managed components in IIS7.  Is is
not available on IIS6.

http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/

Hope this helps.

Cheers,
Bill



Thanks for your time,

Francisco





--
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to