I'm currently unsing ver 1.3 phpClient to let my web application access through
a cas server. I've a redirection problem and I'm trying to figure out whether
the problem is at cas client side or Cas server side. The question is about
CASClient::getUrl() function.
I get the wrong
Final URI: http://SUBLQ11486.dom2.ad.sys/DDS/
while expecting
Final URI: http://10.115.0.46/DDS/
Note that the SUBLQ11486.dom2.ad.sys is the Cas server Url, while
http://10.115.0.46/DDS/ is my application Url.
getUrl() function builds the Final URI trhough the _SERVER[] array, and this is
suplied by the server (application web server or Cas server)
So, what it seems to me, is that when the CAS server calls back phpCAS::client
(after username/pwd request) with a wrong _SERVER[] array, hence the final URI
gets wrong (lines 47 in attached log file).
At line 49 I would expect
_SERVER[HTTP_X_FORWARDED_SERVER] = empty
_SERVER[SERVER_NAME] = 10.0.115.46
_SERVER[HTTP_HOST] = 10.0.115.46
but I get
_SERVER[HTTP_X_FORWARDED_SERVER] = SUBLQ11486.dom2.ad.sys
_SERVER[SERVER_NAME] = SUBLQ11486.dom2.ad.sys
_SERVER[HTTP_HOST] = SUBLQ11486.dom2.ad.sys
So I think the Cas server is not working properly.
Am I correct?
Thanks a lot for your help.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
1254 .START phpCAS-1.1.3 ****************** [CAS.php:470]
1254 .=> phpCAS::client('2.0', 'sublq11486.dom2.ad.sys/cas', 443, '', false)
[users_controller.php:143]
1254 .| => CASClient::CASClient('2.0', false, 'sublq11486.dom2.ad.sys/cas',
443, '', false) [CAS.php:373]
1254 .| <= ''
1254 .<= ''
1254 .=> phpCAS::setNoCasServerValidation() [users_controller.php:146]
1254 .<= ''
1254 .=> phpCAS::forceAuthentication() [users_controller.php:149]
1254 .| => CASClient::forceAuthentication() [CAS.php:893]
1254 .| | => CASClient::isAuthenticated() [client.php:869]
1254 .| | | => CASClient::wasPreviouslyAuthenticated() [client.php:974]
1254 .| | | | no user found [client.php:1110]
1254 .| | | <= false
1254 .| | | no ticket found [client.php:1027]
1254 .| | <= false
1254 .| | => CASClient::redirectToCas(false) [client.php:878]
1254 .| | | => CASClient::getServerLoginURL(false, false)
[client.php:1127]
1254 .| | | | => CASClient::getURL() [client.php:361]
1254 .| | | | | Eos debug : server_name <== _SERVER[SERVER_NAME]
[client.php:2663]
1254 .| | | | | Eos debug : HTTP_X_FORWARDED_SERVER :empty
[client.php:2695]
1254 .| | | | | Eos debug : SERVER_NAME :10.115.0.46
[client.php:2704]
1254 .| | | | | Eos debug : HTTP_HOST :10.115.0.46
[client.php:2711]
1254 .| | | | | Final URI: http://10.115.0.46/DDS/
[client.php:2716]
1254 .| | | | <= 'http://10.115.0.46/DDS/'
1254 .| | | <=
'https://sublq11486.dom2.ad.sys/cas/login?service=http%3A%2F%2F10.115.0.46%2FDDS%2F'
1254 .| | | Redirect to :
https://sublq11486.dom2.ad.sys/cas/login?service=http%3A%2F%2F10.115.0.46%2FDDS%2F
1254 .| | | exit()
1254 .| | | -
1254 .| | -
1254 .| -
7F1C .START phpCAS-1.1.3 ****************** [CAS.php:470]
7F1C .=> phpCAS::client('2.0', 'sublq11486.dom2.ad.sys/cas', 443, '', false)
