On Fri, Nov 12, 2010 at 9:30 AM, James Winter <[email protected]> wrote: > We have some additional problems (the test server is unable to access the > CAS server at all) so I'm going to have to wait until that's resolved.
That would help. :) > > Both servers are using commericial certs, and I'm pretty sure Clearpass is > working. When I go to /cas/clearPass I don't get a login prompt, I just get > the "No authentication information provided." response. Login first, and then try the clearPass URL you should get the following: <cas:clearPassResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:clearPassFailure>invalid sevice specified</cas:clearPassFailure> </cas:clearPassResponse> Bill > James > > > > On Fri, Nov 12, 2010 at 9:13 AM, William G. Thompson, Jr. <[email protected]> > wrote: >> >> If you're using self-signed certs, both IIS and the CAS JVM must be >> configured to trust them. >> >> If you're using commercial certs there shouldn't be an issue. >> >> Have you verified Clearpass extension is working? >> >> 7. Verify ClearPass install >> Authenticate normally by visiting https://{host}/cas/clearPass. You >> should get this message back. >> >> <cas:clearPassResponse xmlns:cas='http://www.yale.edu/tp/cas'> >> <cas:clearPassFailure>invalid sevice >> specified</cas:clearPassFailure> >> </cas:clearPassResponse> >> >> >> Bill >> >> >> >> On Fri, Nov 12, 2010 at 9:04 AM, James Winter <[email protected]> wrote: >> > Sorry to be clueless, I was kind of thrown into the deep end here with >> > the >> > CAS/OWA implentation. What do you mean by "cert is known to the cas jvm >> > and >> > vice versa"? >> > I did get a valid SSL certificate for our test server with no change. I >> > still get the HttpContext.Current.User is null error. >> > Thanks for the help. >> > >> > James >> > >> > >> > >> > On Thu, Nov 11, 2010 at 9:40 PM, William G. Thompson, Jr. >> > <[email protected]> >> > wrote: >> >> >> >> You need to make sure that the exchange server cert is known to the >> >> cas jvm and visa versa. >> >> >> >> Bill >> >> >> >> >> >> On Thu, Nov 11, 2010 at 9:30 PM, James Winter <[email protected]> >> >> wrote: >> >> > I'm a little farther, I'm now at the point where I get the >> >> > "HttpContext.Current.User is null" error but I read that they be due >> >> > to >> >> > an >> >> > incorrect SSL certificate which our Exchange server has. I set the >> >> > skip >> >> > OWA >> >> > cert parameter to false, but I don't know if that effects the CAS >> >> > side >> >> > of >> >> > things. >> >> > Is there something I need to do on the CAS side of the setup to allow >> >> > the >> >> > process, or should a correct SSL cert do the trick? >> >> > I'll find out tomorrow. >> >> > >> >> > -James >> >> > On Nov 11, 2010, at 7:39 PM, "William G. Thompson, Jr." >> >> > <[email protected]> >> >> > wrote: >> >> > >> >> > Did you follow these instructions? >> >> > https://wiki.jasig.org/pages/viewpage.action?pageId=29133913 >> >> > >> >> > Bill >> >> > >> >> > >> >> > On Thu, Nov 11, 2010 at 4:29 PM, James Winter <[email protected]> >> >> > wrote: >> >> > >> >> > Some background: >> >> > >> >> > I setup the CAS Client for OWA on a test Exchange 2003 server in IIS >> >> > 6 >> >> > and I >> >> > >> >> > can successfully get to server.domain.local/coa/auth. I get >> >> > redirected >> >> > to >> >> > >> >> > the CAS login, which then redirects me back to >> >> > >> >> > server.domain.local/coa/auth?ticket=ST-XXX-xxxxetc which gives me a >> >> > 404 >> >> > >> >> > error. >> >> > >> >> > Am I missing a configuration piece somewhere? Or does anyone know >> >> > what >> >> > the >> >> > >> >> > CasOwa.OwaUrl should be for Exchange 2003? I've tried /exchange, >> >> > /exchweb, >> >> > >> >> > /exchweb/bin/auth, and a few others with no change. >> >> > >> >> > Thanks. >> >> > >> >> > -James >> >> > >> >> > -- >> >> > >> >> > You are currently subscribed to [email protected] as: >> >> > >> >> > [email protected] >> >> > >> >> > To unsubscribe, change settings or access archives, see >> >> > >> >> > http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > >> >> > -- >> >> > You are currently subscribed to [email protected] as: >> >> > [email protected] >> >> > To unsubscribe, change settings or access archives, see >> >> > http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > >> >> > -- >> >> > You are currently subscribed to [email protected] as: >> >> > [email protected] >> >> > To unsubscribe, change settings or access archives, see >> >> > http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> >> -- >> >> You are currently subscribed to [email protected] as: >> >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > >> > -- >> > You are currently subscribed to [email protected] as: >> > [email protected] >> > To unsubscribe, change settings or access archives, see >> > http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
