[cas-user] CAS ticket problems and server validation

Fri, 30 Jul 2010 09:08:20 -0700 

What should I be looking at and in what file?  What am I missing?  World
peace can it ever be achieved?

History
OK I have a CAS client and and CAS server setup running on a single server
in the same server instance of Glassfish.  Everything seems to be working. 
I can use themes and get attributes from my LDAP backend using the SAML
protocol - great

I have another server with uportal setup.  I wanted to redirect
authentication to my new CAS server.

In the uportal "security.properties" file I'm pointing the login link to
"https://<casserver>:8181/cas/login?service=https://<uportal_server>/uPortal/Login"

When I click the login button in uportal I get the CAS server login page
with a custom theme I created (This is the correct behavior)

Once I authenticate and the url redirects to the service URL, I get the
following error on screen

http 500
javax.servlet.ServletException:
org.jasig.cas.client.validation.TicketValidationException: 
                                ticket 'ST-11-BYBKifdNjb7dstiWOlvw-cas' does
not match supplied service.  The original service was
'https://<uportal_server>/uPortal/Login' and the supplied service was
'https://<casserver>:8181/uPortal/Login'.
                
               
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:155)
 
What the HELL!!!

OK now I researched and found the "CAS Functional Tests" page
https://wiki.jasig.org/display/CAS/CAS+Functional+Tests

When I run the first three steps on the Validation Tests
1. visit /login?service=foo  - GOOD
2. enter correct credentials - GOOD
3. you should be redirected to foo with a valid service ticket - BAD

I see the follwoing URL with the CAS server "Log In successful" message
https://<casserver>:8181/cas/login?ticket=ST-1-qQmqqJUbxDlz69hfuyTM-cas

Shouldn't "foo" be somewhere in the url if everything is working right?
-- 
View this message in context: 
http://jasig.275507.n4.nabble.com/CAS-ticket-problems-and-server-validation-tp2308144p2308144.html
Sent from the CAS Users mailing list archive at Nabble.com.

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to