[users_controller.php:143]
7F1C .| => CASClient::CASClient('2.0', false, 'sublq11486.dom2.ad.sys/cas',
443, '', false) [CAS.php:373]
7F1C .| | ST or PT 'ST-739-L4mZVdSFXvKiVtssAKXF-cas' found
[client.php:677]
7F1C .| <= ''
7F1C .<= ''
7F1C .=> phpCAS::setNoCasServerValidation() [users_controller.php:146]
7F1C .<= ''
7F1C .=> phpCAS::forceAuthentication() [users_controller.php:149]
7F1C .| => CASClient::forceAuthentication() [CAS.php:893]
7F1C .| | => CASClient::isAuthenticated() [client.php:869]
7F1C .| | | => CASClient::wasPreviouslyAuthenticated() [client.php:974]
7F1C .| | | | no user found [client.php:1110]
7F1C .| | | <= false
7F1C .| | | PT `ST-739-L4mZVdSFXvKiVtssAKXF-cas' is present
[client.php:1005]
7F1C .| | | => CASClient::validatePT('', NULL, NULL) [client.php:1006]
7F1C .| | | | => CASClient::getURL() [client.php:481]
7F1C .| | | | | Eos debug : server_name <==
_SERVER[HTTP_X_FORWARDED_SERVER] [client.php:2668]
7F1C .| | | | | Eos debug : HTTP_X_FORWARDED_SERVER
:SUBLQ11486.dom2.ad.sys [client.php:2697]
7F1C .| | | | | Eos debug : SERVER_NAME :sublq11486.dom2.ad.sys
[client.php:2704]
7F1C .| | | | | Eos debug : HTTP_HOST :sublq11486.dom2.ad.sys
[client.php:2711]
7F1C .| | | | | Final URI: http://SUBLQ11486.dom2.ad.sys/DDS/
[client.php:2716]
7F1C .| | | | <= 'http://SUBLQ11486.dom2.ad.sys/DDS/'
7F1C .| | | | =>
CASClient::readURL('https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=
http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas',
'', NULL, NULL, NULL) [client.php:2536]
7F1C .| | | | <= true
7F1C .| | | | => CASClient::authError('PT not validated',
'https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas',
false, false, '<cas:serviceResponse xmlns:cas=\'http://www.yale.edu/tp/cas\'>
<cas:authenticationFailure code=\'INVALID_SERVICE\'> Il ticket
'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non corrisponde a nessun servizio
disponibile </cas:authenticationFailure></cas:serviceResponse>',
'INVALID_SERVICE', 'Il ticket \'ST-739-L4mZVdSFXvKiVtssAKXF-cas\' non
corrisponde a nessun servizio disponibile') [client.php:2590]
7F1C .| | | | | => CASClient::getURL() [client.php:2776]
7F1C .| | | | | <= 'http://SUBLQ11486.dom2.ad.sys/DDS/'
7F1C .| | | | | CAS URL:
https://sublq11486.dom2.ad.sys/cas/proxyValidate?service=http%3A%2F%2FSUBLQ11486.dom2.ad.sys%2FDDS%2F&ticket=ST-739-L4mZVdSFXvKiVtssAKXF-cas
[client.php:2777]
7F1C .| | | | | Authentication failure: PT not validated
[client.php:2778]
7F1C .| | | | | Reason: [INVALID_SERVICE] CAS error: Il ticket
'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non corrisponde a nessun servizio disponibile
[client.php:2793]
7F1C .| | | | | CAS response: <cas:serviceResponse
xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_SERVICE'>
Il ticket 'ST-739-L4mZVdSFXvKiVtssAKXF-cas' non
corrisponde a nessun servizio disponibile
</cas:authenticationFailure>
</cas:serviceResponse>
[client.php:2797]
7F1C .| | | | | exit()
7F1C .| | | | | -
7F1C .| | | | -
7F1C .| | | -
7F1C .| | -
7F1C .| -
